------------------------------------------------------------------ --- Changelog.all ----------- Sat Jan 18 14:28:07 UTC 2025 ------ ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------ 2025-1-18 - Jan 18 2025 ------------------- ------------------------------------------------------------------ ++++ Leap-release: - automatically generated by openSUSE-release-tools/pkglistgen ------------------------------------------------------------------ ------------------ 2025-1-14 - Jan 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-default: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ dtb-aarch64: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-debug: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-source: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-docs: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-kvmsmall: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-obs-build: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-obs-qa: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-syms: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ kernel-zfcpdump: - Enable CONFIG_BUG_ON_DATA_CORRUPTION (jsc#PED-11849) - commit ad832d9 - Remove superflous References tags. - Refresh patches.suse/0001-Lock-down-x86_64-kernel-in-secure-boot-mode-in-subsy.patch. - Refresh patches.suse/0002-security-Add-a-kernel-lockdown-flag-for-early-boot-s.patch. - commit 53733e1 - Delete patches.suse/btrfs-fix-use-after-free-waiting-for-encoded-read-en.patch (bsc#1235128) - commit 6ac27ed - Update config files. Disable HARDENED_USERCOPY by default but can be re-enabled via the kernel command line. - commit b89f0e3 - mm: security: Allow default HARDENED_USERCOPY to be set at compile time (jsc#PED-11838). - mm: security: Move hardened usercopy under 'Kernel hardening options' (jsc#PED-11838). - commit 6f73ffe ++++ patterns-sles: - No longer recommends nscd, it is deprecated in recent systemd. ------------------------------------------------------------------ ------------------ 2025-1-13 - Jan 13 2025 ------------------- ------------------------------------------------------------------ ++++ agama-products: - Update SLES4SAP ID to SLES_SAP (gh#agama-project/agama#1890). ++++ kernel-64kb: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-default: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ dtb-aarch64: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-debug: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-source: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-docs: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-firmware: - Update to version 20250111 (git commit b3049665a5d0): * amdgpu: DMCUB updates for various AMDGPU ASICs * amdgpu: update sdma 6.0.3 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update sdma 4.4.5 firmware * amdgpu: update psp 13.0.14 firmware * amdgpu: update gc 9.4.4 firmware * amdgpu: update psp 13.0.5 firmware * amdgpu: update vega20 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update picasso firmware * amdgpu: update beige goby firmware * amdgpu: update vangogh firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update navy flounder firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update psp 13.0.4 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update vcn 4.0.6 firmware * amdgpu: update psp 14.0.1 firmware * amdgpu: update vcn 4.0.5 firmware * amdgpu: update gc 11.5.0 firmware * amdgpu: update vcn 5.0.0 firmware * amdgpu: update smu 14.0.3 firmware * amdgpu: update psp 14.0.3 firmware * amdgpu: update gc 12.0.1 firmware * amdgpu: update navi14 firmware * amdgpu: update arcturus firmware * amdgpu: update renoir firmware * amdgpu: update smu 14.0.2 firmware * amdgpu: update psp 14.0.2 firmware * amdgpu: update gc 12.0.0 firmware * amdgpu: update navi12 firmware * amdgpu: update vcn 4.0.3 firmware * amdgpu: update sdma 4.4.2 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update yellow carp firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update psp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update navi10 firmware * amdgpu: update aldebaran firmware * cirrus: cs35l56: Correct some links to address the correct amp instance * linux-firmware: Update firmware file for Intel Bluetooth Magnetar core * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * cirrus: cs35l41: Add Firmware for Ayaneo system 1f660105 * Fix has_gnu_parallel function ++++ kernel-kvmsmall: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-obs-build: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-obs-qa: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-syms: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ++++ kernel-zfcpdump: - Update patches.suse/ACPI-x86-Add-adev-NULL-check-to-acpi_quirk_skip_serd.patch (stable-fixes CVE-2024-56782 bsc#1235629). - Update patches.suse/ALSA-6fire-Release-resources-at-card-release.patch (git-fixes CVE-2024-53239 bsc#1235054). - Update patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56531 bsc#1235057). - Update patches.suse/ALSA-control-Avoid-WARN-for-symlink-errors.patch (git-fixes CVE-2024-56657 bsc#1235432). - Update patches.suse/ALSA-core-Fix-possible-NULL-dereference-caused-by-ku.patch (git-fixes CVE-2024-56696 bsc#1235539). - Update patches.suse/ALSA-memalloc-prefer-dma_mapping_error-over-explicit.patch (git-fixes CVE-2024-57800 bsc#1235772). - Update patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch (stable-fixes CVE-2024-53180 bsc#1234929). - Update patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch (git-fixes CVE-2024-56532 bsc#1235059). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch (stable-fixes CVE-2024-53150 bsc#1234834). - Update patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch (git-fixes CVE-2024-53197 bsc#1235464). - Update patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch (git-fixes CVE-2024-56533 bsc#1235053). - Update patches.suse/ASoC-Intel-sof_sdw-Add-space-for-a-terminator-into-D.patch (git-fixes CVE-2024-57880 bsc#1235800). - Update patches.suse/ASoC-SOF-Intel-hda-dai-Do-not-release-the-link-DMA-o.patch (git-fixes CVE-2024-57805 bsc#1235790). - Update patches.suse/ASoC-imx-audmix-Add-NULL-check-in-imx_audmix_probe.patch (git-fixes CVE-2024-53199 bsc#1234967). - Update patches.suse/ASoC-mediatek-Check-num_codecs-is-not-zero-to-avoid-.patch (git-fixes CVE-2024-56685 bsc#1235561). - Update patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch (stable-fixes CVE-2024-56605 bsc#1235061). - Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch (git-fixes CVE-2024-53207 bsc#1234907). - Update patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch (git-fixes CVE-2024-53208 bsc#1234909). - Update patches.suse/Bluetooth-RFCOMM-avoid-leaving-dangling-sk-pointer-i.patch (stable-fixes CVE-2024-56604 bsc#1235056). - Update patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch (git-fixes CVE-2024-53238 bsc#1234910). - Update patches.suse/Bluetooth-btmtk-avoid-UAF-in-btmtk_process_coredump.patch (git-fixes CVE-2024-56653 bsc#1235531). - Update patches.suse/Bluetooth-btusb-mediatek-add-intf-release-flow-when-.patch (stable-fixes CVE-2024-56757 bsc#1235619). - Update patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch (git-fixes CVE-2024-53237 bsc#1235007). - Update patches.suse/Bluetooth-hci_conn-Use-disable_delayed_work_sync.patch (stable-fixes CVE-2024-56591 bsc#1235052). - Update patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch (stable-fixes CVE-2024-56590 bsc#1235038). - Update patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch (git-fixes CVE-2024-56654 bsc#1235532). - Update patches.suse/Bluetooth-iso-Always-release-hdev-at-the-end-of-iso_.patch (git-fixes CVE-2024-57879 bsc#1235802). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_conn_big_sync.patch (git-fixes CVE-2024-54191 bsc#1235717). - Update patches.suse/Bluetooth-iso-Fix-circular-lock-in-iso_listen_bis.patch (git-fixes CVE-2024-54460 bsc#1235722). - Update patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch (git-fixes CVE-2024-56629 bsc#1235473). - Update patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch (git-fixes CVE-2024-53217 bsc#1234999). - Update patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch (git-fixes CVE-2024-53146 bsc#1234853). - Update patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch (git-fixes CVE-2024-53173 bsc#1234891). - Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch (git-fixes CVE-2024-56745 bsc#1235563). - Update patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch (stable-fixes CVE-2024-53194 bsc#1235459). - Update patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch (git-fixes CVE-2024-56760 bsc#1235616). - Update patches.suse/PCI-endpoint-Fix-PCI-domain-ID-release-in-pci_epc_de.patch (git-fixes CVE-2024-56561 bsc#1235105). - Update patches.suse/PCI-endpoint-epf-mhi-Avoid-NULL-dereference-if-DT-la.patch (git-fixes CVE-2024-56689 bsc#1235543). - Update patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch (stable-fixes CVE-2024-57809 bsc#1235793). - Update patches.suse/PCI-qcom-ep-Move-controller-cleanups-to-qcom_pcie_pe.patch (git-fixes CVE-2024-53153 bsc#1234830). - Update patches.suse/PCI-tegra194-Move-controller-cleanups-to-pex_ep_even.patch (git-fixes CVE-2024-53152 bsc#1234841). - Update patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch (jsc#PED-11250 CVE-2024-56722 bsc#1235570). - Update patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch (git-fixes CVE-2024-53224 bsc#1235009). - Update patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch (jsc#PED-11323 CVE-2024-53229 bsc#1234905). - Update patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch (git-fixes CVE-2024-53174 bsc#1234899). - Update patches.suse/accel-ivpu-Fix-WARN-in-ivpu_ipc_send_receive_interna.patch (git-fixes CVE-2024-54193 bsc#1235713). - Update patches.suse/accel-ivpu-Fix-general-protection-fault-in-ivpu_bo_l.patch (git-fixes CVE-2024-54455 bsc#1235719). - Update patches.suse/accel-ivpu-Prevent-recovery-invocation-during-probe-.patch (git-fixes CVE-2024-56540 bsc#1235063). - Update patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch (git-fixes CVE-2024-56662 bsc#1235533). - Update patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch (git-fixes CVE-2024-56567 bsc#1234916). - Update patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606 bsc#123541 bsc#1235417). - Update patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch (git-fixes CVE-2024-56741 bsc#1235502). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_FPMR.patch (git-fixes CVE-2024-57878 bsc#1235803). - Update patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_POE.patch (git-fixes CVE-2024-57877 bsc#1235804). - Update patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch (bsc#1234726 CVE-2024-56672 bsc#1235534). - Update patches.suse/bnxt_en-Fix-aggregation-ID-mask-to-prevent-oops-on-5.patch (jsc#PED-10684 jsc#PED-11230 CVE-2024-56656 bsc#1235444). - Update patches.suse/cacheinfo-Allocate-memory-during-CPU-hotplug-if-not-done-f.patch (jsc#PED-10467 CVE-2024-56617 bsc#1235429). - Update patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch (git-fixes CVE-2024-56625 bsc#1235223). - Update patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch (git-fixes CVE-2024-56651 bsc#1235528). - Update patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch (git-fixes CVE-2024-56645 bsc#1235134). - Update patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch (git-fixes CVE-2024-53154 bsc#1234826). - Update patches.suse/clk-clk-loongson2-Fix-memory-corruption-bug-in-struc.patch (git-fixes CVE-2024-53193 bsc#1234902). - Update patches.suse/clk-clk-loongson2-Fix-potential-buffer-overflow-in-f.patch (git-fixes CVE-2024-53192 bsc#1234956). - Update patches.suse/clk-ralink-mtmips-fix-clocks-probe-order-in-oldest-r.patch (git-fixes CVE-2024-53223 bsc#1234976). - Update patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch (git-fixes CVE-2024-56681 bsc#1235557). - Update patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch (git-fixes CVE-2024-56754 bsc#1234918). - Update patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch (git-fixes CVE-2024-56690 bsc#1235428). - Update patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53163 bsc#1234828). - Update patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch (git-fixes CVE-2024-53162 bsc#1234843). - Update patches.suse/dlm-fix-dlm_recover_members-refcount-on-error.patch (git-fixes CVE-2024-56749 bsc#1235628). - Update patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch (git-fixes CVE-2024-47809 bsc#1235714). - Update patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch (stable-fixes CVE-2024-47143 bsc#1235710). - Update patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch (git-fixes CVE-2024-56767 bsc#1235160). - Update patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch (git-fixes CVE-2024-56546 bsc#1235070). - Update patches.suse/drm-amd-display-Adding-array-index-check-to-prevent-.patch (stable-fixes CVE-2024-56784 bsc#1235654). - Update patches.suse/drm-amd-display-Fix-handling-of-plane-refcount.patch (stable-fixes CVE-2024-56775 bsc#1235657). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch (git-fixes CVE-2024-53200 bsc#1234968). - Update patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch (git-fixes CVE-2024-53201 bsc#1234969). - Update patches.suse/drm-amd-display-Fix-out-of-bounds-access-in-dcn21_li.patch (stable-fixes CVE-2024-56608 bsc#1235487). - Update patches.suse/drm-amd-display-fix-a-memleak-issue-when-driver-is-r.patch (git-fixes CVE-2024-56542 bsc#1234908). - Update patches.suse/drm-amdgpu-Fix-the-memory-allocation-issue-in-amdgpu.patch (git-fixes CVE-2024-56697 bsc#1235544). - Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch (git-fixes CVE-2024-46896 bsc#1235707). - Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch (stable-fixes CVE-2024-56551 bsc#1235075). - Update patches.suse/drm-amdgpu-gfx9-Add-Cleaner-Shader-Deinitialization-.patch (git-fixes CVE-2024-56753 bsc#1235631). - Update patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch (stable-fixes CVE-2024-56594 bsc#1235413). - Update patches.suse/drm-amdkfd-Dereference-null-return-value.patch (git-fixes CVE-2024-56666 bsc#1235242). - Update patches.suse/drm-amdkfd-Use-dynamic-allocation-for-CU-occupancy-a.patch (git-fixes CVE-2024-56695 bsc#1235541). - Update patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch (stable-fixes CVE-2024-56616 bsc#1235427). - Update patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch (git-fixes CVE-2024-56667 bsc#1235016). - Update patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch (stable-fixes CVE-2024-56369 bsc#1235750). - Update patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch (git-fixes CVE-2024-56752 bsc#1234937). - Update patches.suse/drm-panel-himax-hx83102-Add-a-check-to-prevent-NULL-.patch (git-fixes CVE-2024-56711 bsc#1235562). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch (git-fixes CVE-2024-56776 bsc#1235647). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch (git-fixes CVE-2024-56777 bsc#1235641). - Update patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch (git-fixes CVE-2024-56778 bsc#1235635). - Update patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch (git-fixes CVE-2024-56683 bsc#1235497). - Update patches.suse/drm-xe-guc_submit-fix-race-around-suspend_pending.patch (git-fixes CVE-2024-56552 bsc#1235071). - Update patches.suse/drm-xe-reg_sr-Remove-register-pool.patch (git-fixes CVE-2024-56652 bsc#1235529). - Update patches.suse/drm-xlnx-zynqmp_disp-layer-may-be-null-while-releasi.patch (git-fixes CVE-2024-56537 bsc#1235049). - Update patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch (git-fixes CVE-2024-56538 bsc#1235051). - Update patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch (git-fixes CVE-2024-56573 bsc#1235042). - Update patches.suse/erofs-fix-blksize-PAGE_SIZE-for-file-backed-mounts.patch (git-fixes CVE-2024-56750 bsc#1235630). - Update patches.suse/erofs-fix-file-backed-mounts-over-FUSE.patch (git-fixes CVE-2024-53235 bsc#1234998). - Update patches.suse/erofs-handle-NONHEAD-delta-1-lclusters-gracefully.patch (git-fixes CVE-2024-53234 bsc#1235045). - Update patches.suse/exfat-fix-out-of-bounds-access-of-directory-entries.patch (git-fixes CVE-2024-53147 bsc#1234857). - Update patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch (git-fixes CVE-2024-56746 bsc#1235622). - Update patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch (git-fixes CVE-2024-53157 bsc#1234827). - Update patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch (git-fixes CVE-2024-53202 bsc#1234970). - Update patches.suse/gpio-graniterapids-Fix-vGPIO-driver-crash.patch (stable-fixes CVE-2024-56671 bsc#1235018). - Update patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch (git-fixes CVE-2024-56634 bsc#1235486). - Update patches.suse/i3c-Use-i3cdev-desc-info-instead-of-calling-i3c_devi.patch (stable-fixes CVE-2024-43098 bsc#1235703). - Update patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch (git-fixes CVE-2024-56562 bsc#1234930). - Update patches.suse/i3c-mipi-i3c-hci-Mask-ring-interrupts-before-ring-st.patch (stable-fixes CVE-2024-45828 bsc#1235705). - Update patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch (jsc#PED-10426 jsc#PED-10425 CVE-2024-52332 bsc#1235700). - Update patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch (git-fixes CVE-2024-56557 bsc#1235122). - Update patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch (git-fixes CVE-2024-53187 bsc#1234947). - Update patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch (git-fixes CVE-2024-56709 bsc#1235552). - Update patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch (git-fixes CVE-2024-56584 bsc#1235117). - Update patches.suse/iommu-s390-Implement-blocking-domain.patch (git-fixes bsc#1234350 CVE-2024-53232 bsc#1235050). - Update patches.suse/iommufd-Fix-out_fput-in-iommufd_fault_alloc.patch (git-fixes CVE-2024-56624 bsc#1235469). - Update patches.suse/ionic-Fix-netdev-notifier-unregister-on-failure.patch (jsc#PED-11378 CVE-2024-56715 bsc#1235612). - Update patches.suse/ionic-no-double-destroy-workqueue.patch (jsc#PED-11378 CVE-2024-56714 bsc#1235558). - Update patches.suse/irqchip-riscv-aplic-Prevent-crash-when-MSI-domain-is.patch (git-fixes CVE-2024-56682 bsc#1235559). - Update patches.suse/kcsan-Turn-report_filterlist_lock-into-a-raw_spinloc.patch (stable-fixes CVE-2024-56610 bsc#1235390). - Update patches.suse/kunit-Fix-potential-null-dereference-in-kunit_device.patch (git-fixes CVE-2024-56773 bsc#1235594). - Update patches.suse/kunit-string-stream-Fix-a-UAF-bug-in-kunit_init_suit.patch (git-fixes CVE-2024-56772 bsc#1235651). - Update patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch (stable-fixes CVE-2024-56587 bsc#1235125). - Update patches.suse/mailbox-mtk-cmdq-fix-wrong-use-of-sizeof-in-cmdq_get.patch (git-fixes CVE-2024-56684 bsc#1235560). - Update patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch (git-fixes CVE-2024-56705 bsc#1235568). - Update patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch (git-fixes CVE-2024-56769 bsc#1235155). - Update patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch (git-fixes CVE-2024-56576 bsc#1235019). - Update patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch (git-fixes CVE-2024-56575 bsc#1235039). - Update patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch (git-fixes CVE-2024-56578 bsc#1235115). - Update patches.suse/media-intel-ipu6-do-not-handle-interrupts-when-devic.patch (git-fixes CVE-2024-56680 bsc#1235556). - Update patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch (git-fixes CVE-2024-56577 bsc#1235112). - Update patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch (git-fixes CVE-2024-56572 bsc#1235043). - Update patches.suse/media-qcom-camss-fix-error-path-on-configuration-of-.patch (git-fixes CVE-2024-56580 bsc#1235114). - Update patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch (git-fixes CVE-2024-56574 bsc#1235040). - Update patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch (git-fixes CVE-2024-56571 bsc#1235037). - Update patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch (git-fixes CVE-2024-56700 bsc#1235500). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch (git-fixes CVE-2024-56723 bsc#1235571). