SUSE-SU-2025:01965-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202501965-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:01965-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:01965-1
Related
Published
2025-06-16T14:54:36Z
Modified
2025-06-17T13:29:30.401246Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
  • CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
  • CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
  • CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
  • CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
  • CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
  • CVE-2025-21702: pfifotailenqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
  • CVE-2025-21787: team: better TEAMOPTIONTYPE_STRING validation (bsc#1238774).
  • CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
  • CVE-2025-21919: sched/fair: Fix potential memory corruption in childcfsrqonlist (bsc#1240593).
  • CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
  • CVE-2025-22030: mm: zswap: fix cryptofreeacomp() deadlock in zswapcpucomp_dead() (bsc#1241376).
  • CVE-2025-22056: netfilter: nfttunnel: fix geneveopt type confusion addition (bsc#1241525).
  • CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
  • CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
  • CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
  • CVE-2025-22103: net: fix NULL pointer dereference in l3mdevl3rcv (bsc#1241448).
  • CVE-2025-23140: misc: pciendpointtest: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
  • CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
  • CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
  • CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtkiommudevice_group (bsc#1242523).
  • CVE-2025-37749: net: ppp: Add bound checking for skb data on pppsynctxmung (bsc#1242859).
  • CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
  • CVE-2025-37755: net: libwx: handle pagepooldevallocpages error (bsc#1242506).
  • CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
  • CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
  • CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
  • CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
  • CVE-2025-37790: net: mctp: Set SOCKRCUFREE (bsc#1242509).
  • CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
  • CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
  • CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
  • CVE-2025-37809: usb: typec: class: Unlocked on error in typecregisterpartner() (bsc#1242856).
  • CVE-2025-37820: xen-netfront: handle NULL returned by xdpconvertbufftoframe() (bsc#1242866).
  • CVE-2025-37823: netsched: hfsc: Fix a potential UAF in hfscdequeue() too (bsc#1242924).
  • CVE-2025-37824: tipc: fix NULL pointer dereference in tipcmonreinit_self() (bsc#1242867).
  • CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqget_rate() (bsc#1242875).
  • CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqget_rate() (bsc#1242860).
  • CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate() (bsc#1242861).
  • CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
  • CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
  • CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
  • CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
  • CVE-2025-37886: pdscore: make waitcontext part of q_info (bsc#1242944).
  • CVE-2025-37887: pdscore: handle unsupported PDSCORECMDFW_CONTROL result (bsc#1242962).
  • CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
  • CVE-2025-37954: smb: client: Avoid race in opencacheddir with lease breaks (bsc#1243664).
  • CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
  • CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
  • CVE-2025-37960: memblock: Accept allocated memory before use in memblockdoublearray() (bsc#1243519).
  • CVE-2025-37974: s390/pci: Fix missing check for zpcicreatedevice() error return (bsc#1243547).
  • CVE-2025-38152: remoteproc: core: Clear tablesz when rprocshutdown (bsc#1241627).
  • CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).

The following non-security bugs were fixed:

  • ACPI: PPTT: Fix processor subtable walk (git-fixes).
  • ALSA: es1968: Add error handling for sndpcmhwconstraintpow2() (git-fixes).
  • ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
  • ALSA: sh: SNDAICA should depend on SHDMA_API (git-fixes).
  • ALSA: ump: Fix a typo of sndumpstreammsgdevice_info (git-fixes).
  • ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
  • ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
  • ASoC: SOF: ipc4-control: Use SOFCTRLCMDBINARY as numid for bytesext (git-fixes).
  • ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
  • ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
  • Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
  • Bluetooth: MGMT: Fix MGMTOPADD_DEVICE invalid device flags (git-fixes).
  • Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
  • Drivers: hv: Allow vmbussendpacketmpb_desc() to create multiple ranges (git-fixes).
  • Fix write to cloned skb in ipv6hopioam() (git-fixes).
  • HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
  • HID: uclogic: Add NULL check in uclogicinputconfigured() (git-fixes).
  • IB/cm: use rwlock for MAD agent lock (git-fixes)
  • Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
  • Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
  • Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
  • Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
  • Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
  • Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
  • Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
  • Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
  • KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
  • KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
  • KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
  • KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
  • KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
  • KVM: arm64: Change kvmhandlemmio_return() return polarity (git-fixes).
  • KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
  • KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
  • KVM: arm64: Mark some header functions as inline (git-fixes).
  • KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
  • KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
  • KVM: arm64: vgic-its: Add a data length check in vgicitssave_* (git-fixes).
  • KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
  • KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
  • KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
  • KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
  • KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
  • KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
  • KVM: nVMX: Check PAUSEEXITING, not BUSLOCK_DETECTION, on PAUSE emulation (git-fixes).
  • KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
  • KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
  • KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
  • KVM: x86: Acquire SRCU in KVMGETMP_STATE to protect guest memory accesses (git-fixes).
  • KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
  • KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
  • KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
  • KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
  • KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
  • KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
  • KVM: x86: Remove the unreachable case for 0x80000022 leaf in _docpuid_func() (git-fixes).
  • KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
  • NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
  • NFSD: Skip sending CBRECALLANY when the backchannel isn't up (git-fixes).
  • NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
  • NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
  • RDMA/cma: Fix hang when cmaneteventcallback fails to queue_work (git-fixes)
  • RDMA/core: Fix 'KASAN: slab-use-after-free Read in ibregisterdevice' problem (git-fixes)
  • RDMA/hns: Include hnae3.h in hnsrocehw_v2.h (git-fixes)
  • RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
  • RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
  • RDMA/rxe: Fix 'trying to register non-static key in rxeqpdo_cleanup' bug (git-fixes)
  • RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug (git-fixes)
  • cBPF: Refresh fixes for cBPF issue (bsc#1242778)
  • Squashfs: check return result of sbminblocksize (git-fixes).
  • Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
  • Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
  • Xen/swiotlb: mark xenswiotlbfixup() __init (git-fixes).
  • add bug reference for an existing hv_netvsc change (bsc#1243737).
  • afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
  • afs: Make it possible to find the volumes that are using a server (git-fixes).
  • arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
  • arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
  • arm64: cputype: Add QCOMCPUPARTKRYO3XX_GOLD (git-fixes)
  • arm64: dts: imx8mm-verdin: Link regusdhc2vqmmc to usdhc2 (git-fixes)
  • arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
  • arm64: insn: Add support for encoding DSB (git-fixes)
  • arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
  • arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
  • arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
  • arp: switch to devgetbyhwaddr() in arpreqsetpublic() (git-fixes).
  • bnxten: Add missing skbmarkforrecycle() in bnxtrxvlan() (git-fixes).
  • bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
  • bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
  • bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
  • bpf: Fix mismatched RCU unlock flavour in bpfoutneigh_v6 (git-fixes).
  • bpf: Scrub packet on bpfredirectpeer (git-fixes).
  • btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
  • btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
  • btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
  • btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
  • btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
  • btrfs: fix a leaked chunk map issue in readonechunk() (git-fixes).
  • btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
  • btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
  • can: bcm: add locking for bcm_op runtime updates (git-fixes).
  • can: bcm: add missing rcu read protection for procfs content (git-fixes).
  • can: slcan: allow reception of short error messages (git-fixes).
  • cifs: change tcon status when need_reconnect is set on it (git-fixes).
  • cifs: reduce warning log level for server not advertising interfaces (git-fixes).
  • crypto: algifhash - fix double free in hashaccept (git-fixes).
  • devlink: fix port new reply cmd type (git-fixes).
  • dm-integrity: fix a warning on invalid table line (git-fixes).
  • dma-buf: insert memory barrier before updating num_fences (git-fixes).
  • dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
  • dmaengine: idxd: Add missing cleanup for early error out in idxdsetupinternals (git-fixes).
  • dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
  • dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
  • dmaengine: idxd: Fix ->poll() return value (git-fixes).
  • dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
  • dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdpciprobe (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdsetupengines (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdsetupgroups (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdsetupwqs (git-fixes).
  • dmaengine: mediatek: Fix a possible deadlock error in mtkcqdmatx_status() (git-fixes).
  • dmaengine: mediatek: drop unused variable (git-fixes).
  • dmaengine: ti: k3-udma: Add missing locking (git-fixes).
  • dmaengine: ti: k3-udma: Use capmask directly from dmadevice structure instead of a local copy (git-fixes).
  • drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
  • drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
  • drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
  • drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
  • drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
  • drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
  • drm/amdgpu: fix pm notifier handling (git-fixes).
  • drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
  • drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
  • drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
  • exfat: fix potential wrong error return from get_block (git-fixes).
  • hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
  • hvnetvsc: Remove rmsgpgcnt (git-fixes).
  • hvnetvsc: Use vmbussendpacketmpbdesc() to send VMBus messages (git-fixes).
  • i2c: designware: Fix an error handling path in i2cdwpci_probe() (git-fixes).
  • ice: Check VF VSI Pointer Value in icevcaddfdirfltr() (git-fixes).
  • idpf: fix offloads support for encapsulated packets (git-fixes).
  • idpf: fix potential memory leak on kcalloc() failure (git-fixes).
  • idpf: protect shutdown from reset (git-fixes).
  • igc: fix lock order in igcptpreset (git-fixes).
  • inetpeer: remove create argument of inetgetpeerv() (git-fixes).
  • inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
  • ipv4/route: avoid unused-but-set-variable warning (git-fixes).
  • ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
  • ipv4: Convert icmproutelookup() to dscp_t (git-fixes).
  • ipv4: Fix incorrect source address in Record Route option (git-fixes).
  • ipv4: Mask upper DSCP bits and ECN bits in NETLINKFIBLOOKUP family (git-fixes).
  • ipv4: fix source address selection with route leak (git-fixes).
  • ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
  • ipv4: icmp: Pass full DS field to iprouteinput() (git-fixes).
  • ipv4: ipgre: Avoid skbpull() failure in ipgre_xmit() (git-fixes).
  • ipv4: ipgre: Fix drops of small packets in ipgrexmit (git-fixes).
  • ipv4: iptunnel: Unmask upper DSCP bits in ipmdtunnelxmit() (git-fixes).
  • ipv4: iptunnel: Unmask upper DSCP bits in iptunnelbinddev() (git-fixes).
  • ipv4: iptunnel: Unmask upper DSCP bits in iptunnel_xmit() (git-fixes).
  • ipv4: properly combine devbaseseq and ipv4.devaddrgenid (git-fixes).
  • ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
  • ipv6: Align behavior across nexthops during path selection (git-fixes).
  • ipv6: Do not consider link down nexthops in path selection (git-fixes).
  • ipv6: Start path selection from the first nexthop (git-fixes).
  • ipv6: fix omitted netlink attributes when using RTEXTFILTERSKIP_STATS (git-fixes).
  • jiffies: Cast to unsigned long in secstojiffies() conversion (bsc#1242993).
  • jiffies: Define secstojiffies() (bsc#1242993).
  • kernel-obs-qa: Use srchash for dependency as well
  • loop: Add sanity check for read/write_iter (git-fixes).
  • loop: aio inherit the ioprio of original request (git-fixes).
  • loop: do not require ->writeiter for writable files in loopconfigure (git-fixes).
  • md/raid1,raid10: do not ignore IO flags (git-fixes).
  • md/raid10: fix missing discard IO accounting (git-fixes).
  • md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
  • md/raid1: Add check for missing source disk in process_checks() (git-fixes).
  • md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
  • md/raid5: implement pers->bitmap_sector() (git-fixes).
  • md: add a new callback pers->bitmap_sector() (git-fixes).
  • md: ensure resync is prioritized over recovery (git-fixes).
  • md: fix mddev uaf while iterating all_mddevs list (git-fixes).
  • md: preserve KABI in struct md_personality v2 (git-fixes).
  • media: videobuf2: Add missing doc comment for waitingindqbuf (git-fixes).
  • mtd: phram: Add the kernel lock down check (bsc#1232649).
  • neighbour: delete redundant judgment statements (git-fixes).
  • net/handshake: Fix handshakereqdestroy_test1 (git-fixes).
  • net/handshake: Fix memory leak in _sockcreate() and sockallocfile() (git-fixes).
  • net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
  • net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
  • net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
  • net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
  • net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
  • net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
  • net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
  • net: Clear old fragment checksum value in napireuseskb (git-fixes).
  • net: Handle napi_schedule() calls from non-interrupt (git-fixes).
  • net: Implement missing SOTIMESTAMPINGNEW cmsg support (git-fixes).