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch (git-fixes CVE-2024-56724 bsc#1235577). - Update patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch (git-fixes CVE-2024-56691 bsc#1235425). - Update patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch (git-fixes CVE-2024-53103 bsc#1234024). - Update patches.suse/msft-hv-3082-HID-hyperv-streamline-driver-probe-to-avoid-devres-i.patch (git-fixes CVE-2024-56545 bsc#1235069). - Update patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch (git-fixes CVE-2024-55916 bsc#1235747). - Update patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch (git-fixes CVE-2024-56766 bsc#1235219). - Update patches.suse/mtd-spinand-winbond-Fix-512GW-01GW-01JW-and-02JW-ECC.patch (git-fixes CVE-2024-56771 bsc#1235649). - Update patches.suse/net-mlx5-DR-prevent-potential-error-pointer-derefere.patch (jsc#PED-11331 CVE-2024-56660 bsc#1235437). - Update patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch (git-fixes CVE-2024-53213 bsc#1234973). - Update patches.suse/nfs-blocklayout-Don-t-attempt-unregister-for-invalid-block-device.patch (git-fixes CVE-2024-53167 bsc#1234886). - Update patches.suse/nfs-localio-must-clear-res.replen-in-nfs_local_read_done.patch (git-fixes CVE-2024-56740 bsc#1234932). - Update patches.suse/nfs_common-must-not-hold-RCU-while-calling-nfsd_file_put_local.patch (git-fixes CVE-2024-56743 bsc#1235614). - Update patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch (git-fixes CVE-2024-56779 bsc#1235632). - Update patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch (git-fixes CVE-2024-56558 bsc#1235100). - Update patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch (git-fixes CVE-2024-53169 bsc#1234900). - Update patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch (git-fixes CVE-2024-56756 bsc#1234922). - Update patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch (git-fixes CVE-2024-49569 bsc#1235730). - Update patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch (git-fixes CVE-2024-56632 bsc#1235483). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-cn10.patch (jsc#PED-11317 CVE-2024-56726 bsc#1235582). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-69297b0d.patch (jsc#PED-11317 CVE-2024-56725 bsc#1235578). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-bd3110bc.patch (jsc#PED-11317 CVE-2024-56727 bsc#1235583). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-e26f8eac.patch (jsc#PED-11317 CVE-2024-56728 bsc#1235656). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2-f5b942e6.patch (jsc#PED-11317 CVE-2024-56707 bsc#1235545). - Update patches.suse/octeontx2-pf-handle-otx2_mbox_get_rsp-errors-in-otx2.patch (jsc#PED-11317 CVE-2024-56679 bsc#1235498). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb2phy_probe.patch (git-fixes CVE-2024-53205 bsc#1234954). - Update patches.suse/phy-realtek-usb-fix-NULL-deref-in-rtk_usb3phy_probe.patch (git-fixes CVE-2024-53204 bsc#1234955). - Update patches.suse/phy-rockchip-samsung-hdptx-Set-drvdata-before-enabli.patch (git-fixes CVE-2024-57799 bsc#1235770). - Update patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch (stable-fixes CVE-2024-47141 bsc#1235708). - Update patches.suse/pmdomain-imx-gpcv2-Adjust-delay-after-power-up-hands.patch (git-fixes CVE-2024-56618 bsc#1235465). - Update patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch (git-fixes CVE-2024-57792 bsc#1235764). - Update patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch (bsc#1215199 CVE-2024-56677 bsc#1235494). - Update patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch (bsc#1194869 CVE-2024-56678 bsc#1235495). - Update patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch (bsc#1194869 CVE-2024-56701 bsc#1235496). - Update patches.suse/regulator-axp20x-AXP717-set-ramp_delay.patch (git-fixes CVE-2024-53682 bsc#1235718). - Update patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch (git-fixes CVE-2024-56739 bsc#1235611). - Update patches.suse/s390-cpum_sf-Fix-and-protect-memory-allocation-of-SDBs-with-mutex.patch (git-fixes bsc#1234348 CVE-2024-56706 bsc#1235586). - Update patches.suse/s390-entry-Mark-IRQ-entries-to-fix-stack-depot-warnings.patch (git-fixes bsc#1234356 CVE-2024-57838 bsc#1235798). - Update patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch (git-fixes bsc#1234351 CVE-2024-53210 bsc#1234971). - Update patches.suse/s390-pci-Fix-potential-double-remove-of-hotplug-slot.patch (git-fixes bsc#1234354 CVE-2024-56699 bsc#1235490). - Update patches.suse/sched-deadline-Fix-warning-in-migrate_enable-for-boosted-tasks.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-56583 bsc#1235118). - Update patches.suse/sched-fair-Fix-NEXT_BUDDY.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-49573 bsc#1235743). - Update patches.suse/sched-fix-warning-in-sched_setaffinity.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2024-41932 bsc#1235699). - Update patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch (jsc#PED-11259 CVE-2024-57807 bsc#1235761). - Update patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch (bsc#1235406 CVE-2024-56623 bsc#1235466). - Update patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch (stable-fixes CVE-2024-56787 bsc#1235663). - Update patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch (git-fixes CVE-2024-53158 bsc#1234811). - Update patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch (git-fixes CVE-2024-50051 bsc#1235739). - Update patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch (git-fixes CVE-2024-56688 bsc#1235538). - Update patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp-socket.patch (git-fixes CVE-2024-53168 bsc#1234887). - Update patches.suse/svcrdma-Address-an-integer-overflow.patch (git-fixes CVE-2024-53151 bsc#1234829). - Update patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch (git-fixes CVE-2024-53215 bsc#1234962). - Update patches.suse/thermal-testing-Initialize-some-variables-annoteded-.patch (git-fixes CVE-2024-56676 bsc#1235493). - Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch (bsc#1235433 CVE-2024-56661 bsc#1234931). - Update patches.suse/unicode-Fix-utf8_load-error-path.patch (git-fixes CVE-2024-53233 bsc#1235046). - Update patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch (git-fixes CVE-2024-56698 bsc#1235491). - Update patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch (git-fixes CVE-2024-56670 bsc#1235488). - Update patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch (git-fixes CVE-2024-56687 bsc#1235537). - Update patches.suse/usb-typec-fix-potential-array-underflow-in-ucsi_ccg_.patch (git-fixes CVE-2024-53203 bsc#1235001). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/wifi-ath10k-avoid-NULL-pointer-error-during-sdio-rem.patch (stable-fixes CVE-2024-56599 bsc#1235138). - Update patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch (git-fixes CVE-2024-56543 bsc#1235065). - Update patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch (stable-fixes CVE-2024-56607 bsc#1235423). - Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch (git-fixes CVE-2024-53188 bsc#1234948). - Update patches.suse/wifi-ath12k-fix-use-after-free-in-ath12k_dp_cc_clean.patch (git-fixes CVE-2024-56541 bsc#1235064). - Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch (git-fixes CVE-2024-53191 bsc#1234952). - Update patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch (git-fixes CVE-2024-53156 bsc#1234846). - Update patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch (stable-fixes CVE-2024-56593 bsc#1235252). - Update patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch (git-fixes CVE-2024-56536 bsc#1234911). - Update patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch (git-fixes CVE-2024-56539 bsc#1234963). - Update patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch (git-fixes CVE-2024-56663 bsc#1235454). - Update patches.suse/wifi-nl80211-fix-bounds-checker-error-in-nl80211_par.patch (git-fixes CVE-2024-53189 bsc#1234949). - Update patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch (stable-fixes CVE-2024-53190 bsc#1234950). - Update patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch (stable-fixes CVE-2024-56609 bsc#1235389). - Update patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch (stable-fixes CVE-2024-48873 bsc#1235716). - Update patches.suse/wifi-rtw89-coex-check-NULL-return-of-kmalloc-in-btc_.patch (git-fixes CVE-2024-56535 bsc#1235044). - Update patches.suse/xfs-unlock-inodes-when-erroring-out-of-xfs_trans_alloc_dir.patch (git-fixes CVE-2024-55641 bsc#1235740). - commit b21bae3 - KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235755). - KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235756). - KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235757). - commit 25f73de - s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646) - commit 2199130 - misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes). - misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes). - interconnect: icc-clk: check return values of devm_kasprintf() (git-fixes). - interconnect: qcom: icc-rpm: Set the count member before accessing the flex array (git-fixes). - iio: adc: ti-ads1119: fix sample size in scan struct for triggered buffer (git-fixes). - iio: inkern: call iio_device_put() only on mapped devices (git-fixes). - iio: adc: ad9467: Fix the "don't allow reading vref if not available" case (git-fixes). - iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes). - iio: adc: ad7173: fix using shared static info struct (git-fixes). - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes). - iio: adc: ti-ads1119: fix information leak in triggered buffer (git-fixes). - iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes). - iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes). - iio: imu: kmx61: fix information leak in triggered buffer (git-fixes). - iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes). - iio: light: bh1745: fix information leak in triggered buffer (git-fixes). - iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes). - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes). - iio: test: Fix GTS test config (git-fixes). - iio: adc: ti-ads1298: Add NULL check in ads1298_init (git-fixes). - iio: adc: stm32-dfsdm: handle label as an optional property (git-fixes). - iio: adc: ad4695: fix buffered read, single sample timings (git-fixes). - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (git-fixes). - iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes). - iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes). - iio: adc: ad7124: Disable all channels at probe time (git-fixes). - staging: iio: ad9832: Correct phase range check (git-fixes). - staging: iio: ad9834: Correct phase range check (git-fixes). - usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (git-fixes). - usb: gadget: midi2: Reverse-select at the right place (git-fixes). - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes). - USB: core: Disable LPM only for non-suspended ports (git-fixes). - usb: fix reference leak in usb_new_device() (git-fixes). - usb: typec: tcpci: fix NULL pointer issue on shared irq case (git-fixes). - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes). - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes). - usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes). - USB: usblp: return error when setting unsupported protocol (git-fixes). - usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes). - usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes). - usb: host: xhci-plat: set skip_phy_initialization if software node has XHCI_SKIP_PHY_INIT property (git-fixes). - usb: dwc3-am62: Disable autosuspend during remove (git-fixes). - usb: dwc3: gadget: fix writing NYET threshold (git-fixes). - commit 708e579 - serial: stm32: use port lock wrappers for break control (git-fixes). - tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes). - commit 2e58518 ------------------------------------------------------------------ ------------------ 2025-1-12 - Jan 12 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-default: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ dtb-aarch64: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-debug: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-source: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-docs: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-kvmsmall: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-obs-build: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-obs-qa: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-syms: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ++++ kernel-zfcpdump: - hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes). - modpost: fix the missed iteration for the max bit in do_input() (git-fixes). - commit 5559cd4 - Refresh patches.suse/acpi-Disable-APEI-error-injection-if-the-kernel-is-lockeddown.patch. - commit 1526952 ------------------------------------------------------------------ ------------------ 2025-1-11 - Jan 11 2025 ------------------- ------------------------------------------------------------------ ++++ chirp: - Update to version 20250110: * Improve keyboard navigation and editing * Add Baofeng BFT20D radio * rt21: Fix DTCS decoding when stored in hex * tdh3: Fix incorrect ponmsg and step list values * Update UV-5GPlus model alias * Added support for Kenwood TS-790E * kenwood_live: Refresh memory after setting ++++ kernel-64kb: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-default: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ dtb-aarch64: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-debug: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-source: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-docs: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-kvmsmall: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-obs-build: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-obs-qa: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-syms: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ++++ kernel-zfcpdump: - thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes). - drm/mediatek: Add return value check when reading DPCD (git-fixes). - drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes). - drm/mediatek: Fix mode valid issue for dp (git-fixes). - drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes). - drm/mediatek: stop selecting foreign drivers (git-fixes). - drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes). - drm/mediatek: Only touch DISP_REG_OVL_PITCH_MSB if AFBC is supported (git-fixes). - drm/mediatek: Move mtk_crtc_finish_page_flip() to ddp_cmdq_cb() (git-fixes). - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes). - Revert "drm/mediatek: dsi: Correct calculation formula of PHY Timing" (git-fixes). - drm/xe: Fix tlb invalidation when wedging (git-fixes). - drm/amdgpu: Add a lock when accessing the buddy trim function (git-fixes). - drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes). - drm/amd/display: fix divide error in DM plane scale calcs (git-fixes). - drm/amd/display: fix page fault due to max surface definition mismatch (git-fixes). - drm/amd/display: Remove unnecessary amdgpu_irq_get/put (git-fixes). - platform/x86: intel/pmc: Fix ioremap() of bad address (git-fixes). - platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes). - gpio: loongson: Fix Loongson-2K2000 ACPI GPIO register offset (git-fixes). - gpio: virtuser: fix handling of multiple conn_ids in lookup table (git-fixes). - gpio: virtuser: fix missing lookup table cleanups (git-fixes). - commit 993f2e5 - kgdb: Check early kernel lockdown flag before using kgdb (bsc#1234646). - commit 8566b22 - ACPI: Check early kernel lockdown flag before overlaying tables (bsc#1234646). - commit f711c7c - efi: Set early kernel lock down flag if booted in secure boot mode (bsc#1234646). - commit 00a355d - security: Add a kernel lockdown flag for early boot stage (bsc#1234646). Update config files. CONFIG_LOCK_DOWN_KERNEL_EARLY - commit d7ebed1 - Lock down x86_64 kernel in secure boot mode in subsys_initcall stage (bsc#1234646). - commit 206dec9 ------------------------------------------------------------------ ------------------ 2025-1-10 - Jan 10 2025 ------------------- ------------------------------------------------------------------ ++++ agama: - Version 11 - Disable the browser cache setting the "Cache-Control" header to "no-store" (gh#agama-project/agama#1880). ++++ agama-products: - Add the user selectable patterns list to the SLES product (gh#agama-project/agama#1885). - Update SLES name (gh#agama-project/agama#1883). ++++ agama-web-ui: - Version 11 - Add storage reprobing and recalculate proposal when going back to either the proposal page or the devices selector if the system is deprecated (gh#agama-project/agama#1884). - Drop the feature for deregistering a product (gh#agama-project/agama#1882). - Do not allow changing the storage setup when Agama is using the new storage settings (gh#agama-project/agama#1881). ++++ agama-yast: - Version 11 - Objects from the D-Bus trees representing the storage devices are removed before performing the probing. It prevents a segmentation fault by accessing to old objects (gh#agama-project/agama#1884). ++++ kernel-64kb: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-default: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ dtb-aarch64: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-debug: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-source: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-docs: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-kvmsmall: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-obs-build: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-obs-qa: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-syms: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ kernel-zfcpdump: - block, bfq: fix bfqq uaf in bfq_limit_depth() (CVE-2024-53166 bsc#1234884). - commit 2d6266b - bpf, sockmap: Fix race between element replace and close() (CVE-2024-56664 bsc#1235249). - commit c6238ec - Disable ceph (jsc#PED-7242) - commit c5f8eec - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit fe21847 - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - commit e901a2d - Enable CONFIG_LIST_HARDENED (jsc#PED-11842) - commit a16f97b - virtio_net: correct netdev_tx_reset_queue() invocation point (CVE-2024-56674 bsc#1235549). - commit d01521b - stackleak: disable stack erasing by default (jsc#PED-11837). - commit 25d95db - config: enable CONFIG_GCC_PLUGIN_STACKLEAK Keep it disabled via stack_erasing syscall to avoid overhead - commit 8cf8a17 - Update config files. Enable CONFIG_RANDOM_KMALLOC_CACHES (jsc#PED-11846) except on zfcpdump, disable CONFIG_SLAB_BUCKETS on zfcpdump. - commit 23291c7 - Reviewed patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch - commit 75d9cc5 - Reviewed patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch - commit a397f81 - Refresh patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch. - commit 6f37879 - Refresh patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch. - commit c848190 - Reviewed patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch - commit 5b00a1a - Refresh patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch. Update config files. CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT - commit 509a86d - Reviewed patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 6ffabc3 - scsi: sg: Fix slab-use-after-free read in sg_release() (CVE-2024-56631 bsc#1235480). - commit 76de829 - Refresh patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch. - commit 2157c81 - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - Bluetooth: btmtk: Fix failed to send func ctrl for MediaTek devices (git-fixes). - Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes). - Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes). - Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes). - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes). - drm/amdkfd: Correct the migration DMA map direction (stable-fixes). - drm/amdgpu: use sjt mec fw on gfx943 for sriov (stable-fixes). - wifi: mac80211: wake the queues in case of failure in resume (stable-fixes). - wifi: cfg80211: clear link ID from bitmap during link delete after clean up (stable-fixes). - wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes). - commit d04ce72 - 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584). - commit bf1ccfc - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (CVE-2024-56602 bsc#1235521). - commit 8b46faa - udmabuf: fix memory leak on last export_udmabuf() error path (CVE-2024-56712 bsc#1235565). - commit 3d88b1a - x86/CPU/AMD: Terminate the erratum_1386_microcode array (CVE-2024-56721 bsc#1235566). - commit 09a03bf - net: hsr: avoid potential out-of-bound access in fill_frame_info() (CVE-2024-56648 bsc#1235451). - commit 333d1e7 ++++ polkit-default-privs: - Update to version 1550+20250110.ac26f8e: * profiles: whitelist systemd v257 actions (bsc#1233295) ++++ rubygem-agama-yast: - Version 11 - Objects from the D-Bus trees representing the storage devices are removed before performing the probing. It prevents a segmentation fault by accessing to old objects (gh#agama-project/agama#1884). ------------------------------------------------------------------ ------------------ 2025-1-9 - Jan 9 2025 ------------------- ------------------------------------------------------------------ ++++ agama: - Increase disk size in _constraints to fix build on ppc (gh#agama-project/agama#1876). ++++ agama-yast: - Activate multipath in case it is forced by the user (gh#agama-project/agama#1875). ++++ kernel-64kb: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-default: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ dtb-aarch64: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ frr: - Update to frr 10.2.1 release providing fix for a Denial of Service scenario due to RIB revalidation (CVE-2024-55553,bsc#1235237) and other fixes, see https://frrouting.org/release/10.2.1/ The 10.2 version provides new features and many enhancements, see https://frrouting.org/release/10.2/ - Add new fpm_listener daemon binary to rpm file lists. - Remove --localstatedir configure parameter causing to use /run/lib instead of /var/lib prefix for the northbound databases and added the /var/lib/frr directory to the rpm file list. - Adjust to set permissions in rpm attr macros (rpmlint suggestion) and use frr_group instead of frr_user in group parameter. ++++ gosec: - Update to version 2.22.0: * Update what message for G104 (#1282) * chore(deps): update module github.com/onsi/ginkgo/v2 to v2.22.2 (#1281) * chore(deps): update all dependencies (#1280) * chore(deps): update all dependencies (#1279) * Simplify sortIssues implementation (#1277) * Enable testifylint and fix up lint issues (#1276) * Refactor AppendError to check for build.NoGoError (#1273) * chore(deps): update module golang.org/x/net to v0.33.0 [security] (#1275) * Update README.md (#1274) * Rule documentation updates (#1272) * Replace old golang.org links with new go.dev (#1271) * Refactor AppendError to use strings.Contains (#1270) * Simplify Analyzer.ignore by reducing nesting (#1269) * Improve capitalization in AI API flags descriptions (#1267) * Remove unused golint dependency (#1266) * Simplify tests by using GinkgoT().TempDir() (#1265) * Documentation on adding new rules and analyzers (#1262) * chore(deps): update all dependencies (#1268) * Update to go 1.22.10 and 1.23.4 versions (#1264) * chore(deps): update module golang.org/x/crypto to v0.31.0 [security] (#1263) * chore(deps): update all dependencies (#1261) * chore(deps): update module github.com/onsi/gomega to v1.36.0 (#1259) * fix: revive.redefines-builtin-id lint warnings (#1257) * Fix typos in comments and fields * Remove the decryption funtions/methods from G407 check * Upate go to version 1.23.3 and 1.22.9 * Fix G115 false positive when going from parsed uint to larger int * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * chore(deps): update all dependencies * Update go version to 1.23.2 and 1.22.8 * chore(deps): update module google.golang.org/api to v0.201.0 * chore(deps): update all dependencies * chore(deps): update all dependencies * Fix the cosign step to authenticate with the container registry * chore(deps): update module google.golang.org/api to v0.199.0 ++++ kernel-debug: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-source: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-docs: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-kvmsmall: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-obs-build: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-obs-qa: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-syms: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ kernel-zfcpdump: - supported.conf: All modules related to the Intel TPMI are supported (jsc#PED-4901 jsc#PED-4961 jsc#PED-4647) - commit 782043f - Update patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-11639). - commit f371154 - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids (jsc#PED-11771). - commit 907dba9 - intel_idle: add Granite Rapids Xeon D support (jsc#PED-10589). - commit 3305026 - af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-56606 bsc#123541) - commit 4c171b7 - ovl: Filter invalid inodes with missing lookup function (bsc#1235035 CVE-2024-56570). - commit 707d8d7 - Update patches.suse/comedi-Flush-partial-mappings-in-error-case.patch (git-fixes CVE-2024-53148 bsc#1234832). Add CVE reference. - commit 04ca6f4 - tipc: Fix use-after-free of kernel socket in cleanup_bearer() (CVE-2024-56642 bsc#1235433). - commit 9a3730d - smb: client: fix use-after-free of signing key (CVE-2024-53179 bsc#1234921). - commit 2e9abfc ++++ s390-tools: - Applied backport patches from s390-tools 2.37 to 2.36 ( jsc#PED-11870 ) ( jsc#IBM-1447, jsc#IBM-1062 ) * s390-tools-General-update-01.patch * s390-tools-General-update-02.patch * s390-tools-General-update-03.patch * s390-tools-General-update-04.patch * s390-tools-General-update-05.patch * s390-tools-General-update-06.patch * s390-tools-General-update-07.patch * s390-tools-General-update-08.patch * s390-tools-General-update-09.patch * s390-tools-General-update-10.patch * s390-tools-General-update-11.patch * s390-tools-General-update-12.patch * s390-tools-Additional-update-01.patch * s390-tools-Additional-update-02.patch ( jsc#IBM-1570, jsc#IBM-1571 ) * s390-tools-Support-unencrypted-SE-images-01.patch ( jsc#IBM-1572, jsc#IBM-1573 ) * s390-tools-pvimg-info-command-01.patch * s390-tools-pvimg-info-command-02.patch * s390-tools-pvimg-info-command-03.patch * s390-tools-pvimg-info-command-04.patch ( jsc#IBM-1576, jsc#IBM-1577 ) * s390-tools-pvimg-additional-01.patch - Renamed patches from - to * s390-tools-01-opticsmon-Fix-runaway-loop-in-on_link_change.patch to s390-tools-Additional-update-01.patch * s390-tools-02-libzpci-opticsmon-Refactor-on_link_change-using-new.patch to s390-tools-Additional-update-02.patch * s390-tools-03-rust-pvimg-Add-enable-disable-image-encryption-flags-to-pvimg-create.patch to s390-tools-Support-unencrypted-SE-images-01.patch - Revendored vendor.tar.gz ++++ systemd: - Upgrade systemd with systemd v257.2 from Base:System (revision:1574) - Rename 0001-udev-restore-some-legacy-symlinks-to-maintain-backwa.patch into 0003-udev-restore-some-legacy-symlinks-to-maintain-backwa.patch Given that SLE16 will be based on SLFO, we have no choice but to continue supporting these compat symlinks. This compatibility code is no longer maintained in the Git repository though, as we primarily backport upstream commits these days. Additionally, the compat code rarely changes and often causes conflicts when merged into recent versions of systemd. - Drop 5003-99-systemd.rules-rework-SYSTEMD_READY-logic-for-devi.patch, it's part of systemd v256. - Drop 5004-udev-allow-denylist-for-reading-sysfs-attributes-whe.patch, it's part of systemd v256. ++++ myrlyn: - Update to version 0.8.02+4: * Use lowercase for .desktop names * Fixed executable name - Update to version 0.8.02+2: * Renamed to Myrlyn - Update to version 0.8.01 * Version bump to 0.8.01 - Changes from 0.8.0 * Added both root and on-root .desktop files ++++ patterns-base: - Drop yast inclusion code-o-o#leap/features#173 Add myrlyn to x11_enahnced on openSUSE ++++ release-notes-sles-160: - Initial package submission ++++ rubygem-agama-yast: - Activate multipath in case it is forced by the user (gh#agama-project/agama#1875). ------------------------------------------------------------------ ------------------ 2025-1-8 - Jan 8 2025 ------------------- ------------------------------------------------------------------ ++++ agama: - Add support for products registration (jsc#PED-11192, gh#agama-project/agama#1809). ++++ agama-products: - Add support for products registration (jsc#PED-11192, gh#agama-project/agama#1809). ++++ agama-web-ui: - Add support for products registration (jsc#PED-11192, gh#agama-project/agama#1809). - Use product ID instead of slug to link labels and descriptions to their corresponding radio inputs (gh#agama-project/agama#1873). - Show the cancel action at product selection page only when a product is already selected (gh#agama-project/agama#1871). ++++ agama-yast: - Add support for products registration (jsc#PED-11192, gh#agama-project/agama#1809). ++++ amazon-dracut-config: - Update to 0.0.4 + Move dracut config files to usr/lib/ dir ++++ kernel-64kb: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-default: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ drbd: - fix the warning of blk_validate_limits when running drbdadm down (boo#1235399) * add patch boo1235399-fix_the_warning_of_blk_validate_limits.patch ++++ drbd-utils: - Update drbd-utils from 9.25.0 to 9.29.0 * Changelog from Linbit: 9.29.0 - ---------- * drbdmeta: fix initialization for external md * build: allow disbling keyutils * tests: export sanitized environment * drbdmon: various improvements * build: add cyclonedx * drbsetup,v9: fix multiple paths drbdsetup show --json strictly spreaking breaking change, but maily used internally * events2: expose if device is open * drbdadm: fix undefined behavior that triggered on amd64 * shared: fix out-of-bounds access in parsing * drbsetup,v9: event consistency with peer devices * drbdadm: fix parsing of v8.4 configs for compatibility * drbdmeta: fix segfault for check-resize on intentionally diskless * drbd-promote@.service: check if ExecCondition is available 9.28.0 - ---------- * events2: set may_promote:no promotion_score:0 while force-io-failure:yes * drbdsetup,v9: show TLS in connection status * drbdsetup,v9: add udev command * 8.3: remove * crm-fence-peer.9.sh: fixes for pacemaker 2.1.7 * events2: improved out of order message handling 9.27.0 - ---------- * adjust,v9: retry for diskless primaries * tests: sanitize env (e.g., TZ) * drbdmeta: dump and restore the members field 9.26.0 - ---------- * config,v9: new config option load-balance-paths * config,v9: new config options rdma-ctrls-(snd|rcv)buf-size * drbdadm,v9: fix segfault if proxy has no path * drbd: increase maximum CPU mask size * systemd: introduce drbd-graceful-shutdown.service * drbdmeta,v9: fix regression, allow attach after offline resize * drbdsetup,v9: add path established information to JSON status * events2: terminate on module unload even under --poll * events2: specif exit code if module unload * docs: add spdx license file * drbdmon: various smaller improvements * drbdsetup,v9: support for TLS/kTLS * remove patches which are already included in upstream code: 0001-drbdadm-v9-do-not-segfault-when-re-configuring-proxy.patch 0002-user-drbrdmon-add-missing-stdint.h-includes.patch 0003-Introduce-default_types.h-header.patch bsc-1219263_crm-fence-peer.9.sh-fix-parsing-in_ccm-crmd-fields-o.patch bsc-1219263_crm-fence-peer.9.sh-use-join-of-node_state-to-judge-.patch bsc-1233273_drbd.ocf-update-regex-of-sed-for-new-output-from-crm.patch usrmerge_move_lib_to_prefix_lib.patch * add upstream patches to align commit 0a014f290802: 0001-drbd-verify.py-relax-host-key-checking.patch 0002-DRBDmon-Disabled-DRBD-commands-warning-only-for-actu.patch 0003-DRBDmon-Integrate-global-local-command-delegation.patch 0004-DRBDmon-Adjust-events-log-supplier-program-name.patch 0005-DRBDmon-Add-drbd-events-log-supplier.patch 0006-DRBDmon-Adjust-Makefile.patch 0007-DRBDmon-Version-V1R4M1.patch 0008-drbdadm-add-proxy-options-to-add-connection-command.patch 0009-Do-not-hardcode-paths-in-services-and-scripts.patch 0010-Fix-typo-in-warning-there-is-no-po4a-translage-comma.patch 0011-drbd.ocf-explicitly-timeout-crm_master-IPC-early.patch 0012-drbd.ocf-the-text-output-of-crm_resource-locate-has-.patch * update patches according to source code changes: bsc-1233273_drbd.ocf-replace-crm_master-with-ocf_promotion_score.patch fence-after-pacemaker-down.patch * modify upstream patch for passing build: 0009-Do-not-hardcode-paths-in-services-and-scripts.patch * add new service: drbd-graceful-shutdown.service * add new binrary: drbd-events-log-supplier ++++ dtb-aarch64: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ google-dracut-config: - Update to 0.0.4 + Move dracut config files to usr/lib/ dir ++++ govulncheck-vulndb: - Update to version 0.0.20250108T191942 2025-01-08T19:19:42Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3371 GHSA-2r2v-9pf8-6342 * GO-2025-3374 CVE-2025-22130 GHSA-j4jw-m6xr-fv6c ++++ grafana: - CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto (bsc#1234554) ++++ kernel-debug: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-source: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-docs: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-kvmsmall: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-obs-build: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-obs-qa: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-syms: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ kernel-zfcpdump: - powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108). - commit 8c55a2a - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - nvmet-loop: avoid using mutex in IO hotpath (git-fixes). - nvmet: Don't overflow subsysnqn (git-fixes). - nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes). - nvme-rdma: unquiesce admin_q before destroy it (git-fixes). - nvme-tcp: fix the memleak while create new ctrl failed (git-fixes). - nvme-fabrics: handle zero MAXCMD without closing the connection (git-fixes). - nvme: don't apply NVME_QUIRK_DEALLOCATE_ZEROES when DSM is not supported (git-fixes). - commit 64d03b4 - workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416). - commit d1a20d8 - btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128) - commit 0406131 - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409). - scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409). - scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409). - scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409). - scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409). - scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409). - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409). - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409). - scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409). - scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409). - commit a46e8c0 - btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128) - commit c77e8af - PCI/TPH: Add TPH documentation (jsc#PED-11562). - PCI/TPH: Add Steering Tag support (jsc#PED-11562). - PCI: Add TLP Processing Hints (TPH) support (jsc#PED-11562). - Update config files (CONFIG_PCIE_TPH=y). - commit bd308e1 - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406). - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406). - scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406). - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406). - scsi: qla2xxx: Fix use after free on unload (bsc#1235406). - scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406). - commit e644331 - vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004 CVE-2024-53214). - commit 989377b - fs: fix is_mnt_ns_file() (git-fixes). - commit f76cd98 - erofs: use buffered I/O for file-backed mounts by default (git-fixes). - commit 699c7cc - erofs: reference `struct erofs_device_info` for erofs_map_dev (git-fixes). - commit c6ac991 - erofs: use `struct erofs_device_info` for the primary device (git-fixes). - commit 426336f - erofs: add erofs_sb_free() helper (git-fixes). - commit 468b714 - nfs: Fix oops in nfs_netfs_init_request() when copying to cache (git-fixes). - commit d2c36d1 ++++ systemd: - Import commit 7fa3b5018bfffa176c77a2a5794dce792eebadcb (merge of v257.2) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/47eea9ee9f46537bc18d6a64fa21fd9c50538e13...7fa3b5018bfffa176c77a2a5794dce792eebadcb ++++ microsoft-dracut-config: - Update to 0.0.4 + Move dracut config files to usr/lib/ dir ++++ rubygem-agama-yast: - Add support for products registration (jsc#PED-11192, gh#agama-project/agama#1809). ++++ zypper: - info: Allow to query a specific version (jsc#PED-11268) To query for a specific version simply append "-" or "--" to the "" pattern. Note that the edition part must always match exactly. - version 1.14.79 ------------------------------------------------------------------ ------------------ 2025-1-7 - Jan 7 2025 ------------------- ------------------------------------------------------------------ ++++ agama-products: - Drop yast from Leap 16.0 software selection code-o-o#leap/features#173 ++++ kernel-64kb: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-default: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ crmsh: - Update to version 5.0.0+20250106.9dcea10: * Fix: bootstrap: Improve sync_files_to_disk function (bsc#1219537) * Dev: help: Support '--help' option for cluster properties (jsc#PED-11860) * Dev: bootstrap: add gfs2 stage functionality (Technical Preview) (jsc#PED-11709) ++++ dtb-aarch64: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ govulncheck-vulndb: - Update to version 0.0.20250107T160406 2025-01-07T16:04:06Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3363 GO-2025-3364 GO-2025-3367 GO-2025-3368 * GO-2024-3355 CVE-2024-54148 GHSA-r7j8-5h9c-f6fx * GO-2024-3356 CVE-2024-55947 GHSA-qf5v-rp47-55gg * GO-2024-3357 CVE-2024-56362 GHSA-xwx7-p63r-2rj8 * GO-2024-3358 CVE-2024-45387 GHSA-vq94-9pfv-ccqr * GO-2024-3359 CVE-2024-28892 GHSA-5qww-56gc-f66c * GO-2024-3360 CVE-2024-25133 GHSA-wgqq-9qh8-wvqv * GO-2025-3361 CVE-2024-55196 GHSA-rv83-h68q-c4wq * GO-2025-3362 CVE-2025-21609 GHSA-8fx8-pffw-w498 * GO-2025-3363 CVE-2024-56514 GHSA-cwrh-575j-8vr3 * GO-2025-3364 CVE-2024-56513 GHSA-mg7w-c9x2-xh7r * GO-2025-3367 CVE-2025-21614 GHSA-r9px-m959-cxf4 * GO-2025-3368 CVE-2025-21613 GHSA-v725-9546-7q7m ++++ kernel-debug: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-source: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-docs: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-firmware: - Update to version 20250106 (git commit e39831b1a9d7): * rtl_bt: Add separate config for RLT8723CS Bluetooth part * amdgpu: revert VCN 3.1.2 firmware * amdgpu: revert yellow carp VCN firmware * amdgpu: revert sienna cichlid VCN firmware * amdgpu: revert navy flounder VCN firmware * amdgpu: revert dimgrey cavefish VCN firmware * WHENCE: Link the Raspberry Pi CM5 and 500 to the 4B * copy-firmware.sh: Fix typo in error message. * Add support to install files/symlinks in parallel. * Makefile: Remove obsolete/broken reference. * check_whence.py: Use a more portable shebang. * rtl_bt: Update RTL8852B BT USB FW to 0x04BE_1F5E ++++ kernel-kvmsmall: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-obs-build: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-obs-qa: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-syms: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ kernel-zfcpdump: - netfs: Fix is-caching check in read-retry (git-fixes). - commit d3ca9e7 - netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (git-fixes). - commit b8f5973 - netfs: Fix ceph copy to cache on write-begin (git-fixes). - commit 4931632 - netfs: Fix missing barriers by using clear_and_wake_up_bit() (git-fixes). - commit 59b3732 - netfs: Fix enomem handling in buffered reads (git-fixes). - commit d3c3d24 - exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes). - commit 32d6d4e - exfat: fix the new buffer was not zeroed before writing (git-fixes). - commit faf023a - exfat: fix the infinite loop in exfat_readdir() (git-fixes). - commit 5136005 - dlm: fix possible lkb_resource null dereference (git-fixes). - commit 490216a - ethtool: Fix access to uninitialized fields in set RXNFC command (git-fixes). - net: Make napi_hash_lock irq safe (git-fixes). - commit 9fa4e00 - octeontx2-pf: RVU representor driver (jsc#PED-11317). - Update config files. - supported.conf: mark new OcteonTx2 submodule rvu_rep supported. - commit c4b0aa9 - testing: net-drv: add basic shaper test (jsc#PED-10419). - Update config files. - commit 04716f4 - net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (jsc#PED-11366). - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (jsc#PED-11331). - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (jsc#PED-11331). - net/mlx5e: macsec: Maintain TX SA from encoding_sa (jsc#PED-11331). - net/mlx5: DR, select MSIX vector 0 for completion queue creation (jsc#PED-11331). - RDMA/mlx5: Enable multiplane mode only when it is supported (jsc#PED-11325). - RDMA/bnxt_re: Fix error recovery sequence (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the locking while accessing the QP table (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix MSN table size for variable wqe mode (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add send queue size check for variable wqe (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Disable use of reserved wqes (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max_qp_wrs reported (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix reporting hw_ver in query_device (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix to export port num to ib_query_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix setting mandatory attributes for modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Add check for path mtu in modify_qp (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix the check for 9060 condition (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Avoid initializing the software queue for user queues (jsc#PED-10682 jsc#PED-11231). - RDMA/bnxt_re: Fix max SGEs for the Work Request (jsc#PED-10682 jsc#PED-11231). - RDMA/mlx5: Enforce same type port association for multiport RoCE (jsc#PED-11325). - RDMA/bnxt_re: Remove always true dattr validity check (jsc#PED-10682 jsc#PED-11231). - octeontx2-pf: fix error handling of devlink port in rvu_rep_create() (jsc#PED-11317). - octeontx2-pf: fix netdev memory leak in rvu_rep_create() (jsc#PED-11317). - idpf: trigger SW interrupt when exiting wb_on_itr mode (jsc#PED-10581). - idpf: add support for SW triggered interrupts (jsc#PED-10581). - qed: fix possible uninit pointer read in qed_mcp_nvm_info_populate() (jsc#PED-9648 jsc#PED-11293). - chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes). - ionic: use ee->offset when returning sprom data (jsc#PED-11378). - ionic: no double destroy workqueue (jsc#PED-11378). - ionic: Fix netdev notifier unregister on failure (jsc#PED-11378). - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Fix installation of PF multicast rule (jsc#PED-11317). - cxgb4: use port number to set mac addr (git-fixes). - bnxt_en: Fix potential crash when dumping FW log coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DR, prevent potential error pointer dereference (jsc#PED-11331). - bpf, vsock: Invoke proto::close on close() (jsc#PED-11028). - bpf, vsock: Fix poll() missing a queue (jsc#PED-11028). - igb: Fix potential invalid memory access in igb_init_module() (jsc#PED-10426 jsc#PED-10425). - ixgbe: Correct BASE-BX10 compliance code (jsc#PED-9647 jsc#PED-9646). - ixgbe: downgrade logging of unsupported VF API version to debug (jsc#PED-9647 jsc#PED-9646). - ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (jsc#PED-9647 jsc#PED-9646). - idpf: set completion tag for "empty" bufs associated with a packet (jsc#PED-10581). - ice: Fix VLAN pruning in switchdev mode (jsc#PED-10419). - ice: Fix NULL pointer dereference in switchdev (jsc#PED-10419). - ice: fix PHY timestamp extraction for ETH56G (jsc#PED-10419). - ice: fix PHY Clock Recovery availability check (jsc#PED-10419). - net/mlx5e: Remove workaround to avoid syndrome for internal port (jsc#PED-11331). - net/mlx5e: SD, Use correct mdev to build channel param (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode in MPV (jsc#PED-11331). - net/mlx5: E-Switch, Fix switching to switchdev mode with IB device disabled (jsc#PED-11331). - net/mlx5: HWS: Properly set bwc queue locks lock classes (jsc#PED-11331). - net/mlx5: HWS: Fix memory leak in mlx5hws_definer_calc_layout (jsc#PED-11331). - bnxt_en: handle tpa_info in queue API implementation (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor bnxt_alloc_rx_rings() to call bnxt_alloc_rx_agg_bmap() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: refactor tpa_info alloc/free into helpers (jsc#PED-10684 jsc#PED-11230). - net/qed: allow old cards not supporting "num_images" to work (jsc#PED-9648 jsc#PED-11293). - octeontx2-af: Fix SDP MAC link credits configuration (jsc#PED-11317). - bnxt_en: ethtool: Supply ntuple rss context action (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Unregister PTP during PCI shutdown and suspend (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_ptp_init() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Fix receive ring space parameters when XDP is active (jsc#PED-10684 jsc#PED-11230 CVE-2024-53209 bsc#1235002). - bnxt_en: Fix queue start to update vnic RSS table (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Set backplane link modes correctly for ethtool (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Quiesce traffic before NIX block reset (jsc#PED-11317). - octeontx2-af: RPM: fix stale FCFEC counters (jsc#PED-11317). - octeontx2-af: RPM: fix stale RSFEC counters (jsc#PED-11317). - octeontx2-af: RPM: Fix low network performance (jsc#PED-11317). - octeontx2-af: RPM: Fix mismatch in lmac type (jsc#PED-11317). - vdpa/mlx5: Fix suboptimal range on iotlb iteration (jsc#PED-11331). - RDMA/mlx5: Add implementation for ufile_hw_cleanup device operation (jsc#PED-11325). - RDMA/mlx5: Ensure active slave attachment to the bond IB device (jsc#PED-11325). - RDMA/mlx5: Call dev_put() after the blocking notifier (jsc#PED-11325). - RDMA/mlx5: Support querying per-plane IB PortCounters (jsc#PED-11325). - RDMA/mlx5: Support OOO RX WQE consumption (jsc#PED-11325). - net/mlx5: Introduce data placement ordering bits (jsc#PED-11331). - i40e: Fix handling changed priv flags (jsc#PED-10428). - bnxt_en: Add FW trace coredump segments to the coredump (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a new ethtool -W dump flag (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add 2 parameters to bnxt_fill_coredump_seg_hdr() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add functions to copy host context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Do not free FW log context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Manage the FW trace context memory (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Allocate backing store memory for FW trace logs (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add a 'force' parameter to bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Refactor bnxt_free_ctx_mem() (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Add mem_valid bit to struct bnxt_ctx_mem_type (jsc#PED-10684 jsc#PED-11230). - bnxt_en: Update firmware interface spec to 1.10.3.85 (jsc#PED-10684 jsc#PED-11230). - e1000: Hold RTNL when e1000_down can be called (jsc#PED-10422). - igbvf: remove unused spinlock (jsc#PED-10426 jsc#PED-10425). - igb: Fix 2 typos in comments in igb_main.c (jsc#PED-10426 jsc#PED-10425). - igc: remove autoneg parameter from igc_mac_info (jsc#PED-10417). - ixgbe: Break include dependency cycle (jsc#PED-9647 jsc#PED-9646). - ice: Unbind the workqueue (jsc#PED-10419). - ice: use stack variable for virtchnl_supported_rxdids (jsc#PED-10419). - ice: initialize pf->supported_rxdids immediately after loading DDP (jsc#PED-10419). - ice: only allow Tx promiscuous for multicast (jsc#PED-10419). - ice: Add support for persistent NAPI config (jsc#PED-10419). - ice: support optional flags in signature segment header (jsc#PED-10419). - ice: refactor "last" segment of DDP pkg (jsc#PED-10419). - ice: extend dump serdes equalizer values feature (jsc#PED-10419). - ice: rework of dump serdes equalizer values feature (jsc#PED-10419). - ndo_fdb_del: Add a parameter to report whether notification was sent (jsc#PED-10419). - ndo_fdb_add: Add a parameter to report whether notification was sent (jsc#PED-10428). - octeontx2-pf: Fix spelling mistake "reprentator" -> "representor" (jsc#PED-11317). - bnxt_en: optimize gettimex64 (jsc#PED-10684 jsc#PED-11230). - net: ethtool: only allow set_rxnfc with rss + ring_cookie if driver opts in (jsc#PED-11366). - octeontx2-pf: Adds TC offload support (jsc#PED-11317). - octeontx2-pf: Implement offload stats ndo for representors (jsc#PED-11317). - octeontx2-pf: Add devlink port support (jsc#PED-11317). - octeontx2-pf: Add representors for sdp MAC (jsc#PED-11317). - octeontx2-pf: Configure VF mtu via representor (jsc#PED-11317). - octeontx2-pf: Add support to sync link state between representor and VFs (jsc#PED-11317). - octeontx2-pf: Get VF stats via representor (jsc#PED-11317). - octeontx2-af: Add packet path between representor and VF (jsc#PED-11317). - octeontx2-pf: Add basic net_device_ops (jsc#PED-11317). - octeontx2-pf: Create representor netdev (jsc#PED-11317). - eth: bnxt: use page pool for head frags (jsc#PED-10684 jsc#PED-11230). - net/mlx5e: SHAMPO, Rework header allocation loop (jsc#PED-11331). - net/mlx5e: SHAMPO, Drop info array (jsc#PED-11331). - net/mlx5e: SHAMPO, Change frag page setup order during allocation (jsc#PED-11331). - net/mlx5e: SHAMPO, Fix page_index calculation inconsistency (jsc#PED-11331). - net/mlx5e: SHAMPO, Simplify UMR allocation for headers (jsc#PED-11331). - net/mlx5: Make vport QoS enablement more flexible for future extensions (jsc#PED-11331). - net/mlx5: Integrate esw_qos_vport_enable logic into rate operations (jsc#PED-11331). - net/mlx5: Generalize scheduling element operations (jsc#PED-11331). - net/mlx5: Refactor scheduling element configuration bitmasks (jsc#PED-11331). - net/mlx5: Generalize max_rate and min_rate setting for nodes (jsc#PED-11331). - net/mlx5: Simplify QoS normalization by removing error handling (jsc#PED-11331). - net/mlx5: E-switch, refactor eswitch mode change (jsc#PED-11331). - bnxt_en: add unlocked version of bnxt_refclk_read (jsc#PED-10684 jsc#PED-11230). - net: atlantic: use irq_update_affinity_hint() (jsc#PED-11287). - bnxt_en: use irq_update_affinity_hint() (jsc#PED-10684 jsc#PED-11230). - octeontx2-af: Knobs for NPC default rule counters (jsc#PED-11317). - octeontx2-af: Refactor few NPC mcam APIs (jsc#PED-11317). - mlx5/core: deduplicate {mlx5_,}eq_update_ci() (jsc#PED-11331). - mlx5/core: relax memory barrier in eq_update_ci() (jsc#PED-11331). - bridge: Allow deleting FDB entries with non-existent VLAN (jsc#PED-10419). - mlx5/core: Schedule EQ comp tasklet only if necessary (jsc#PED-11331). - net: sfc: use ethtool string helpers (jsc#PED-11366). - net: bnx2x: use ethtool string helpers (jsc#PED-10901 jsc#PED-11308). - bnxt_en: ethtool: Support unset l4proto on ip4/ip6 ntuple rules (jsc#PED-10684 jsc#PED-11230). - bnxt_en: ethtool: Remove ip4/ip6 ntuple support for IPPROTO_RAW (jsc#PED-10684 jsc#PED-11230). - sfc: Remove more unused functions (jsc#PED-11366). - sfc: Remove unused mcdi functions (jsc#PED-11366). - sfc: Remove unused efx_mae_mport_vf (jsc#PED-11366). - sfc: Remove falcon deadcode (jsc#PED-11366). - bnxt_en: replace PTP spinlock with seqlock (jsc#PED-10684 jsc#PED-11230). - bnxt_en: cache only 24 bits of hw counter (jsc#PED-10684 jsc#PED-11230). - mlx5_en: use read sequence for gettimex64 (jsc#PED-11331). - net/mlx5e: do not create xdp_redirect for non-uplink rep (jsc#PED-11331). - net/mlx5e: move XDP_REDIRECT sq to dynamic allocation (jsc#PED-11331). - net/mlx5: HWS, renamed the files in accordance with naming convention (jsc#PED-11331). - net/mlx5: DR, moved all the SWS code into a separate directory (jsc#PED-11331). - net/mlx5: Rework esw qos domain init and cleanup (jsc#PED-11331). - dim: pass dim_sample to net_dim() by reference (jsc#PED-10581). - dim: make dim_calc_stats() inputs const pointers (jsc#PED-11331). - net: bnxt: use ethtool string helpers (jsc#PED-10684 jsc#PED-11230). - net/mlx5: DPLL, Add clock quality level op implementation (jsc#PED-11331). - dpll: add clock quality level attribute and op (jsc#PED-11331). - octeontx2-pf: Move shared APIs to header file (jsc#PED-11317). - octeontx2-pf: Reuse PF max mtu value (jsc#PED-11317). - octeontx2-pf: Add new APIs for queue memory alloc/free (jsc#PED-11317). - octeontx2-pf: Define common API for HW resources configuration (jsc#PED-11317). - net: qlogic: use ethtool string helpers (jsc#PED-9648 jsc#PED-11293). - net: marvell: use ethtool string helpers (jsc#PED-11317). - mlx5: simplify EQ interrupt polling logic (jsc#PED-11331). - mlx5: fix typo in "mlx5_cqwq_get_cqe_enahnced_comp" (jsc#PED-11331). - ibmvnic: use ethtool string helpers (jsc#PED_10911 jsc#PED-3606). - net/mlx5e: Update features on ring size change (jsc#PED-11331). - net/mlx5e: Update features on MTU change (jsc#PED-11331). - vsock: do not leave dangling sk pointer in vsock_create() (jsc#PED-11028). - net/mlx5: unique names for per device caches (jsc#PED-11331). - net: atlantic: support reading SFP module info (jsc#PED-11287). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (jsc#PED-11317). - octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (jsc#PED-11317). - virtchnl: fix m68k build (jsc#PED-10423). - net/mlx5: fs, rename modify header struct member action (jsc#PED-11331). - net/mlx5: fs, rename packet reformat struct member action (jsc#PED-11331). - net/mlx5: Only create VEPA flow table when in VEPA mode (jsc#PED-11331). - net/mlx5: Add sync reset drop mode support (jsc#PED-11331). - net/mlx5: Generalize QoS operations for nodes and vports (jsc#PED-11331). - net/mlx5: Simplify QoS scheduling element configuration (jsc#PED-11331). - net/mlx5: Remove vport QoS enabled flag (jsc#PED-11331). - net/mlx5: Refactor vport QoS to use scheduling node structure (jsc#PED-11331). - net/mlx5: Refactor vport scheduling element creation function (jsc#PED-11331). - net/mlx5: Introduce node struct and rename group terminology to node (jsc#PED-11331). - net/mlx5: Rename vport QoS group reference to parent (jsc#PED-11331). - net/mlx5: Restrict domain list insertion to root TSAR ancestors (jsc#PED-11331). - net/mlx5: Add parent group support in rate group structure (jsc#PED-11331). - net/mlx5: Introduce node type to rate group structure (jsc#PED-11331). - net/mlx5: Refactor QoS group scheduling element creation (jsc#PED-11331). - eth: Fix typo 'accelaration'. 'exprienced' and 'rewritting' (jsc#PED-3526 jsc#PED-11226). - tg3: Increase buffer size for IRQ label (jsc#PED-3526 jsc#PED-11226). - mlx4: Add support for persistent NAPI config to RX CQs (jsc#PED-10418 jsc#PED11336). - mlx5: Add support for persistent NAPI config (jsc#PED-11331). - bnxt: Add support for persistent NAPI config (jsc#PED-10684 jsc#PED-11230). - net: napi: Add napi_config (jsc#PED-10419). - net: napi: Make gro_flush_timeout per-NAPI (jsc#PED-10419). - net: napi: Make napi_defer_hard_irqs per-NAPI (jsc#PED-10419). - tg3: Address byte-order miss-matches (jsc#PED-3526 jsc#PED-11226). - tg3: Link queues to NAPIs (jsc#PED-3526 jsc#PED-11226). - tg3: Link IRQs to NAPI instances (jsc#PED-3526 jsc#PED-11226). - iavf: add support to exchange qos capabilities (jsc#PED-10423). - iavf: Add net_shaper_ops support (jsc#PED-10423). - ice: Support VF queue rate limit and quanta size configuration (jsc#PED-10419). - virtchnl: support queue rate limit and quanta size configuration (jsc#PED-10419). - net-shapers: implement cap validation in the core (jsc#PED-10419). - net: shaper: implement introspection support (jsc#PED-10419). - netlink: spec: add shaper introspection support (jsc#PED-10419). - net-shapers: implement shaper cleanup on queue deletion (jsc#PED-10419). - net-shapers: implement delete support for NODE scope shaper (jsc#PED-10419). - net-shapers: implement NL group operation (jsc#PED-10419). - net-shapers: implement NL set and delete operations (jsc#PED-10419). - net-shapers: implement NL get operation (jsc#PED-10419). - netlink: spec: add shaper YAML spec (jsc#PED-10419). - genetlink: extend info user-storage to match NL cb ctx (jsc#PED-10419). - net/mlx5: Add support check for TSAR types in QoS scheduling (jsc#PED-11331). - net/mlx5: Unify QoS element type checks across NIC and E-Switch (jsc#PED-11331). - net/mlx5: qos: Refactor locking to a qos domain mutex (jsc#PED-11331). - net/mlx5: qos: Store rate groups in a qos domain (jsc#PED-11331). - net/mlx5: qos: Rename rate group 'list' as 'parent_entry' (jsc#PED-11331). - net/mlx5: qos: Add an explicit 'dev' to vport trace calls (jsc#PED-11331). - net/mlx5: qos: Store the eswitch in a mlx5_esw_rate_group (jsc#PED-11331). - net/mlx5: qos: Drop 'esw' param from vport qos functions (jsc#PED-11331). - net/mlx5: qos: Always create group0 (jsc#PED-11331). - net/mlx5: qos: Maintain rate group vport members in a list (jsc#PED-11331). - net/mlx5: qos: Refactor and document bw_share calculation (jsc#PED-11331). - net/mlx5: qos: Consistently name vport vars as 'vport' (jsc#PED-11331). - net/mlx5: qos: Rename vport 'tsar' into 'sched_elem' (jsc#PED-11331). - net/mlx5: qos: Flesh out element_attributes in mlx5_ifc.h (jsc#PED-11331). - e1000: Link NAPI instances to queues and IRQs (jsc#PED-10422). - e1000e: Link NAPI instances to queues and IRQs (jsc#PED-10420). - e1000e: Remove duplicated writel() in e1000_configure_tx/rx() (jsc#PED-10420). - igb: Cleanup unused declarations (jsc#PED-10426 jsc#PED-10425). - iavf: Remove unused declarations (jsc#PED-10423). - ice: Cleanup unused declarations (jsc#PED-10419). - ice: Use common error handling code in two functions (jsc#PED-10419). - ice: Make use of assign_bit() API (jsc#PED-10419). - ice: store max_frame and rx_buf_len only in ice_rx_ring (jsc#PED-10419). - ice: consistently use q_idx in ice_vc_cfg_qs_msg() (jsc#PED-10419). - ice: add E830 HW VF mailbox message limit support (jsc#PED-10419). - ice: Implement ethtool reset support (jsc#PED-10419). - doc: net: Fix .rst rendering of net_cachelines pages (jsc#PED-10419). - idpf: Don't hard code napi_struct size (jsc#PED-10581). - vmxnet3: support higher link speeds from vmxnet3 v9 (jsc#PED-11024). - ipv4: remove fib_info_devhash (jsc#PED-10419). - ipv4: remove fib_info_lock (jsc#PED-10419). - ipv4: use rcu in ip_fib_check_default() (jsc#PED-10419). - ipv4: remove fib_devindex_hashfn() (jsc#PED-10419). - sfc: add per-queue RX bytes stats (jsc#PED-11366). - sfc: implement per-queue TSO (hw_gso) stats (jsc#PED-11366). - sfc: implement per-queue rx drop and overrun stats (jsc#PED-11366). - sfc: account XDP TXes in netdev base stats (jsc#PED-11366). - sfc: add n_rx_overlength to ethtool stats (jsc#PED-11366). - sfc: implement basic per-queue stats (jsc#PED-11366). - sfc: remove obsolete counters from struct efx_channel (jsc#PED-11366). - net: add IFLA_MAX_PACING_OFFLOAD_HORIZON device attribute (jsc#PED-10419). - ice: Drop auxbus use for PTP to finalize ice_adapter move (jsc#PED-10419). - ice: Use ice_adapter for PTP shared data instead of auxdev (jsc#PED-10419). - ice: Initial support for E825C hardware in ice_adapter (jsc#PED-10419). - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (jsc#PED-10419). - ice: Introduce ice_get_phy_model() wrapper (jsc#PED-10419). - ice: Enable 1PPS out from CGU for E825C products (jsc#PED-10419). - ice: Read SDP section from NVM for pin definitions (jsc#PED-10419). - ice: Disable shared pin on E810 on setfunc (jsc#PED-10419). - ice: Cache perout/extts requests and check flags (jsc#PED-10419). - ice: Align E810T GPIO to other products (jsc#PED-10419). - ice: Add SDPs support for E825C (jsc#PED-10419). - ice: Implement ice_ptp_pin_desc (jsc#PED-10419). - net/mlx5: hw counters: Remove mlx5_fc_create_ex (jsc#PED-11331). - net/mlx5: hw counters: Don't maintain a counter count (jsc#PED-11331). - net/mlx5: hw counters: Drop unneeded cacheline alignment (jsc#PED-11331). - net/mlx5: hw counters: Replace IDR+lists with xarray (jsc#PED-11331). - net/mlx5: hw counters: Use kvmalloc for bulk query buffer (jsc#PED-11331). - net/mlx5: hw counters: Make fc_stats & fc_pool private (jsc#PED-11331). - octeontx2-af: Change block parameter to const pointer in get_lf_str_list (jsc#PED-11317). - qed: put cond_resched() in qed_dmae_operation_wait() (jsc#PED-9648 jsc#PED-11293). - qed: allow the callee of qed_mcp_nvm_read() to sleep (jsc#PED-9648 jsc#PED-11293). - qed: put cond_resched() in qed_grc_dump_ctx_data() (jsc#PED-9648 jsc#PED-11293). - qed: make 'ethtool -d' 10 times faster (jsc#PED-9648 jsc#PED-11293). - ibmvnic: Add stat for tx direct vs tx batched (jsc#PED_10911 jsc#PED-3606). - ipv4: avoid quadratic behavior in FIB insertion of common address (jsc#PED-10419). - commit affc8ea - pmdomain: core: add dummy release function to genpd device (git-fixes). - commit a551144 - drm/amdgpu: rework resume handling for display (v2) (stable-fixes). - commit b4013fc - dmaengine: loongson2-apb: Change GENMASK to GENMASK_ULL (git-fixes). - commit 6fbbd7d - drm/xe: Move the coredump registration to the worker thread (git-fixes). - commit 2b22b2b - drm/xe: Take PM ref in delayed snapshot capture worker (git-fixes). - commit e6eb1c2 - wifi: iwlwifi: be less noisy if the NIC is dead in S3 (bsc#1012628). - commit 636dbb8 - ASoC: dt-bindings: realtek,rt5645: Fix CPVDD voltage comment (git-fixes). - commit 08e9225 - media: ipu6: use the IPU6 DMA mapping APIs to do mapping (stable-fixes). - commit 43b4f15 - drm/amd/display: Add option to retrieve detile buffer size (stable-fixes). - commit acb618b - pinctrl: freescale: fix COMPILE_TEST error with PINCTRL_IMX_SCU (stable-fixes). - commit e5efdb1 - drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout (stable-fixes). - commit f607e51 - pmdomain: imx: gpcv2: Adjust delay after power up handshake (git-fixes). - commit ef0da9b - pmdomain: core: Fix error path in pm_genpd_init() when ida alloc fails (git-fixes). - pmdomain: core: Add missing put_device() (git-fixes). - commit cd9a63e - spmi: pmic-arb: fix return path in for_each_available_child_of_node() (git-fixes). - commit 550e3b3 - usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes). - commit cabee38 - MAINTAINERS: update location of media main tree (stable-fixes). - commit 6ee41d4 - net: rfkill: gpio: Add check for clk_enable() (git-fixes). - commit 5bd30ef - drm: fsl-dcu: enable PIXCLK on LS1021A (git-fixes). - commit 4a514d1 - drm/vc4: Introduce generation number enum (stable-fixes). - Refresh patches.suse/drm-vc4-Match-drm_dev_enter-and-exit-calls-in-vc4_hv-cf1c87d.patch. - commit afddd1c - drm/vc4: Correct generation check in vc4_hvs_lut_load (git-fixes). - commit ce18613 - ASoC: dt-bindings: mt6359: Update generic node name and dmic-mode (git-fixes). - commit d641daf - thermal/lib: Fix memory leak on error in thermal_genl_auto() (git-fixes). - tools/lib/thermal: Make more generic the command encoding function (stable-fixes). - commit d312e68 - configs: Enable CONFIG_PAGE_POISONING (jsc#PED-11843) Page poisoning must still be enabled by kernel command line page_poison=on. - commit 0bc6079 - x86/static-call: fix 32-bit build (git-fixes). - commit 05b1f89 - zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974 CVE-2024-53222). - commit d85c3b1 ++++ s390-tools: - Applied a patch for '--(enable|disable)-image-encryption' flags for 'pvimg create' (jsc#PED-11870) * s390-tools-03-rust-pvimg-Add-enable-disable-image-encryption-flags-to-pvimg-create.patch ++++ libgcrypt: - Fix redefinition error of 'rol64'. Remove not used rol64() definition after removing the built-in jitter rng. * Add libgcrypt-rol64-redefinition.patch ++++ patterns-gnome: - Drop yast on Leap 16.0 code-o-o#leap/features/173 ++++ patterns-kde: - Drop yast on Leap 16.0 code-o-o#leap/features/173 ++++ seamonkey: - update to SeaMonkey 2.53.20 * Use Services.focus for bookmarking from mailnews in SeaMonkey bug 1925033. * Replace the Bookmark Manager with the Firefox Library in SeaMonkey: Another followup bug bug 1932731. * Port bug 1458385 - Update SeaMonkey's confvars.sh bug 1913633. * Tidy up channels code in cZ bug 1920565. * Sometimes tag data from an IRC server doesn't contain a pair bug 1923211. * Fix call to updateUsers in network onAway in cZbug 1923213. * Remove unused XTLabelRecord from tree-utils.js in cZbug 1923215. * Remove unused code from connection-xpcom.js in cZbug 1923219. * Remove unusued code from utils.js in cZbug 1923221. * Switch from using arrayContains helper to using JS Array includes method in cZ bug 1923224. * Switch from using arrayIndexOf helper to using JS Array includes and indexOf methods in cZ bug 1923225. * Switch from using arrayRemoveAt and arrayInsertAt helpers to using JS Array splice and unshift methods in cZbug 1923227. * Switch from using stringTrim helper to using JS string trim method in cZ bug 1923229. * Inline newObject function in cZ bug 1924338. * Remove getWindowByType function from cZ bug 1924586. * Inline viewCert function in cZ bug 1924587. * Remove getSpecialDirectory function and use Services.dirsvc in cZ bug 1924588. * Remove getNSSErrorClass function and tidy up NSS related code in cZ bug 1924589. * Tidy message manager code in cZ bug 1924592. * Remove getService helper and tidy up code around its callers in cZ bug 1924595. * Remove use of NSGetModule in cZ bug 1925871. * Tidy up chatzilla-service.js bug 1926406. * Use Intl.DateTimeFormat in cZ's strftime function bug 1927348. * Remove unused code from pref-manager.js in cZ bug 1927370. * Use Services.scriptloader in cZ bug 1927374. * Use more Services in cZ bug 1927376. * Tidy up some Components.