  • net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
  • net: do not dump stack on queue timeout (git-fixes).
  • net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
  • net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
  • net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
  • net: qede: Initialize qedellops with designated initializer (git-fixes).
  • net: reenable NETIFFIPV6_CSUM offload for BIG TCP packets (git-fixes).
  • net: set the minimum for nethotdata.netdevbudget_usecs (git-fixes).
  • net: skip offload for NETIFFIPV6_CSUM if ipv6 header contains extension (git-fixes).
  • netdev-genl: avoid empty messages in queue dump (git-fixes).
  • netdev: fix repeated netlink messages in queue dump (git-fixes).
  • netlink: annotate data-races around sk->sk_err (git-fixes).
  • netpoll: Ensure clean state on setup failures (git-fixes).
  • nfs: handle failure of nfsgetlock_context in unlock path (git-fixes).
  • nfsd: add listhead nfgc to struct nfsd_file (git-fixes).
  • nilfs2: add pointer check for nilfsdirectpropagate() (git-fixes).
  • nilfs2: do not propagate ENOENT error from nilfsbtreepropagate() (git-fixes).
  • nvme-pci: acquire cqpolllock in nvmepollirqdisable (git-fixes bsc#1223096).
  • nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
  • nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
  • nvme-pci: make nvmepcinpagesprp() _always_inline (git-fixes).
  • nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
  • nvme-tcp: select CONFIGTLS from CONFIGNVMETCPTLS (git-fixes).
  • nvme: Add 'partial_nid' quirk (bsc#1241148).
  • nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
  • nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
  • nvme: multipath: fix return value of nvmeavailablepath (git-fixes).
  • nvme: re-read ANA log page after ns scan completes (git-fixes).
  • nvme: requeue namespace scan on missed AENs (git-fixes).
  • nvme: unblock ctrl state transition for firmware update (git-fixes).
  • nvmet-fc: inline nvmetfcdelete_assoc (git-fixes).
  • nvmet-fc: inline nvmetfcfree_hostport (git-fixes).
  • nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
  • nvmet-fc: take tgtport reference only once (git-fixes).
  • nvmet-fc: update tgtport ref per assoc (git-fixes).
  • nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
  • nvmet-fcloop: add ref counting to lport (git-fixes).
  • nvmet-fcloop: replace kref with refcount (git-fixes).
  • nvmet-tcp: select CONFIGTLS from CONFIGNVMETARGETTCP_TLS (git-fixes).
  • objtool, panic: Disable SMAP in _stackchk_fail() (bsc#1243963).
  • ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
  • octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
  • padata: do not leak refcount in reorder_work (git-fixes).
  • phy: Fix error handling in tegraxusbport_init (git-fixes).
  • phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
  • phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
  • phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
  • phy: tegra: xusb: remove a stray unlock (git-fixes).
  • platform/x86: dell-wmi-sysman: Avoid buffer overflow in currentpasswordstore() (git-fixes).
  • powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
  • powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
  • qibfs: fix another leak (git-fixes)
  • rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
  • rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
  • rcu: Break rcunode0 --> &rq->__lock order (git-fixes)
  • rcu: Introduce rcucpuonline() (git-fixes)
  • regulator: max20086: fix invalid memory access (git-fixes).
  • s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
  • scsi: Improve CDL control (git-fixes).
  • scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
  • scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
  • scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmo_callbk (bsc#1242993).
  • scsi: lpfc: Convert timeouts to secstojiffies() (bsc#1242993).
  • scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
  • scsi: lpfc: Create lpfcvmidinfo sysfs entry (bsc#1242993).
  • scsi: lpfc: Fix lpfccheckslindlp() handling for GENREQUEST64 commands (bsc#1242993).
  • scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
  • scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
  • scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
  • scsi: lpfc: Restart erattpoll timer if HBASETUP flag still unset (bsc#1242993).
  • scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
  • scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
  • scsi: lpfc: convert timeouts to secstojiffies() (bsc#1242993).
  • scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
  • scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
  • scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
  • scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
  • scsi: qla2xxx: Remove duplicate struct crbaddrpair (bsc#1243090).
  • scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
  • scsi: qla2xxx: Remove unused qllogqp (bsc#1243090).
  • scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qla82xxpciregion_offset() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qla82xxwaitforstatechange() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qlt83xxiospace_config() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qltfcport_deleted() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qltfreeqfull_cmds() (bsc#1243090).
  • selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
  • smb3: fix Open files on server counter going negative (git-fixes).
  • smb: client: Use stryesno() helper function (git-fixes).
  • smb: client: allow more DFS referrals to be cached (git-fixes).
  • smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
  • smb: client: change return value in opencacheddirbydentry() if !cfids (git-fixes).
  • smb: client: do not retry DFS targets on server shutdown (git-fixes).
  • smb: client: do not trust DFSREFSTORAGESERVER bit (git-fixes).
  • smb: client: do not try following DFS links in cifstreeconnect() (git-fixes).
  • smb: client: fix DFS interlink failover (git-fixes).
  • smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
  • smb: client: fix hang in waitforresponse() for negproto (bsc#1242709).
  • smb: client: fix potential race in cifsputtcon() (git-fixes).
  • smb: client: fix return value of parsedfsreferrals() (git-fixes).
  • smb: client: get rid of @nlsc param in cifstreeconnect() (git-fixes).
  • smb: client: get rid of TCPServerInfo::refpath_lock (git-fixes).
  • smb: client: get rid of kstrdup() in getsesrefpath() (git-fixes).
  • smb: client: improve purging of cached referrals (git-fixes).
  • smb: client: introduce avforeach_entry() helper (git-fixes).
  • smb: client: optimize referral walk on failed link targets (git-fixes).
  • smb: client: parse DNS domain name from domain= option (git-fixes).
  • smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
  • smb: client: provide dnsresolve{unc,name} helpers (git-fixes).
  • smb: client: refresh referral without acquiring refpath_lock (git-fixes).
  • smb: client: remove unnecessary checks in opencacheddir() (git-fixes).
  • spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
  • spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
  • spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
  • spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
  • spi: tegra114: Use value to check for invalid delays (git-fixes).
  • tcpbpf: Charge receive socket buffer in bpftcp_ingress() (git-fixes).
  • tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
  • thermal: intel: x86pkgtemp_thermal: Fix bogus trip temperature (git-fixes).
  • usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
  • vhost-scsi: Fix handling of multiple calls to vhostscsiset_endpoint (git-fixes).
  • virtio_console: fix missing byte order handling for cols and rows (git-fixes).
  • wifi: mac80211: Set nchannels after allocating struct cfg80211scan_request (git-fixes).
  • wifi: mt76: disable napi on driver removal (git-fixes).
  • x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
  • x86/xen: move xenreserveextra_memory() (git-fixes).
  • xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
  • xen: Change xen-acpi-processor dom0 dependency (git-fixes).
  • xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
  • xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
  • xhci: split free interrupter into separate remove and free parts (git-fixes).
  • xsk: Add truesize to skbaddrx_frag() (git-fixes).
  • xsk: Do not assume metadata is always requested in TX completion (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP6 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP6 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP6 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

openSUSE:Leap 15.6 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kselftests-kmp-azure": "6.4.0-150600.8.40.1",
            "dlm-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "ocfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "reiserfs-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-optional": "6.4.0-150600.8.40.1",
            "kernel-azure-extra": "6.4.0-150600.8.40.1",
            "cluster-md-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1",
            "gfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-vdso": "6.4.0-150600.8.40.1"
        }
    ]
}

openSUSE:Leap 15.6 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kselftests-kmp-azure": "6.4.0-150600.8.40.1",
            "dlm-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "ocfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "reiserfs-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-optional": "6.4.0-150600.8.40.1",
            "kernel-azure-extra": "6.4.0-150600.8.40.1",
            "cluster-md-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1",
            "gfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-vdso": "6.4.0-150600.8.40.1"
        }
    ]
}

openSUSE:Leap 15.6 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kselftests-kmp-azure": "6.4.0-150600.8.40.1",
            "dlm-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "ocfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "reiserfs-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-optional": "6.4.0-150600.8.40.1",
            "kernel-azure-extra": "6.4.0-150600.8.40.1",
            "cluster-md-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1",
            "gfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-vdso": "6.4.0-150600.8.40.1"
        }
    ]
}