* code in static.js in cZ bug 1927377. * Switch to using listbox instead of tree for cZ chat window bug 1927582. * Away status isn't reflected correctly in channel userlist in cZ bug 1928749. * Fix too much recursion and missing variable in cmdSave in cZ bug 1930391. * Replace confirm helper with Services.prompt.confirm in cZ bug 1930396. * Use Services.prompt in confirmEx, prompt and promptPassword helpers in cZ bug 1930540. * Use Services.prompt.alert and remove alert helper in cZ bug 1931705. * Simplify getListFIle in cZ bug 1931707. * Remove various const from file-utils.js in cZ bug 1931708. * Remove unused 2nd argument from mkdir helper in file-utils.js in cZ bug 1931709. * Use LocalFile directly rather via helper fopen in cZ bug 1931710. * Tidy up picker code in file-utils.js in cZ bug 1931712. * Remove unnecessary type attributes in cZ bug 1933043. * Clean up Components usage in cZ bug 1933081. * Remove unused encodeForXMLAttribute function for cZ utils.js bug 1933083. * Move renameProperty helper into lib/irc.js for cZ bug 1933084. * Move formatDateOffset helper into handlers.js in cZ bug 1933085. * Move objectContains helper into command-manager.js in cZ bug 1933086. * Move splitLongWord helper into mungers.js in cZ bug 1933087. * Move randomString helper into commands.js in cZ bug 1933089. * Move Clone helper into commands.js in cZ bug 1933090. * Move equalsObject helper into channels.js in cZ bug 1933092. * Move matchEntry helper into static.js in cZ bug 1933093. * Move getCommonPfx helper to handlers.js in cZ bug 1933342. * Remove some code duplication in getSISize and getSISpeed helpers and improve coding in scaleNumbersBy1024 in cZ bug 1933346. * UI: Link for download of Themes leads to Themes for Thunderbird bug 1656564. * Add ESR 128 links to debugQA bug 1909855. * Port changes needed from |Bug 1476333 - Consolidate the ways that we reference "browser.xul" across the tree| to SeaMonkey bug 1911841. * Switch from boxObject to getBoundingClientRect in utilityOverlay bug 1911844. * Align the SeaMonkey switchToTabHavingURI() call syntax with Firefox and toolkit bug 1925037. * Empty out SeaMonkey's removed-files.in (port bug 1392913) bug 1913579. * Update SeaMonkey installer to register as handler for media types bug 1925023. * Remove obsolete chat services from SeaMonkey address book part2 bug 1909853. * Add UI for browser.display.prefers_color_scheme to the SeaMonkey colors prefpane bug 1909743. * Update SeaMonkey wikipedia icon bug 1925021. * Show specific placeholders for bookmarks and history in SeaMonkey sidebar search bug 1925025. * Adjust dragOver method of tabbrowser.xml to be closer to Firefox version bug 1911845. * Avoid boxObject where appropriate in tabbrowser bug 1911847. * Simplify tab drop indicator code and styling bug 1911848. * SeaMonkey 2.53.20 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.20 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.8.0 release notes for specific security fixes in this release. * Additional important security fixes up to Current Firefox 115.19 and Thunderbird 115.19 ESR plus many enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. - Adapt seamonkey-man-page.patch for SeaMonkey 2.53.20 - Adapt seamonkey-GNUmakefile to set MOZBUILD_STATE_PATH and to fix post-configure stamping per https://bugzilla.mozilla.org/show_bug.cgi?id=1692516#c13 - Update minimum build requirements for SeaMonkey 2.53.20 - Remove .mozconfig options no longer recognized in SeaMonkey 2.53.20 - request inclusion in Leap 15.6: https://bugzilla.opensuse.org/show_bug.cgi?id=1235392 ++++ x3270: - Upgrade x3270 to version 4.3.ga10 (bsc#1234758) - Release Notes/suite3270/4.3ga10 * https://x3270.miraheze.org/wiki/Release_Notes/suite3270/4.3ga10 ------------------------------------------------------------------ ------------------ 2025-1-6 - Jan 6 2025 ------------------- ------------------------------------------------------------------ ++++ agama-products: - SLES for SAP Application product: Change product description. (bsc#1235023) ++++ apache2: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ apache2-devel: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ apache2-event: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ apache2-manual: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ apache2-prefork: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ apache2-utils: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ apache2-worker: - Update to 2.4.62 (jsc#PED-11927). - Update test suite to svn1921782. - Remove unneeded patches, they've all been merged upstream and are part of the 2.4.62 release. * apache2-CVE-2023-38709.patch * apache2-CVE-2024-24795.patch * apache2-CVE-2024-27316.patch * apache2-CVE-2024-36387.patch * apache2-CVE-2024-38473-1.patch * apache2-CVE-2024-38473-2.patch * apache2-CVE-2024-38473-3.patch * apache2-CVE-2024-38473-4.patch * apache2-CVE-2024-38474.patch * apache2-CVE-2024-38475-1.patch * apache2-CVE-2024-38475-2.patch * apache2-CVE-2024-38475-3.patch * apache2-CVE-2024-38476-1.patch * apache2-CVE-2024-38476-10.patch * apache2-CVE-2024-38476-11.patch * apache2-CVE-2024-38476-2.patch * apache2-CVE-2024-38476-3.patch * apache2-CVE-2024-38476-4.patch * apache2-CVE-2024-38476-5.patch * apache2-CVE-2024-38476-6.patch * apache2-CVE-2024-38476-7.patch * apache2-CVE-2024-38476-8.patch * apache2-CVE-2024-38476-9.patch * apache2-CVE-2024-38477.patch * apache2-CVE-2024-39573.patch * apache2-CVE-2024-39884.patch * apache2-CVE-2024-40725.patch * apache2-fips-compatibility-01.patch * apache2-fips-compatibility-02.patch * apache2-fips-compatibility-03.patch * apache2-issue-444.patch - Changes from 2.4.62: * Applied trunk fix r1919860 which is proposed for backport, see UNCList config errors. * SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. * SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. * mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. * mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 * mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. * mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. * mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. * mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. - Changes from 2.4.61: * SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue. - Changes from 2.4.60: * SECURITY: CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution (cve.mitre.org) Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. * SECURITY: CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (cve.mitre.org) null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. * SECURITY: CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (cve.mitre.org) Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Note: Some legacy uses of the 'AddType' directive to connect a request to a handler must be ported to 'AddHandler' after this fix. * SECURITY: CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (cve.mitre.org) Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. * SECURITY: CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences (cve.mitre.org) Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Note: Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. * SECURITY: CVE-2024-38473: Apache HTTP Server proxy encoding problem (cve.mitre.org) Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. * SECURITY: CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF (cve.mitre.org) SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content. Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. * SECURITY: CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (cve.mitre.org) Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. * mod_proxy: Fix DNS requests and connections closed before the configured addressTTL. BZ 69126. * core: On Linux, log the real thread ID in error logs. * core: Support zone/scope in IPv6 link-local addresses in Listen and VirtualHost directives (requires APR 1.7.x or later). PR 59396 * mod_ssl: Reject client-initiated renegotiation with a TLS alert (rather than connection closure). * Updated mime.types. * mod_ssl: Fix a regression that causes the default DH parameters for a key no longer set and thus effectively disabling DH ciphers when no explicit DH parameters are set. PR 68863 * mod_cgid: Optional support for file descriptor passing, fixing error log handling (configure --enable-cgid-fdpassing) on Unix platforms. PR 54221. * mod_cgid/mod_cgi: Distinguish script stderr output clearly in error logs. PR 61980. * mod_tls: update version of rustls-ffi to v0.13.0. * mod_md: - Using OCSP stapling information to trigger certificate renewals. - Added directive `MDCheckInterval` to control how often the server checks for detected revocations. Added proposals for configurations in the README.md chapter "Revocations". - OCSP stapling: accept OCSP responses without a `nextUpdate` entry which is allowed in RFC 6960. Treat those as having an update interval of 12 hours. - Adapt OpenSSL usage to changes in their API. - Changes from 2.4.59: * SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames (cve.mitre.org) HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. * SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules (cve.mitre.org) HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. * SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response splitting (cve.mitre.org) Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * mod_deflate: Fixes and better logging for handling various error and edge cases. * Add CGIScriptTimeout to mod_cgi. * mod_xml2enc: Tolerate libxml2 2.12.0 and later. PR 68610 * mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable. * mod_ssl: Use OpenSSL-standard functions to assemble CA name lists for SSLCACertificatePath/SSLCADNRequestPath. Names will now be consistently sorted. PR 61574. * mod_xml2enc: Update check to accept any text/ media type or any XML media type per RFC 7303, avoiding corruption of Microsoft OOXML formats. PR 64339. * mod_http2: v2.0.26 with the following fixes: - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes https://github.com/icing/mod_h2/issues/272 . - Fixed small memory leak in h2 header bucket free. * htcacheclean: In -a/-A mode, list all files per subdirectory rather than only one. PR 65091. * mod_ssl: SSLProxyMachineCertificateFile/Path may reference files which include CA certificates; those CA certs are treated as if configured with SSLProxyMachineCertificateChainFile. * htpasswd, htdbm, dbmmanage: Update help&docs to refer to "hashing", rather than "encrypting" passwords. * mod_ssl: Fix build with LibreSSL 2.0.7+. PR 64047. * htpasswd: Add support for passwords using SHA-2. * core: Allow mod_env to override system environment vars. * Allow mod_dav_fs to tolerate race conditions between PROPFIND and an operation which removes a directory/file between apr_dir_read() and apr_stat(). Current behaviour is to abort the connection which seems inferior to tolerating (and logging) the error. * mod_ldap: HTML-escape data in the ldap-status handler. * mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set. Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available, notably with OpenSSL >= 3. PR 68080. * mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice). * mod_ssl: release memory to the OS when needed. * mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when some dollar substitution (backreference) happens in the hostname or port part of the URL. * mod_proxy: Allow to set a TTL for how long DNS resolutions to backend systems are cached. * mod_proxy: Add optional third argument for ProxyRemote, which configures Basic authentication credentials to pass to the remote proxy. PR 37355. ++++ cloud-init: - Add cloud-init-wait-for-net.patch (bsc#1227237) + Wait for udev once if we cannot find the expected MAC ++++ kernel-64kb: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-default: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ dtb-aarch64: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ iptables: - Add iptables-1.8.9-fix-checking-existence-of-rule.patch * Fixes checking existence of rules. Fixes issues with rule creation with podman/netavark. (bsc#1235088, bsc#1234996) ++++ kernel-debug: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-source: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-docs: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-kvmsmall: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-obs-build: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-obs-qa: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-syms: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ++++ kernel-zfcpdump: - mm/slub: Avoid list corruption when removing a slab from the full list (CVE-2024-56566 bsc#1235033). - commit ab1309f - x86/cacheinfo: Delete global num_cache_leaves (jsc#PED-10467). - commit b0f961c - cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (jsc#PED-10467). - commit 948fe91 - nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216 bsc#1235003). - SUNRPC: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - nfsd: no need get cache ref when protected by rcu (CVE-2024-53216 bsc#1235003). - SUNRPC: introduce cache_check_rcu to help check in rcu context (CVE-2024-53216 bsc#1235003). - commit 1400ad6 - blacklist.conf: - Delete patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch. This was reverted upstream. There is a better fix. - commit 3a96ba3 ------------------------------------------------------------------ ------------------ 2025-1-5 - Jan 5 2025 ------------------- ------------------------------------------------------------------ ++++ GeoLite2: - Downgraded to 2024.10.25 * Returned Russian and Crimean IPs deleted in later versions. ------------------------------------------------------------------ ------------------ 2025-1-4 - Jan 4 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-default: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ dtb-aarch64: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-debug: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-source: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-docs: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-kvmsmall: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-obs-build: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-obs-qa: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-syms: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ++++ kernel-zfcpdump: - ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes). - ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes). - commit c470d47 - selftests: net: local_termination: require mausezahn (git-fixes). - wifi: cw1200: Fix potential NULL dereference (git-fixes). - wifi: iwlwifi: mvm: Fix __counted_by usage in cfg80211_wowlan_nd_* (git-fixes). - wifi: iwlwifi: fix CRF name for Bz (git-fixes). - net: phy: micrel: Dynamically control external clock of KSZ PHY (git-fixes). - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes). - ALSA: seq: Check UMP support for midi_version change (git-fixes). - Revert "ALSA: ump: Don't enumeration invalid groups for legacy rawmidi" (stable-fixes). - ALSA: hda/tas2781: Ignore SUBSYS_ID not found for tas2563 projects (git-fixes). - ALSA: usb-audio: US16x08: Initialize array before use (git-fixes). - drm: adv7511: Drop dsi single lane support (git-fixes). - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes). - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes). - drm/i915/dg1: Fix power gate sequence (git-fixes). - drm/i915/cx0_phy: Fix C10 pll programming sequence (git-fixes). - drm/xe: Fix fault on fd close after unbind (git-fixes). - drm/xe/pf: Use correct function to check LMEM provisioning (git-fixes). - drm/xe: Wait for migration job before unmapping pages (git-fixes). - drm/xe: Use non-interruptible wait when moving BO to system (git-fixes). - drm/xe: Revert some changes that break a mesa debug tool (git-fixes). - drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes). - commit 40c61fe ------------------------------------------------------------------ ------------------ 2025-1-3 - Jan 3 2025 ------------------- ------------------------------------------------------------------ ++++ amazon-dracut-config: - Update to 0.0.3 + Add provides and conflicts on generic name dracut-instance-change-config - Update to 0.0.2 + Rename config for nvme for consistency + Add dracut build requirement ++++ kernel-64kb: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-default: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ dtb-aarch64: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ google-dracut-config: - Update to 0.0.3 + Add provides and conflicts on generic name dracut-instance-change-config - Update to 0.0.2 + Rename config for nvme for consistency + Add dracut build requirement + Add virtio_net, virtio_rng and idpf drivers ++++ kernel-debug: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-source: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-docs: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-kvmsmall: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-obs-build: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-obs-qa: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-syms: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ kernel-zfcpdump: - virtiofs: use pages instead of pointer for kernel direct IO (CVE-2024-53219 bsc#1235010). - netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (CVE-2024-56755 bsc#1234920). - cachefiles: Fix NULL pointer dereference in object->file (CVE-2024-56549 bsc#1234912). - commit 6497a18 - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (stable-fixes). - Refresh patches.suse/Bluetooth-btmtk-adjust-the-position-to-init-iso-data.patch. - commit 53f7776 - mmc: sdhci-msm: fix crypto key eviction (git-fixes). - ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes). - regmap: Use correct format specifier for logging range errors (stable-fixes). - spi: omap2-mcspi: Fix the IS_ERR() bug for devm_clk_get_optional_enabled() (stable-fixes). - spi: intel: Add Panther Lake SPI controller support (stable-fixes). - watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (stable-fixes). - watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes). - watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (stable-fixes). - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes). - Bluetooth: btusb: mediatek: change the conditions for ISO interface (stable-fixes). - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes). - Bluetooth: btusb: mediatek: move Bluetooth power off command position (stable-fixes). - commit ae01e54 ++++ openjpeg2: - security update - added patches fix CVE-2024-56826 [bsc#1235029], heap buffer overflow in bin/common/color.c + openjpeg2-CVE-2024-56826.patch ++++ microsoft-dracut-config: - Update to 0.0.3 + Add provides and conflicts on generic name dracut-instance-change-config - Update to 0.0.2 + Rename config for nvme for consistency + Add dracut build requirement ++++ tomcat: - Update to Tomcat 9.0.98 * Fixed CVEs: + CVE-2024-54677: DoS in examples web application (bsc#1233434) + CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation (bsc#1234663) * Catalina + Add: Add option to serve resources from subpath only with WebDAV Servlet like with DefaultServlet. (michaelo) + Fix: Add special handling for the protocols attribute of SSLHostConfig in storeconfig. (remm) + Fix: 69442: Fix case sensitive check on content-type when parsing request parameters. (remm) + Code: Refactor duplicate code for extracting media type and subtype from content-type into a single method. (markt) + Fix: Compatibility of generated embedded code with components where constructors or property related methods throw a checked exception. (remm) + Fix: The previous fix for inconsistent resource metadata during concurrent reads and writes was incomplete. (markt) + Fix: 69444: Ensure that the javax.servlet.error.message request attribute is set when an application defined error page is called. (markt) + Fix: Avoid quotes for numeric values in the JSON generated by the status servlet. (remm) + Add: Add strong ETag support for the WebDAV and default servlet, which can be enabled by using the useStrongETags init parameter with a value set to true. The ETag generated will be a SHA-1 checksum of the resource content. (remm) + Fix: Use client locale for directory listings. (remm) + Fix: 69439: Improve the handling of multiple Cache-Control headers in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) + Fix: 69447: Update the support for caching classes the web application class loader cannot find to take account of classes loaded from external repositories. Prior to this fix, these classes could be incorrectly marked as not found. (markt) + Fix: 69466: Rework handling of HEAD requests. Headers explicitly set by users will not be removed and any header present in a HEAD request will also be present in the equivalent GET request. There may be some headers, as per RFC 9110, section 9.3.2, that are present in a GET request that are not present in the equivalent HEAD request. (markt) + Fix: 69471: Log instances of CloseNowException caught by ApplicationDispatcher.invoke() at debug level rather than error level as they are very likely to have been caused by a client disconnection or similar I/O issue. (markt) + Add: Add a test case for the fix for 69442. Also refactor references to application/x-www-form-urlencoded. Based on pull request #779 by Chenjp. (markt) + Fix: 69476: Catch possible ISE when trying to report PUT failure in the DefaultServlet. (remm) + Add: Add support for RateLimit header fields for HTTP (draft) in the RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) + Add: #787: Add regression tests for 69478. Pull request provided by Thomas Krisch. (markt) + Fix: The default servlet now rejects HTTP range requests when two or more of the requested ranges overlap. Based on pull request #782 provided by Chenjp. (markt) + Fix: Enhance Content-Range verification for partial PUT requests handled by the default servlet. Provided by Chenjp in pull request #778. (markt) + Fix: Harmonize DataSourceStore lookup in the global resources to optionally avoid the comp/env prefix which is usually not used there. (remm) + Fix: As required by RFC 9110, the HTTP Range header will now only be processed for GET requests. Based on pull request #790 provided by Chenjp. (markt) + Fix: Deprecate the useAcceptRanges initialisation parameter for the default servlet. It will be removed in Tomcat 12 onwards where it will effectively be hard coded to true. (markt) + Add: Add DataSource based property storage for the WebdavServlet. (remm) * Coyote + Fix: Align encodedSolidusHandling with the Servlet specification. If the pass-through mode is used, any %25 sequences will now also be passed through to avoid errors and/or corruption when the application decodes the path. (markt) * Jasper + Fix: Further optimise EL evaluation of method parameters. Patch provided by Paolo B. (markt) + Fix: Follow-up to the fix for 69381. Apply the optimisation for method lookup performance in expression language to an additional location. (markt) * Web applications + Fix: Documentation. Remove references to the ResourceParams element. Support for ResourceParams was removed in Tomcat 5.5.x. (markt) + Fix: Documentation. 69477: Correct name of attribute for RemoteIPFilter. The attribute is internalProxies rather than allowedInternalProxies. Pull request #786 provided by Jorge Díaz. (markt) + Fix: Examples. Fix broken links when Servlet Request Info example is called via a URL that includes a pathInfo component. (markt) + Fix: Examples. Expand the obfuscation of session cookie values in the request header example to JSON responses. (markt) + Add: Examples. Add the ability to delete session attributes in the servlet session example. (markt) + Add: Examples. Add a hard coded limit of 10 attributes per session for the servlet session example. (markt) + Add: Examples. Add the ability to delete session attributes and add a hard coded limit of 10 attributes per session for the JSP form authentication example. (markt) + Add: Examples. Limit the shopping cart example to only allow adding the pre-defined items to the cart. (markt) + Fix: Examples. Remove JSP calendar example. (markt) * Other + Fix: 69465: Fix warnings during native image compilation using the Tomcat embedded JARs. (markt) + Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) + Update: Update EasyMock to 5.5.0. (markt) + Update: Update Checkstyle to 10.20.2. (markt) + Update: Update BND to 7.1.0. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Korean translations. (markt) + Add: Improvements to Chinese translations. (markt) + Add: Improvements to Japanese translations by tak7iji. (markt) - Modified patch: * tomcat-9.0-jdt.patch + rediff ++++ tomcat10: - Update to Tomcat 10.1.34 * Fixed CVEs: + CVE-2024-54677: DoS in examples web application (bsc#1233434) + CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation (bsc#1234663) * Catalina + Add: Add option to serve resources from subpath only with WebDAV Servlet like with DefaultServlet. (michaelo) + Fix: Add special handling for the protocols attribute of SSLHostConfig in storeconfig. (remm) + Fix: 69442: Fix case sensitive check on content-type when parsing request parameters. (remm) + Code: Refactor duplicate code for extracting media type and subtype from content-type into a single method. (markt) + Fix: Compatibility of generated embedded code with components where constructors or property related methods throw a checked exception. (remm) + Fix: The previous fix for inconsistent resource metadata during concurrent reads and writes was incomplete. (markt) + Fix: #780: Fix content-range header length. Submitted by Chenjp. (remm) + Fix: 69444: Ensure that the jakarta.servlet.error.message request attribute is set when an application defined error page is called. (markt) + Fix: Avoid quotes for numeric values in the JSON generated by the status servlet. (remm) + Add: Add strong ETag support for the WebDAV and default servlet, which can be enabled by using the useStrongETags init parameter with a value set to true. The ETag generated will be a SHA-1 checksum of the resource content. (remm) + Fix: Use client locale for directory listings. (remm) + Fix: 69439: Improve the handling of multiple Cache-Control headers in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) + Fix: 69447: Update the support for caching classes the web application class loader cannot find to take account of classes loaded from external repositories. Prior to this fix, these classes could be incorrectly marked as not found. (markt) + Fix: 69466: Rework handling of HEAD requests. Headers explicitly set by users will not be removed and any header present in a HEAD request will also be present in the equivalent GET request. There may be some headers, as per RFC 9110, section 9.3.2, that are present in a GET request that are not present in the equivalent HEAD request. (markt) + Fix: 69471: Log instances of CloseNowException caught by ApplicationDispatcher.invoke() at debug level rather than error level as they are very likely to have been caused by a client disconnection or similar I/O issue. (markt) + Add: Add a test case for the fix for 69442. Also refactor references to application/x-www-form-urlencoded. Based on pull request #779 by Chenjp. (markt) + Fix: 69476: Catch possible ISE when trying to report PUT failure in the DefaultServlet. (remm) + Add: Add support for RateLimit header fields for HTTP (draft) in the RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) + Add: #787: Add regression tests for 69478. Pull request provided by Thomas Krisch. (markt) + Fix: The default servlet now rejects HTTP range requests when two or more of the requested ranges overlap. Based on pull request #782 provided by Chenjp. (markt) + Fix: Enhance Content-Range verification for partial PUT requests handled by the default servlet. Provided by Chenjp in pull request #778. (markt) + Fix: Harmonize DataSourceStore lookup in the global resources to optionally avoid the comp/env prefix which is usually not used there. (remm) + Fix: As required by RFC 9110, the HTTP Range header will now only be processed for GET requests. Based on pull request #790 provided by Chenjp. (markt) + Fix: Deprecate the useAcceptRanges initialisation parameter for the default servlet. It will be removed in Tomcat 12 onwards where it will effectively be hard coded to true. (markt) + Add: Add DataSource based property storage for the WebdavServlet. (remm) * Coyote + Fix: Align encodedSolidusHandling with the Servlet specification. If the pass-through mode is used, any %25 sequences will now also be passed through to avoid errors and/or corruption when the application decodes the path. (markt) * Jasper + Fix: Follow-up to the fix for 69381. Apply the optimisation for method lookup performance in expression language to an additional location. (markt) * Web applications + Fix: Documentation. Remove references to the ResourceParams element. Support for ResourceParams was removed in Tomcat 5.5.x. (markt) + Fix: Documentation. 69477: Correct name of attribute for RemoteIPFilter. The attribute is internalProxies rather than allowedInternalProxies. Pull request #786 provided by Jorge Díaz. (markt) + Fix: Examples. Fix broken links when Servlet Request Info example is called via a URL that includes a pathInfo component. (markt) + Fix: Examples. Expand the obfuscation of session cookie values in the request header example to JSON responses. (markt) + Add: Examples. Add the ability to delete session attributes in the servlet session example. (markt) + Add: Examples. Add a hard coded limit of 10 attributes per session for the servlet session example. (markt) + Add: Examples. Add the ability to delete session attributes and add a hard coded limit of 10 attributes per session for the JSP form authentication example. (markt) + Add: Examples. Limit the shopping cart example to only allow adding the pre-defined items to the cart. (markt) + Fix: Examples. Remove JSP calendar example. (markt) * Other + Fix: 69465: Fix warnings during native image compilation using the Tomcat embedded JARs. (markt) + Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) + Update: Update EasyMock to 5.5.0. (markt) + Update: Update Checkstyle to 10.20.2. (markt) + Update: Update BND to 7.1.0. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Korean translations. (markt) + Add: Improvements to Chinese translations. (markt) + Add: Improvements to Japanese translations by tak7iji. (markt) ------------------------------------------------------------------ ------------------ 2025-1-2 - Jan 2 2025 ------------------- ------------------------------------------------------------------ ++++ MozillaFirefox: - Firefox Extended Support Release 128.6.0 ESR * Fixed: Various security fixes. MFSA 2025-02 (bsc#1234991) * CVE-2025-0237 (bmo#1915257) WebChannel APIs susceptible to confused deputy attack * CVE-2025-0238 (bmo#1915535) Use-after-free when breaking lines in text * CVE-2025-0239 (bmo#1929156) Alt-Svc ALPN validation failure when redirected * CVE-2025-0240 (bmo#1929623) Compartment mismatch when parsing JavaScript JSON module * CVE-2025-0241 (bmo#1933023) Memory corruption when using JavaScript Text Segmentation * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 * CVE-2025-0243 (bmo#1827142, bmo#1932783) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 - Firefox Extended Support Release 128.5.2 ESR * Fixed: Fixed a crash experienced by Windows users with Qihoo 360 Total Security Antivirus software installed (bmo#1934258) ++++ kernel-64kb: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-default: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ dtb-aarch64: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-debug: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-source: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-docs: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-kvmsmall: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-obs-build: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-obs-qa: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-syms: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ kernel-zfcpdump: - slab: Fix too strict alignment check in create_cache() (CVE-2024-56560 bsc#1234925). - commit 13fdc6a - EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161 bsc#1234856). - commit 9d9eb76 - supported.conf: externally supported drivers/s390/crypto/pkey_* (jsc#PED-11872) - commit 4f63bae - s390/pci: Expose FIDPARM attribute in sysfs (jsc#PED-11868). - commit 11fe795 ++++ libnettle: - Update to nettle 3.10.1: * Bug fixes: - Fix buffer overread in the new sha256 assembly for powerpc64, as well as a stack alignment issue. - Added missing nettle_mac structs for hmac-gosthash. - Fix configure test for valgrind, to not attempt to run valgrind on executables built using memory sanitizers. * Enable back the gcm regression test: - Remove libnettle-powerpc64-skip-AES-GCM-test.patch * Remove patches upstream: - libnettle-powerpc64-sha256-fix-loading-overreads.patch - libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch - libnettle-powerpc64-remove-m4_unquote-sha256.patch ++++ libxml2: - security update - added patches fix CVE-2024-40896 [bsc#1234812], XXE vulnerability + libxml2-CVE-2024-40896.patch ++++ libxml2-python: - security update - added patches fix CVE-2024-40896 [bsc#1234812], XXE vulnerability + libxml2-CVE-2024-40896.patch ++++ sof-firmware: - update to v2024.09.02: (jsc#PED-9993 jsc#PED-10202) * Updated DSP topology files for SOF2.11.3 ++++ tryton: - Version 6.0.48 - Bugfix Release ++++ trytond: - Version 6.0.57 - Bugfix Release ++++ trytond_account: - Version 6.0.28 - Bugfix Release ++++ trytond_company: - Version 6.0.8 - Bugfix Release ++++ trytond_stock: - Version 6.0.31 - Bugfix Release ------------------------------------------------------------------ ------------------ 2025-1-1 - Jan 1 2025 ------------------- ------------------------------------------------------------------ ++++ chirp: - Update to version 20241226: * Add basic support for Baofeng W31D and BF-T20D * Add driver for Kenwood TK690, TK790, and TK890. * Translations updates, UI fixes * Add legal power limits for US FRS and GMRS, replacing chirp's auto-populated 50W on all channels * Add MaxTalker P15 * Add Subpport for BF-F8HP-PRO firmware v0.33 ++++ dpdk: - Fix CVE-2024-11614 [bsc#1234718] - Denial Of Service from malicious guest on hypervisors using DPDK Vhost library - Added patch, + dpdk-CVE-2024-11614.patch ++++ dpdk-thunderx: - Fix CVE-2024-11614 [bsc#1234718] - Denial Of Service from malicious guest on hypervisors using DPDK Vhost library - Added patch, + dpdk-CVE-2024-11614.patch ++++ kernel-firmware: - Update to version 20241220 (git commit 9cf329b39cf1): * cnm: update chips&media wave521c firmware. * WHENCE: Add "Info:" tag to text that's clearly not part of the license * rtl_nic: add firmware rtl8125bp-2 * qcom: venus-5.4: update firmware binary for sc7180 and qcs615 * cirrus: cs35l56: Correct filenames of SSID 17aa3832 * cirrus: cs35l56: Add and update firmware for various Cirrus CS35L54 and CS35L56 laptops * cirrus: cs35l56: Correct SSID order for 103c8d01 103c8d08 10431f43 ------------------------------------------------------------------ ------------------ 2024-12-31 - Dec 31 2024 ------------------- ------------------------------------------------------------------ ++++ kernel-64kb: - ASoC: Intel: sof_sdw: Fix DMI match for Lenovo 21QA and 21QB (git-fixes). - ASoC: Intel: sof_sdw: Fix DMI match for Lenovo 21Q6 and 21Q7 (git-fixes). - riscv: Fix wrong usage of __pa() on a fixmap address (git-fixes). - commit 70097d1 - stddef: make __struct_group() UAPI C++-friendly (git-fixes). - thunderbolt: Improve redrive mode handling (git-fixes). - thunderbolt: Don't display nvm_version unless upgrade supported (git-fixes). - thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes). - xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic (stable-fixes). - USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes). - USB: serial: option: add MediaTek T7XX compositions (stable-fixes). - USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable-fixes). - USB: serial: option: add MeiG Smart SLM770A (stable-fixes). - USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes). - usb: typec: ucsi: Fix completion notifications (git-fixes). - usb: dwc2: Fix HCD port connection race (git-fixes). - usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes). - usb: dwc2: Fix HCD resume (git-fixes). - usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes). - usb: misc: onboard_usb_dev: skip suspend/resume sequence for USB5744 SMBus support (git-fixes). - usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes). - usb: core: hcd: only check primary hcd skip_phy_initialization (git-fixes). - usb: gadget: midi2: Fix interpretation of is_midi1 bits (git-fixes). - usb: dwc3: imx8mp: fix software node kernel dump (git-fixes). - usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes). - usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes). - usb: host: max3421-hcd: Correctly abort a USB request (git-fixes). - usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes). - spi: rockchip: Fix PM runtime count on no-op cs (git-fixes). - spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes). - Revert "unicode: Don't special case ignorable code points" (stable-fixes). - usb: typec: ucsi: glink: be more precise on orientation-aware ports (stable-fixes). - usb: typec: ucsi: Do not call ACPI _DSM method for UCSI read operations (stable-fixes). - usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable-fixes). - usb: chipidea: udc: create bounce buffer for problem sglist entries if possible (stable-fixes). - usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes). - usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (stable-fixes). - thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes). - wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes). - wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes). - wifi: ath5k: add PCI ID for Arcadyan devices (stable-fixes). - wifi: ath5k: add PCI ID for SX76X (stable-fixes). - wifi: ath10k: avoid NULL pointer error during sdio remove (stable-fixes). - wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes). - wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable-fixes). - wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes). - spi: spi-fsl-lpspi: Adjust type of scldiv (stable-fixes). - commit e030fc8 - power: supply: bq24190: Fix BQ24296 Vbus regulator support (git-fixes). - power: supply: cros_charge-control: hide start threshold on v2 cmd (git-fixes). - power: supply: cros_charge-control: allow start_threshold == end_threshold (git-fixes). - power: supply: cros_charge-control: add mutex for driver data (git-fixes). - power: supply: gpio-charger: Fix set charge current limits (git-fixes). - selftests/memfd: run sysctl tests when PID namespace support is enabled (git-fixes). - selftests: openvswitch: fix tcpdump execution (git-fixes). - regulator: axp20x: AXP717: set ramp_delay (git-fixes). - kselftest/arm64: abi: fix SVCR detection (git-fixes). - selftests: netfilter: Stabilize rpath.sh (git-fixes). - selftests: mlxsw: sharedbuffer: Ensure no extra packets are counted (git-fixes). - selftests: mlxsw: sharedbuffer: Remove duplicate test cases (git-fixes). - selftests: mlxsw: sharedbuffer: Remove h1 ingress test case (git-fixes). - selftests/ftrace: adjust offset for kprobe syntax error test (git-fixes). - selftests/damon: add _damon_sysfs.py to TEST_FILES (git-fixes). - selftest: hugetlb_dio: fix test naming (git-fixes). - selftests: hid: fix typo and exit code (git-fixes). - setlocalversion: work around "git describe" performance (stable-fixes). - rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes). - serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes). - selftests: rds: move test.py to TEST_FILES (git-fixes). - regulator: qcom-rpmh: Update ranges for FTSMPS525 (stable-fixes). - selftests/mount_setattr: Fix failures on 64K PAGE_SIZE kernels (git-fixes). - remoteproc: qcom: pas: enable SAR2130P audio DSP support (stable-fixes). - selftests/damon/debugfs_duplicate_context_creation: hide errors from expected file write failures (git-fixes). - selftests/damon/_debugfs_common: hide expected error message from test_write_result() (git-fixes). - selftests/damon/huge_count_read_write: remove unnecessary debugging message (git-fixes). - selftests/damon/huge_count_read_write: provide sufficiently large buffer for DEPRECATED file read (git-fixes). - selftests: netfilter: Fix missing return values in conntrack_dump_flush (git-fixes). - selftests: net: really check for bg process completion (git-fixes). - soc: imx8m: Probe the SoC driver as platform driver (stable-fixes). - soc: qcom: pd-mapper: Add QCM6490 PD maps (stable-fixes). - soc: qcom: llcc: Use designated initializers for LLC settings (stable-fixes). - regmap: maple: Provide lockdep (sub)class for maple tree's internal lock (stable-fixes). - selftests/resctrl: Protect against array overflow when reading strings (stable-fixes). - selftests/resctrl: Protect against array overrun during iMC config parsing (git-fixes). - selftests/resctrl: Fix memory overflow due to unhandled wraparound (git-fixes). - selftests/resctrl: Print accurate buffer size as part of MBM results (git-fixes). - selftests/mm: Fix unused function warning for aarch64_write_signal_pkey() (git-fixes). - kselftest/arm64: Don't leak pipe fds in pac.exec_sign_all() (stable-fixes). - kselftest/arm64: Fix encoding for SVE B16B16 test (git-fixes). - kselftest/arm64: Log fp-stress child startup errors to stdout (stable-fixes). - kselftest/arm64: mte: fix printf type warnings about longs (git-fixes). - kselftest/arm64: mte: fix printf type warnings about __u64 (git-fixes). - kselftest/arm64: hwcap: fix f8dp2 cpuinfo name (git-fixes). - kselftest/arm64: signal: drop now redundant GNU_SOURCE definition (git-fixes). - commit 5e98b23 - platform/x86: mlx-platform: call pci_dev_put() to balance the refcount (git-fixes). - PCI/MSI: Handle lack of irqdomain gracefully (git-fixes). - phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git-fixes). - phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes). - phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git-fixes). - phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes). - phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes). - phy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM (git-fixes). - phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes). - phy: rockchip: naneng-combphy: fix phy reset (git-fixes). - phy: usb: Toggle the PHY power during init (git-fixes). - platform/chrome: cros_ec_lpc: fix product identity for early Framework Laptops (git-fixes). - mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes). - mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes). - mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes). - mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes). - of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes). - of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent() (git-fixes). - of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git-fixes). - of: Fix error path in of_parse_phandle_with_args_map() (git-fixes). - of: address: Preserve the flags portion on 1:1 dma-ranges mapping (git-fixes). - of: property: fw_devlink: Do not use interrupt-parent directly (git-fixes). - objtool/x86: allow syscall instruction (stable-fixes). - p2sb: Do not scan and remove the P2SB device when it is unhidden (git-fixes). - p2sb: Move P2SB hide and unhide code to p2sb_scan_and_cache() (stable-fixes). - p2sb: Introduce the global flag p2sb_hidden_by_bios (stable-fixes). - p2sb: Factor out p2sb_read_from_cache() (stable-fixes). - PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable-fixes). - PCI: qcom: Add support for IPQ9574 (stable-fixes). - PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes). - PCI: Detect and trust built-in Thunderbolt chips (stable-fixes). - PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes). - PCI: starfive: Enable controller runtime PM before probing host bridge (stable-fixes). - PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes). - pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes). - pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes). - pinmux: Use sequential access to access desc->pinmux data (stable-fixes). - of: Allow overlay kunit tests to run CONFIG_OF_OVERLAY=n (git-fixes). - of/fdt: add dt_phys arg to early_init_dt_scan and early_init_dt_verify (git-fixes). - commit 52557e8 - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git-fixes). - mmc: mtk-sd: disable wakeup in .remove() and in the error path of .probe() (git-fixes). - mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git-fixes). - modpost: Add .irqentry.text to OTHER_SECTIONS (stable-fixes). - mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes). - misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle (stable-fixes). - media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable-fixes). - media: uvcvideo: Force UVC version to 1.0a for 0408:4033 (stable-fixes). - media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes). - media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes). - mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes). - mmc: mtk-sd: Fix error handle of probe function (git-fixes). - mmc: core: Use GFP_NOIO in ACMD22 (git-fixes). - mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes). - mmc: mtk-sd: use devm_mmc_alloc_host (stable-fixes). - mmc: core: Adjust ACMD22 to SDUC (stable-fixes). - mmc: sd: SDUC Support Recognition (stable-fixes). - mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes). - mmc: core: Add SD card quirk for broken poweroff notification (stable-fixes). - commit ba13df0 - Update config files: CONFIG_HISILICON_ERRATUM_162100801=y - commit ff7aefc - linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes). - irqchip/gic-v3: Work around insecure GIC integrations (git-fixes). - lib: stackinit: hide never-taken branch from compiler (stable-fixes). - irqchip/gicv3-its: Add workaround for hip09 ITS erratum 162100801 (stable-fixes). - iio: light: ltr501: Add LTER0303 to the supported devices (stable-fixes). - iio: adc: ad7192: properly check spi_get_device_match_data() (stable-fixes). - mailbox: pcc: Check before sending MCTP PCC response ACK (stable-fixes). - leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes). - kcsan: Turn report_filterlist_lock into a raw_spinlock (stable-fixes). - commit d2834e2 - i2c: microchip-core: fix "ghost" detections (git-fixes). - i2c: microchip-core: actually use repeated sends (git-fixes). - i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git-fixes). - hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes). - hwmon: (tmp513) Fix Current Register value interpretation (git-fixes). - hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes). - i915/guc: Accumulate active runtime on gt reset (git-fixes). - i915/guc: Ensure busyness counter increases motonically (git-fixes). - i915/guc: Reset engine utilization buffer before registration (git-fixes). - i2c: riic: Always round-up when calculating bus period (git-fixes). - i2c: pnx: Fix timeout in wait functions (git-fixes). - gpio: graniterapids: Fix GPIO Ack functionality (stable-fixes). - gpio: graniterapids: Check if GPIO line can be used for IRQs (stable-fixes). - gpio: graniterapids: Determine if GPIO pad can be used by driver (stable-fixes). - gpio: graniterapids: Fix invalid RXEVCFG register bitmask (stable-fixes). - gpio: graniterapids: Fix invalid GPI_IS register offset (stable-fixes). - gpio: graniterapids: Fix incorrect BAR assignment (stable-fixes). - gpio: graniterapids: Fix vGPIO driver crash (stable-fixes). - gpio: ljca: Initialize num before accessing item in ljca_gpio_config (git-fixes). - i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock (stable-fixes). - i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (stable-fixes). - i3c: master: Fix dynamic address leak when 'assigned-address' is present (git-fixes). - i3c: master: Extend address status bit to 4 and add I3C_ADDR_SLOT_EXT_DESIRED (stable-fixes). - i3c: master: Replace hard code 2 with macro I3C_ADDR_SLOT_STATUS_BITS (stable-fixes). - i2c: i801: Add support for Intel Panther Lake (stable-fixes). - HID: add per device quirk to force bind to hid-generic (stable-fixes). - HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes). - gpio: grgpio: Add NULL check in grgpio_probe (git-fixes). - iio: magnetometer: fix if () scoped_guard() formatting (git-fixes). - hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable-fixes). - commit 0ebc937 - drm/amdgpu/nbio7.0: fix IP version check (stable-fixes). - drm/amd: Update strapping for NBIO 2.5.0 (stable-fixes). - drm/amdgpu: Handle NULL bo->tbo.resource (again) in amdgpu_vm_bo_update (git-fixes). - drm/amdgpu: fix amdgpu_coredump (stable-fixes). - drm/amdgpu/smu14.0.2: fix IP version check (stable-fixes). - drm/amdgpu/gfx12: fix IP version check (stable-fixes). - drm/amdgpu/mmhub4.1: fix IP version check (stable-fixes). - drm/amdgpu/nbio7.11: fix IP version check (stable-fixes). - drm/amdgpu/nbio7.7: fix IP version check (stable-fixes). - drm/amdgpu: don't access invalid sched (git-fixes). - drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable-fixes). - drm/display: use ERR_PTR on DP tunnel manager creation fail (git-fixes). - drm/panel: synaptics-r63353: Fix regulator unbalance (git-fixes). - drm/panel: st7701: Add prepare_prev_first flag to drm_panel (git-fixes). - drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git-fixes). - drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference (git-fixes). - firmware: arm_ffa: Fix the race around setting ffa_dev->properties (git-fixes). - drm/panic: remove spurious empty line to clean warning (git-fixes). - drm/amdkfd: pause autosuspend when creating pdd (stable-fixes). - drm/amdgpu: fix when the cleaner shader is emitted (git-fixes). - drm/amdkfd: hard-code MALL cacheline size for gfx11, gfx12 (stable-fixes). - drm/amdkfd: hard-code cacheline size for gfx11 (stable-fixes). - drm/amdkfd: Dereference null return value (git-fixes). - drm/amd/pm: Set SMU v13.0.7 default workload type (stable-fixes). - drm/amdgpu: fix UVD contiguous CS mapping problem (stable-fixes). - drm/xe/reg_sr: Remove register pool (git-fixes). - drm/xe: Call invalidation_fence_fini for PT inval fences in error state (git-fixes). - drm/xe: fix the ERR_PTR() returned on failure to allocate tiny pt (git-fixes). - drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes). - drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes). - drm/i915/color: Stop using non-posted DSB writes for legacy LUT (git-fixes). - drm/amd/pm: fix and simplify workload handling (stable-fixes). - drm/amd/display: Limit VTotal range to max hw cap minus fp (stable-fixes). - drm/amd/display: Correct prefetch calculation (stable-fixes). - drm/amd/display: Add a left edge pixel if in YCbCr422 or YCbCr420 and odm (stable-fixes). - drm/amdkfd: hard-code cacheline for gc943,gc944 (stable-fixes). - drm/amdkfd: add MEC version that supports no PCIe atomics for GFX12 (stable-fixes). - drm/amdgpu/hdp7.0: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp6.0: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp5.0: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp4.0: do a posting read when flushing HDP (stable-fixes). - drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes). - drm/dp_mst: Fix MST sideband message body length check (stable-fixes). - drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes). - drm/amd/display: Ignore scalar validation failure if pipe is phantom (stable-fixes). - Revert "drm/amd/display: parse umc_info or vram_info based on ASIC" (stable-fixes). - drm/panic: Add ABGR2101010 support (stable-fixes). - drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes). - drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes). - drm/amd/display: Prune Invalid Modes For HDMI Output (stable-fixes). - drm/amd/display: parse umc_info or vram_info based on ASIC (stable-fixes). - drm/amd/display: Remove hw w/a toggle if on DP2/HPO (stable-fixes). - drm/amd/display: Fix underflow when playing 8K video in full screen mode (stable-fixes). - drm/xe/devcoredump: Update handling of xe_force_wake_get return (stable-fixes). - drm/xe/forcewake: Add a helper xe_force_wake_ref_has_domain() (stable-fixes). - drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes). - drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes). - drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable-fixes). - drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes). - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes). - drm/amdgpu/gfx9: Add cleaner shader for GFX9.4.2 (stable-fixes). - drm/amd/display: Adding array index check to prevent memory corruption (stable-fixes). - drm/amd/display: Full exit out of IPS2 when all allow signals have been cleared (stable-fixes). - drm/amd/display: disable SG displays on cyan skillfish (stable-fixes). - drm/amd/display: calculate final viewport before TAP optimization (stable-fixes). - drm/amd/display: Fix garbage or black screen when resetting otg (stable-fixes). - drm/amd/display: skip disable CRTC in seemless bootup case (stable-fixes). - drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes). - drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (stable-fixes). - drm/display: Fix building with GCC 15 (stable-fixes). - drm/xe/xe3: Add initial set of workarounds (stable-fixes). - drm/xe/ptl: L3bank mask is not available on the media GT (stable-fixes). - drm/xe/guc: Copy GuC log prior to dumping (stable-fixes). - drm/xe/devcoredump: Add ASCII85 dump helper function (stable-fixes). - drm/xe/devcoredump: Improve section headings and add tile info (stable-fixes). - drm/xe/devcoredump: Use drm_puts and already cached local variables (stable-fixes). - drm/xe/pciid: Add new PCI id for ARL (stable-fixes). - drm/xe/pciids: Add PVC's PCI device ID macros (stable-fixes). - drm/xe/pciids: separate ARL and MTL PCI IDs (stable-fixes). - drm/xe/pciids: separate RPL-U and RPL-P PCI IDs (stable-fixes). - drm/mcde: Enable module autoloading (stable-fixes). - firmware: qcom: scm: Allow QSEECOM on Dell XPS 13 9345 (stable-fixes). - firmware: qcom: scm: Allow QSEECOM on Lenovo Yoga Slim 7x (stable-fixes). - gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes). - gpio: free irqs that are still requested when the chip is being removed (stable-fixes). - commit d415f2b - dmaengine: tegra: Return correct DMA status when paused (git-fixes). - dmaengine: mv_xor: fix child node refcount handling in early exit (git-fixes). - dmaengine: fsl-edma: implement the cleanup path of fsl_edma3_attach_pd() (git-fixes). - dmaengine: amd: qdma: Remove using the private get and set dma_ops APIs (git-fixes). - dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes). - dmaengine: dw: Select only supported masters for ACPI devices (git-fixes). - dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git-fixes). - dma-buf: Fix __dma_buf_debugfs_list_del argument for !CONFIG_DEBUG_FS (git-fixes). - can: m_can: fix missed interrupts with m_can_pci (git-fixes). - can: m_can: set init flag earlier in probe (git-fixes). - cxl/region: Fix region creation for greater than x2 switches (git-fixes). - cxl/pci: Fix potential bogus return value upon successful probing (git-fixes). - crypto: hisilicon/debugfs - fix the struct pointer incorrectly offset problem (git-fixes). - Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git-fixes). - Documentation: networking: Add a caveat to nexthop_compat_mode sysctl (git-fixes). - clk: en7523: Initialize num before accessing hws in en7523_register_clocks() (git-fixes). - clk: en7523: Fix wrong BUS clock for EN7581 (git-fixes). - dma-buf: fix dma_fence_array_signaled v4 (stable-fixes). - clk: qcom: clk-alpha-pll: Add NSS HUAYRA ALPHA PLL support for ipq9574 (stable-fixes). - clk: qcom: dispcc-sm8550: enable support for SAR2130P (stable-fixes). - clk: qcom: tcsrcc-sm8550: add SAR2130P support (stable-fixes). - clk: qcom: rpmh: add support for SAR2130P (stable-fixes). - clk: qcom: rcg2: add clk_rcg2_shared_floor_ops (stable-fixes). - drm/bridge: it6505: Enable module autoloading (stable-fixes). - drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes). - drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes). - drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes). - drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes). - drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes). - dma-debug: fix a possible deadlock on radix_lock (stable-fixes). - Documentation: tipc: fix formatting issue in tipc.rst (git-fixes). - cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes). - crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes). - commit 8e66607 - ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP (git-fixes). - ASoC: amd: ps: Fix for enabling DMIC on acp63 platform via _DSD entry (git-fixes). - ALSA: sh: Fix wrong argument order for copy_from_iter() (git-fixes). - ALSA: memalloc: prefer dma_mapping_error() over explicit address checking (git-fixes). - accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal() (git-fixes). - accel/ivpu: Fix general protection fault in ivpu_bo_list() (git-fixes). - ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes). - amdgpu/uvd: get ring reference from rq scheduler (git-fixes). - ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired (git-fixes). - ACPI: resource: Fix memory resource type union access (git-fixes). - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes). - ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array (git-fixes). - ASoC: fsl_spdif: change IFACE_PCM to IFACE_MIXER (git-fixes). - ASoC: fsl_xcvr: change IFACE_PCM to IFACE_MIXER (git-fixes). - ASoC: tas2781: Fix calibration issue in stress test (git-fixes). - ASoC: amd: yc: Fix the wrong return value (git-fixes). - ALSA: control: Avoid WARN() for symlink errors (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes). - ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes). - ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes). - ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes). - ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable-fixes). - ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable-fixes). - accel/qaic: Add AIC080 support (stable-fixes). - ASoC: hdmi-codec: reorder channel allocation list (stable-fixes). - ASoC: Intel: soc-acpi-intel-arl-match: Add rt722 and rt1320 support (stable-fixes). - ASoC: sdw_utils: Add quirk to exclude amplifier function (stable-fixes). - ASoC: Intel: sof_sdw: Add quirks for some new Lenovo laptops (stable-fixes). - ASoC: Intel: sof_sdw: Add quirk for cs42l43 system using host DMICs (stable-fixes). - ASoC: sdw_utils: Add a quirk to allow the cs42l43 mic DAI to be ignored (stable-fixes). - ASoC: sdw_utils: Add support for exclusion DAI quirks (stable-fixes). - ASoC: Intel: avs: Fix return status of avs_pcm_hw_constraints_init() (stable-fixes). - ASoC: Intel: sof_rt5682: Add HDMI-In capture with rt5682 support for MTL (stable-fixes). - Bluetooth: btusb: Add 3 HWIDs for MT7925 (stable-fixes). - Bluetooth: btusb: Add new VID/PID 0489/e124 for MT7925 (stable-fixes). - Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes). - Bluetooth: Set quirks for ATS2851 (stable-fixes). - Bluetooth: Support new quirks for ATS2851 (stable-fixes). - Bluetooth: Add new quirks for ATS2851 (stable-fixes). - Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes). - Bluetooth: hci_conn: Use disable_delayed_work_sync (stable-fixes). - Bluetooth: btusb: Add USB HW IDs for MT7920/MT7925 (stable-fixes). - Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable-fixes). - Bluetooth: hci_conn: Reduce hci_conn_drop() calls in two functions (stable-fixes). - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (stable-fixes). - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes). - ACPI: video: force native for Apple MacbookPro11,2 and Air7,2 (stable-fixes). - ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() (stable-fixes). - ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable-fixes). - commit f768efe ++++ kernel-default: - ASoC: Intel: sof_sdw: Fix DMI match for Lenovo 21QA and 21QB (git-fixes). - ASoC: Intel: sof_sdw: Fix DMI match for Lenovo 21Q6 and 21Q7 (git-fixes). - riscv: Fix wrong usage of __pa() on a fixmap address (git-fixes). - commit 70097d1 - stddef: make __struct_group() UAPI C++-friendly (git-fixes). - thunderbolt: Improve redrive mode handling (git-fixes). - thunderbolt: Don't display nvm_version unless upgrade supported (git-fixes). - thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes). - xhci: Turn NEC specific quirk for handling Stop Endpoint errors generic (stable-fixes). - USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes). - USB: serial: option: add MediaTek T7XX compositions (stable-fixes). - USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable-fixes). - USB: serial: option: add MeiG Smart SLM770A (stable-fixes). - USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes). - usb: typec: ucsi: Fix completion notifications (git-fixes). - usb: dwc2: Fix HCD port connection race (git-fixes). - usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes). - usb: dwc2: Fix HCD resume (git-fixes). - usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes). - usb: misc: onboard_usb_dev: skip suspend/resume sequence for USB5744 SMBus support (git-fixes). - usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes). - usb: core: hcd: only check primary hcd skip_phy_initialization (git-fixes). - usb: gadget: midi2: Fix interpretation of is_midi1 bits (git-fixes). - usb: dwc3: imx8mp: fix software node kernel dump (git-fixes). - usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes). - usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes). - usb: host: max3421-hcd: Correctly abort a USB request (git-fixes). - usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes). - spi: rockchip: Fix PM runtime count on no-op cs (git-fixes). - spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes). - Revert "unicode: Don't special case ignorable code points" (stable-fixes). - usb: typec: ucsi: glink: be more precise on orientation-aware ports (stable-fixes). - usb: typec: ucsi: Do not call ACPI _DSM method for UCSI read operations (stable-fixes). - usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable-fixes). - usb: chipidea: udc: create bounce buffer for problem sglist entries if possible (stable-fixes). - usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes). - usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (stable-fixes). - thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes). - wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes). - wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes). - wifi: ath5k: add PCI ID for Arcadyan devices (stable-fixes). - wifi: ath5k: add PCI ID for SX76X (stable-fixes). - wifi: ath10k: avoid NULL pointer error during sdio remove (stable-fixes). - wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes). - wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable-fixes). - wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes). - spi: spi-fsl-lpspi: Adjust type of scldiv (stable-fixes). - commit e030fc8 - power: supply: bq24190: Fix BQ24296 Vbus regulator support (git-fixes). - power: supply: cros_charge-control: hide start threshold on v2 cmd (git-fixes). - power: supply: cros_charge-control: allow start_threshold == end_threshold (git-fixes). - power: supply: cros_charge-control: add mutex for driver data (git-fixes). - power: supply: gpio-charger: Fix set charge current limits (git-fixes). - selftests/memfd: run sysctl tests when PID namespace support is enabled (git-fixes). - selftests: openvswitch: fix tcpdump execution (git-fixes). - regulator: axp20x: AXP717: set ramp_delay (git-fixes). - kselftest/arm64: abi: fix SVCR detection (git-fixes). - selftests: netfilter: Stabilize rpath.sh (git-fixes). - selftests: mlxsw: sharedbuffer: Ensure no extra packets are counted (git-fixes). - selftests: mlxsw: sharedbuffer: Remove duplicate test cases (git-fixes). - selftests: mlxsw: sharedbuffer: Remove h1 ingress test case (git-fixes). - selftests/ftrace: adjust offset for kprobe syntax error test (git-fixes). - selftests/damon: add _damon_sysfs.py to TEST_FILES (git-fixes). - selftest: hugetlb_dio: fix test naming (git-fixes). - selftests: hid: fix typo and exit code (git-fixes). - setlocalversion: work around "git describe" performance (stable-fixes). - rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes). - serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes). - selftests: rds: move test.py to TEST_FILES (git-fixes). - regulator: qcom-rpmh: Update ranges for FTSMPS525 (stable-fixes). - selftests/mount_setattr: Fix failures on 64K PAGE_SIZE kernels (git-fixes). - remoteproc: qcom: pas: enable SAR2130P audio DSP support (stable-fixes). - selftests/damon/debugfs_duplicate_context_creation: hide errors from expected file write failures (git-fixes). - selftests/damon/_debugfs_common: hide expected error message from test_write_result() (git-fixes). - selftests/damon/huge_count_read_write: remove unnecessary debugging message (git-fixes). - selftests/damon/huge_count_read_write: provide sufficiently large buffer for DEPRECATED file read (git-fixes). - selftests: netfilter: Fix missing return values in conntrack_dump_flush (git-fixes). - selftests: net: really check for bg process completion (git-fixes). - soc: imx8m: Probe the SoC driver as platform driver (stable-fixes). - soc: qcom: pd-mapper: Add QCM6490 PD maps (stable-fixes). - soc: qcom: llcc: Use designated initializers for LLC settings (stable-fixes). - regmap: maple: Provide lockdep (sub)class for maple tree's internal lock (stable-fixes). - selftests/resctrl: Protect against array overflow when reading strings (stable-fixes). - selftests/resctrl: Protect against array overrun during iMC config parsing (git-fixes). - selftests/resctrl: Fix memory overflow due to unhandled wraparound (git-fixes). - selftests/resctrl: Print accurate buffer size as part of MBM results (git-fixes). - selftests/mm: Fix unused function warning for aarch64_write_signal_pkey() (git-fixes). - kselftest/arm64: Don't leak pipe fds in pac.exec_sign_all() (stable-fixes). - kselftest/arm64: Fix encoding for SVE B16B16 test (git-fixes). - kselftest/arm64: Log fp-stress child startup errors to stdout (stable-fixes). - kselftest/arm64: mte: fix printf type warnings about longs (git-fixes). - kselftest/arm64: mte: fix printf type warnings about __u64 (git-fixes). - kselftest/arm64: hwcap: fix f8dp2 cpuinfo name (git-fixes). - kselftest/arm64: signal: drop now redundant GNU_SOURCE definition (git-fixes). - commit 5e98b23 - platform/x86: mlx-platform: call pci_dev_put() to balance the refcount (git-fixes). - PCI/MSI: Handle lack of irqdomain gracefully (git-fixes). - phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git-fixes). - phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes). - phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git-fixes). - phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes). - phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes). - phy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM (git-fixes). - phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes). - phy: rockchip: naneng-combphy: fix phy reset (git-fixes). - phy: usb: Toggle the PHY power during init (git-fixes). - platform/chrome: cros_ec_lpc: fix product identity for early Framework Laptops (git-fixes). - mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes). - mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes). - mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes). - mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes). - of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes). - of/irq: Fix interrupt-map cell length check in of_irq_parse_imap_parent() (git-fixes). - of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git-fixes). - of: Fix error path in of_parse_phandle_with_args_map() (git-fixes). - of: address: Preserve the flags portion on 1:1 dma-ranges mapping (git-fixes). - of: property: fw_devlink: Do not use interrupt-parent directly (git-fixes). - objtool/x86: allow syscall instruction (stable-fixes). - p2sb: Do not scan and remove the P2SB device when it is unhidden (git-fixes). - p2sb: Move P2SB hide and unhide code to p2sb_scan_and_cache() (stable-fixes). - p2sb: Introduce the global flag p2sb_hidden_by_bios (stable-fixes). - p2sb: Factor out p2sb_read_from_cache() (stable-fixes). - PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable-fixes). - PCI: qcom: Add support for IPQ9574 (stable-fixes). - PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes). - PCI: Detect and trust built-in Thunderbolt chips (stable-fixes). - PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes). - PCI: starfive: Enable controller runtime PM before probing host bridge (stable-fixes). - PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes). - pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes). - pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes). - pinmux: Use sequential access to access desc->pinmux data (stable-fixes). - of: Allow overlay kunit tests to run CONFIG_OF_OVERLAY=n (git-fixes). - of/fdt: add dt_phys arg to early_init_dt_scan and early_init_dt_verify (git-fixes). - commit 52557e8 - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git-fixes). - mmc: mtk-sd: disable wakeup in .remove() and in the error path of .probe() (git-fixes). - mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git-fixes). - modpost: Add .irqentry.text to OTHER_SECTIONS (stable-fixes). - mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes). - misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle (stable-fixes). - media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable-fixes). - media: uvcvideo: Force UVC version to 1.0a for 0408:4033 (stable-fixes). - media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes). - media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes). - mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes). - mmc: mtk-sd: Fix error handle of probe function (git-fixes). - mmc: core: Use GFP_NOIO in ACMD22 (git-fixes). - mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes). - mmc: mtk-sd: use devm_mmc_alloc_host (stable-fixes). - mmc: core: Adjust ACMD22 to SDUC (stable-fixes). - mmc: sd: SDUC Support Recognition (stable-fixes). - mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes). - mmc: core: Add SD card quirk for broken poweroff notification (stable-fixes). - commit ba13df0 - Update config files: CONFIG_HISILICON_ERRATUM_162100801=y - commit ff7aefc - linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes). - irqchip/gic-v3: Work around insecure GIC integrations (git-fixes). - lib: stackinit: hide never-taken branch from compiler (stable-fixes). - irqchip/gicv3-its: Add workaround for hip09 ITS erratum 162100801 (stable-fixes). - iio: light: ltr501: Add LTER0303 to the supported devices (stable-fixes). - iio: adc: ad7192: properly check spi_get_device_match_data() (stable-fixes). - mailbox: pcc: Check before sending MCTP PCC response ACK (stable-fixes). - leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes). - kcsan: Turn report_filterlist_lock into a raw_spinlock (stable-fixes). - commit d2834e2 - i2c: microchip-core: fix "ghost" detections (git-fixes). - i2c: microchip-core: actually use repeated sends (git-fixes). - i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git-fixes). - hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes). - hwmon: (tmp513) Fix Current Register value interpretation (git-fixes). - hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes). - i915/guc: Accumulate active runtime on gt reset (git-fixes). - i915/guc: Ensure busyness counter increases motonically (git-fixes). - i915/guc: Reset engine utilization buffer before registration (git-fixes). - i2c: riic: Always round-up when calculating bus period (git-fixes). - i2c: pnx: Fix timeout in wait functions (git-fixes). - gpio: graniterapids: Fix GPIO Ack functionality (stable-fixes). - gpio: graniterapids: Check if GPIO line can be used for IRQs (stable-fixes). - gpio: graniterapids: Determine if GPIO pad can be used by driver (stable-fixes). - gpio: graniterapids: Fix invalid RXEVCFG register bitmask (stable-fixes). - gpio: graniterapids: Fix invalid GPI_IS register offset (stable-fixes). - gpio: graniterapids: Fix incorrect BAR assignment (stable-fixes). - gpio: graniterapids: Fix vGPIO driver crash (stable-fixes). - gpio: ljca: Initialize num before accessing item in ljca_gpio_config (git-fixes). - i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock (stable-fixes). - i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (stable-fixes). - i3c: master: Fix dynamic address leak when 'assigned-address' is present (git-fixes). - i3c: master: Extend address status bit to 4 and add I3C_ADDR_SLOT_EXT_DESIRED (stable-fixes). - i3c: master: Replace hard code 2 with macro I3C_ADDR_SLOT_STATUS_BITS (stable-fixes). - i2c: i801: Add support for Intel Panther Lake (stable-fixes). - HID: add per device quirk to force bind to hid-generic (stable-fixes). - HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes). - gpio: grgpio: Add NULL check in grgpio_probe (git-fixes). - iio: magnetometer: fix if () scoped_guard() formatting (git-fixes). - hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable-fixes). - commit 0ebc937 - drm/amdgpu/nbio7.0: fix IP version check (stable-fixes). - drm/amd: Update strapping for NBIO 2.5.0 (stable-fixes). - drm/amdgpu: Handle NULL bo->tbo.resource (again) in amdgpu_vm_bo_update (git-fixes). - drm/amdgpu: fix amdgpu_coredump (stable-fixes). - drm/amdgpu/smu14.0.2: fix IP version check (stable-fixes). - drm/amdgpu/gfx12: fix IP version check (stable-fixes). - drm/amdgpu/mmhub4.1: fix IP version check (stable-fixes). - drm/amdgpu/nbio7.11: fix IP version check (stable-fixes). - drm/amdgpu/nbio7.7: fix IP version check (stable-fixes). - drm/amdgpu: don't access invalid sched (git-fixes). - drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable-fixes). - drm/display: use ERR_PTR on DP tunnel manager creation fail (git-fixes). - drm/panel: synaptics-r63353: Fix regulator unbalance (git-fixes). - drm/panel: st7701: Add prepare_prev_first flag to drm_panel (git-fixes). - drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git-fixes). - drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference (git-fixes). - firmware: arm_ffa: Fix the race around setting ffa_dev->properties (git-fixes). - drm/panic: remove spurious empty line to clean warning (git-fixes). - drm/amdkfd: pause autosuspend when creating pdd (stable-fixes). - drm/amdgpu: fix when the cleaner shader is emitted (git-fixes). - drm/amdkfd: hard-code MALL cacheline size for gfx11, gfx12 (stable-fixes). - drm/amdkfd: hard-code cacheline size for gfx11 (stable-fixes). - drm/amdkfd: Dereference null return value (git-fixes). - drm/amd/pm: Set SMU v13.0.7 default workload type (stable-fixes). - drm/amdgpu: fix UVD contiguous CS mapping problem (stable-fixes). - drm/xe/reg_sr: Remove register pool (git-fixes). - drm/xe: Call invalidation_fence_fini for PT inval fences in error state (git-fixes). - drm/xe: fix the ERR_PTR() returned on failure to allocate tiny pt (git-fixes). - drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes). - drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes). - drm/i915/color: Stop using non-posted DSB writes for legacy LUT (git-fixes). - drm/amd/pm: fix and simplify workload handling (stable-fixes). - drm/amd/display: Limit VTotal range to max hw cap minus fp (stable-fixes). - drm/amd/display: Correct prefetch calculation (stable-fixes). - drm/amd/display: Add a left edge pixel if in YCbCr422 or YCbCr420 and odm (stable-fixes). - drm/amdkfd: hard-code cacheline for gc943,gc944 (stable-fixes). - drm/amdkfd: add MEC version that supports no PCIe atomics for GFX12 (stable-fixes). - drm/amdgpu/hdp7.0: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp6.0: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp5.0: do a posting read when flushing HDP (stable-fixes). - drm/amdgpu/hdp4.0: do a posting read when flushing HDP (stable-fixes). - drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes). - drm/dp_mst: Fix MST sideband message body length check (stable-fixes). - drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes). - drm/amd/display: Ignore scalar validation failure if pipe is phantom (stable-fixes). - Revert "drm/amd/display: parse umc_info or vram_info based on ASIC" (stable-fixes). - drm/panic: Add ABGR2101010 support (stable-fixes). - drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes). - drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes). - drm/amd/display: Prune Invalid Modes For HDMI Output (stable-fixes). - drm/amd/display: parse umc_info or vram_info based on ASIC (stable-fixes). - drm/amd/display: Remove hw w/a toggle if on DP2/HPO (stable-fixes). - drm/amd/display: Fix underflow when playing 8K video in full screen mode (stable-fixes). - drm/xe/devcoredump: Update handling of xe_force_wake_get return (stable-fixes). - drm/xe/forcewake: Add a helper xe_force_wake_ref_has_domain() (stable-fixes). - drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes). - drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes). - drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable-fixes). - drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes). - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes). - drm/amdgpu/gfx9: Add cleaner shader for GFX9.4.2 (stable-fixes). - drm/amd/display: Adding array index check to prevent memory corruption (stable-fixes). - drm/amd/display: Full exit out of IPS2 when all allow signals have been cleared (stable-fixes). - drm/amd/display: disable SG displays on cyan skillfish (stable-fixes). - drm/amd/display: calculate final viewport before TAP optimization (stable-fixes). - drm/amd/display: Fix garbage or black screen when resetting otg (stable-fixes). - drm/amd/display: skip disable CRTC in seemless bootup case (stable-fixes). - drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes). - drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (stable-fixes). - drm/display: Fix building with GCC 15 (stable-fixes). - drm/xe/xe3: Add initial set of workarounds (stable-fixes). - drm/xe/ptl: L3bank mask is not available on the media GT (stable-fixes). - drm/xe/guc: Copy GuC log prior to dumping (stable-fixes). - drm/xe/devcoredump: Add ASCII85 dump helper function (stable-fixes). - drm/xe/devcoredump: Improve section headings and add tile info (stable-fixes). - drm/xe/devcoredump: Use drm_puts and already cached local variables (stable-fixes). - drm/xe/pciid: Add new PCI id for ARL (stable-fixes). - drm/xe/pciids: Add PVC's PCI device ID macros (stable-fixes). - drm/xe/pciids: separate ARL and MTL PCI IDs (stable-fixes). - drm/xe/pciids: separate RPL-U and RPL-P PCI IDs (stable-fixes). - drm/mcde: Enable module autoloading (stable-fixes). - firmware: qcom: scm: Allow QSEECOM on Dell XPS 13 9345 (stable-fixes). - firmware: qcom: scm: Allow QSEECOM on Lenovo Yoga Slim 7x (stable-fixes). - gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes). - gpio: free irqs that are still requested when the chip is being removed (stable-fixes). - commit d415f2b - dmaengine: tegra: Return correct DMA status when paused (git-fixes). - dmaengine: mv_xor: fix child node refcount handling in early exit (git-fixes). - dmaengine: fsl-edma: implement the cleanup path of fsl_edma3_attach_pd() (git-fixes). - dmaengine: amd: qdma: Remove using the private get and set dma_ops APIs (git-fixes). - dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes). - dmaengine: dw: Select only supported masters for ACPI devices (git-fixes). - dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git-fixes). - dma-buf: Fix __dma_buf_debugfs_list_del argument for !CONFIG_DEBUG_FS (git-fixes). - can: m_can: fix missed interrupts with m_can_pci (git-fixes). - can: m_can: set init flag earlier in probe (git-fixes). - cxl/region: Fix region creation for greater than x2 switches (git-fixes). - cxl/pci: Fix potential bogus return value upon successful probing (git-fixes). - crypto: hisilicon/debugfs - fix the struct pointer incorrectly offset problem (git-fixes). - Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git-fixes). - Documentation: networking: Add a caveat to nexthop_compat_mode sysctl (git-fixes). - clk: en7523: Initialize num before accessing hws in en7523_register_clocks() (git-fixes). - clk: en7523: Fix wrong BUS clock for EN7581 (git-fixes). - dma-buf: fix dma_fence_array_signaled v4 (stable-fixes). - clk: qcom: clk-alpha-pll: Add NSS HUAYRA ALPHA PLL support for ipq9574 (stable-fixes). - clk: qcom: dispcc-sm8550: enable support for SAR2130P (stable-fixes). - clk: qcom: tcsrcc-sm8550: add SAR2130P support (stable-fixes). - clk: qcom: rpmh: add support for SAR2130P (stable-fixes). - clk: qcom: rcg2: add clk_rcg2_shared_floor_ops (stable-fixes). - drm/bridge: it6505: Enable module autoloading (stable-fixes). - drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes). - drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes). - drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes). - drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes). - drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes). - dma-debug: fix a possible deadlock on radix_lock (stable-fixes). - Documentation: tipc: fix formatting issue in tipc.rst (git-fixes). - cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes). - crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes). - commit 8e66607 - ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP (git-fixes). - ASoC: amd: ps: Fix for enabling DMIC on acp63 platform via _DSD entry (git-fixes). - ALSA: sh: Fix wrong argument order for copy_from_iter() (git-fixes). - ALSA: memalloc: prefer dma_mapping_error() over explicit address checking (git-fixes). - accel/ivpu: Fix WARN in ivpu_ipc_send_receive_internal() (git-fixes). - accel/ivpu: Fix general protection fault in ivpu_bo_list() (git-fixes). - ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes). - amdgpu/uvd: get ring reference from rq scheduler (git-fixes). - ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired (git-fixes). - ACPI: resource: Fix memory resource type union access (git-fixes). - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes). - ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array (git