SUSE-SU-2025:01965-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202501965-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:01965-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:01965-1
Upstream
Related
Published
2025-06-16T14:54:36Z
Modified
2025-06-17T13:29:30.401246Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
  • CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
  • CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
  • CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
  • CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
  • CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
  • CVE-2025-21702: pfifotailenqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
  • CVE-2025-21787: team: better TEAMOPTIONTYPE_STRING validation (bsc#1238774).
  • CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
  • CVE-2025-21919: sched/fair: Fix potential memory corruption in childcfsrqonlist (bsc#1240593).
  • CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
  • CVE-2025-22030: mm: zswap: fix cryptofreeacomp() deadlock in zswapcpucomp_dead() (bsc#1241376).
  • CVE-2025-22056: netfilter: nfttunnel: fix geneveopt type confusion addition (bsc#1241525).
  • CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
  • CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
  • CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
  • CVE-2025-22103: net: fix NULL pointer dereference in l3mdevl3rcv (bsc#1241448).
  • CVE-2025-23140: misc: pciendpointtest: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
  • CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
  • CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
  • CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtkiommudevice_group (bsc#1242523).
  • CVE-2025-37749: net: ppp: Add bound checking for skb data on pppsynctxmung (bsc#1242859).
  • CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
  • CVE-2025-37755: net: libwx: handle pagepooldevallocpages error (bsc#1242506).
  • CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
  • CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
  • CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
  • CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
  • CVE-2025-37790: net: mctp: Set SOCKRCUFREE (bsc#1242509).
  • CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
  • CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
  • CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
  • CVE-2025-37809: usb: typec: class: Unlocked on error in typecregisterpartner() (bsc#1242856).
  • CVE-2025-37820: xen-netfront: handle NULL returned by xdpconvertbufftoframe() (bsc#1242866).
  • CVE-2025-37823: netsched: hfsc: Fix a potential UAF in hfscdequeue() too (bsc#1242924).
  • CVE-2025-37824: tipc: fix NULL pointer dereference in tipcmonreinit_self() (bsc#1242867).
  • CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqget_rate() (bsc#1242875).
  • CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqget_rate() (bsc#1242860).
  • CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate() (bsc#1242861).
  • CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
  • CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
  • CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
  • CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
  • CVE-2025-37886: pdscore: make waitcontext part of q_info (bsc#1242944).
  • CVE-2025-37887: pdscore: handle unsupported PDSCORECMDFW_CONTROL result (bsc#1242962).
  • CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
  • CVE-2025-37954: smb: client: Avoid race in opencacheddir with lease breaks (bsc#1243664).
  • CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
  • CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
  • CVE-2025-37960: memblock: Accept allocated memory before use in memblockdoublearray() (bsc#1243519).
  • CVE-2025-37974: s390/pci: Fix missing check for zpcicreatedevice() error return (bsc#1243547).
  • CVE-2025-38152: remoteproc: core: Clear tablesz when rprocshutdown (bsc#1241627).
  • CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).

The following non-security bugs were fixed:

  • ACPI: PPTT: Fix processor subtable walk (git-fixes).
  • ALSA: es1968: Add error handling for sndpcmhwconstraintpow2() (git-fixes).
  • ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
  • ALSA: sh: SNDAICA should depend on SHDMA_API (git-fixes).
  • ALSA: ump: Fix a typo of sndumpstreammsgdevice_info (git-fixes).
  • ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
  • ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
  • ASoC: SOF: ipc4-control: Use SOFCTRLCMDBINARY as numid for bytesext (git-fixes).
  • ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
  • ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
  • Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
  • Bluetooth: MGMT: Fix MGMTOPADD_DEVICE invalid device flags (git-fixes).
  • Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
  • Drivers: hv: Allow vmbussendpacketmpb_desc() to create multiple ranges (git-fixes).
  • Fix write to cloned skb in ipv6hopioam() (git-fixes).
  • HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
  • HID: uclogic: Add NULL check in uclogicinputconfigured() (git-fixes).
  • IB/cm: use rwlock for MAD agent lock (git-fixes)
  • Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
  • Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
  • Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
  • Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
  • Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
  • Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
  • Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
  • Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
  • KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
  • KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
  • KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
  • KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
  • KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
  • KVM: arm64: Change kvmhandlemmio_return() return polarity (git-fixes).
  • KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
  • KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
  • KVM: arm64: Mark some header functions as inline (git-fixes).
  • KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
  • KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
  • KVM: arm64: vgic-its: Add a data length check in vgicitssave_* (git-fixes).
  • KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
  • KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
  • KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
  • KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
  • KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
  • KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
  • KVM: nVMX: Check PAUSEEXITING, not BUSLOCK_DETECTION, on PAUSE emulation (git-fixes).
  • KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
  • KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
  • KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
  • KVM: x86: Acquire SRCU in KVMGETMP_STATE to protect guest memory accesses (git-fixes).
  • KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
  • KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
  • KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
  • KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
  • KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
  • KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
  • KVM: x86: Remove the unreachable case for 0x80000022 leaf in _docpuid_func() (git-fixes).
  • KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
  • NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
  • NFSD: Skip sending CBRECALLANY when the backchannel isn't up (git-fixes).
  • NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
  • NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
  • RDMA/cma: Fix hang when cmaneteventcallback fails to queue_work (git-fixes)
  • RDMA/core: Fix 'KASAN: slab-use-after-free Read in ibregisterdevice' problem (git-fixes)
  • RDMA/hns: Include hnae3.h in hnsrocehw_v2.h (git-fixes)
  • RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
  • RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
  • RDMA/rxe: Fix 'trying to register non-static key in rxeqpdo_cleanup' bug (git-fixes)
  • RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug (git-fixes)
  • cBPF: Refresh fixes for cBPF issue (bsc#1242778)
  • Squashfs: check return result of sbminblocksize (git-fixes).
  • Update patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
  • Update patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
  • Xen/swiotlb: mark xenswiotlbfixup() __init (git-fixes).
  • add bug reference for an existing hv_netvsc change (bsc#1243737).
  • afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
  • afs: Make it possible to find the volumes that are using a server (git-fixes).
  • arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
  • arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
  • arm64: cputype: Add QCOMCPUPARTKRYO3XX_GOLD (git-fixes)
  • arm64: dts: imx8mm-verdin: Link regusdhc2vqmmc to usdhc2 (git-fixes)
  • arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
  • arm64: insn: Add support for encoding DSB (git-fixes)
  • arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
  • arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
  • arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
  • arp: switch to devgetbyhwaddr() in arpreqsetpublic() (git-fixes).
  • bnxten: Add missing skbmarkforrecycle() in bnxtrxvlan() (git-fixes).
  • bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
  • bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
  • bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
  • bpf: Fix mismatched RCU unlock flavour in bpfoutneigh_v6 (git-fixes).
  • bpf: Scrub packet on bpfredirectpeer (git-fixes).
  • btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
  • btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
  • btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
  • btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
  • btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
  • btrfs: fix a leaked chunk map issue in readonechunk() (git-fixes).
  • btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
  • btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
  • can: bcm: add locking for bcm_op runtime updates (git-fixes).
  • can: bcm: add missing rcu read protection for procfs content (git-fixes).
  • can: slcan: allow reception of short error messages (git-fixes).
  • cifs: change tcon status when need_reconnect is set on it (git-fixes).
  • cifs: reduce warning log level for server not advertising interfaces (git-fixes).
  • crypto: algifhash - fix double free in hashaccept (git-fixes).
  • devlink: fix port new reply cmd type (git-fixes).
  • dm-integrity: fix a warning on invalid table line (git-fixes).
  • dma-buf: insert memory barrier before updating num_fences (git-fixes).
  • dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
  • dmaengine: idxd: Add missing cleanup for early error out in idxdsetupinternals (git-fixes).
  • dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
  • dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
  • dmaengine: idxd: Fix ->poll() return value (git-fixes).
  • dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
  • dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdpciprobe (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdsetupengines (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdsetupgroups (git-fixes).
  • dmaengine: idxd: fix memory leak in error handling path of idxdsetupwqs (git-fixes).
  • dmaengine: mediatek: Fix a possible deadlock error in mtkcqdmatx_status() (git-fixes).
  • dmaengine: mediatek: drop unused variable (git-fixes).
  • dmaengine: ti: k3-udma: Add missing locking (git-fixes).
  • dmaengine: ti: k3-udma: Use capmask directly from dmadevice structure instead of a local copy (git-fixes).
  • drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
  • drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
  • drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
  • drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
  • drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
  • drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
  • drm/amdgpu: fix pm notifier handling (git-fixes).
  • drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
  • drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
  • drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
  • exfat: fix potential wrong error return from get_block (git-fixes).
  • hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
  • hvnetvsc: Remove rmsgpgcnt (git-fixes).
  • hvnetvsc: Use vmbussendpacketmpbdesc() to send VMBus messages (git-fixes).
  • i2c: designware: Fix an error handling path in i2cdwpci_probe() (git-fixes).
  • ice: Check VF VSI Pointer Value in icevcaddfdirfltr() (git-fixes).
  • idpf: fix offloads support for encapsulated packets (git-fixes).
  • idpf: fix potential memory leak on kcalloc() failure (git-fixes).
  • idpf: protect shutdown from reset (git-fixes).
  • igc: fix lock order in igcptpreset (git-fixes).
  • inetpeer: remove create argument of inetgetpeerv() (git-fixes).
  • inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
  • ipv4/route: avoid unused-but-set-variable warning (git-fixes).
  • ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
  • ipv4: Convert icmproutelookup() to dscp_t (git-fixes).
  • ipv4: Fix incorrect source address in Record Route option (git-fixes).
  • ipv4: Mask upper DSCP bits and ECN bits in NETLINKFIBLOOKUP family (git-fixes).
  • ipv4: fix source address selection with route leak (git-fixes).
  • ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
  • ipv4: icmp: Pass full DS field to iprouteinput() (git-fixes).
  • ipv4: ipgre: Avoid skbpull() failure in ipgre_xmit() (git-fixes).
  • ipv4: ipgre: Fix drops of small packets in ipgrexmit (git-fixes).
  • ipv4: iptunnel: Unmask upper DSCP bits in ipmdtunnelxmit() (git-fixes).
  • ipv4: iptunnel: Unmask upper DSCP bits in iptunnelbinddev() (git-fixes).
  • ipv4: iptunnel: Unmask upper DSCP bits in iptunnel_xmit() (git-fixes).
  • ipv4: properly combine devbaseseq and ipv4.devaddrgenid (git-fixes).
  • ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
  • ipv6: Align behavior across nexthops during path selection (git-fixes).
  • ipv6: Do not consider link down nexthops in path selection (git-fixes).
  • ipv6: Start path selection from the first nexthop (git-fixes).
  • ipv6: fix omitted netlink attributes when using RTEXTFILTERSKIP_STATS (git-fixes).
  • jiffies: Cast to unsigned long in secstojiffies() conversion (bsc#1242993).
  • jiffies: Define secstojiffies() (bsc#1242993).
  • kernel-obs-qa: Use srchash for dependency as well
  • loop: Add sanity check for read/write_iter (git-fixes).
  • loop: aio inherit the ioprio of original request (git-fixes).
  • loop: do not require ->writeiter for writable files in loopconfigure (git-fixes).
  • md/raid1,raid10: do not ignore IO flags (git-fixes).
  • md/raid10: fix missing discard IO accounting (git-fixes).
  • md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
  • md/raid1: Add check for missing source disk in process_checks() (git-fixes).
  • md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
  • md/raid5: implement pers->bitmap_sector() (git-fixes).
  • md: add a new callback pers->bitmap_sector() (git-fixes).
  • md: ensure resync is prioritized over recovery (git-fixes).
  • md: fix mddev uaf while iterating all_mddevs list (git-fixes).
  • md: preserve KABI in struct md_personality v2 (git-fixes).
  • media: videobuf2: Add missing doc comment for waitingindqbuf (git-fixes).
  • mtd: phram: Add the kernel lock down check (bsc#1232649).
  • neighbour: delete redundant judgment statements (git-fixes).
  • net/handshake: Fix handshakereqdestroy_test1 (git-fixes).
  • net/handshake: Fix memory leak in _sockcreate() and sockallocfile() (git-fixes).
  • net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
  • net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
  • net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
  • net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
  • net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
  • net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
  • net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
  • net: Clear old fragment checksum value in napireuseskb (git-fixes).
  • net: Handle napi_schedule() calls from non-interrupt (git-fixes).
  • net: Implement missing SOTIMESTAMPINGNEW cmsg support (git-fixes).
  • net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
  • net: do not dump stack on queue timeout (git-fixes).
  • net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
  • net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
  • net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
  • net: qede: Initialize qedellops with designated initializer (git-fixes).
  • net: reenable NETIFFIPV6_CSUM offload for BIG TCP packets (git-fixes).
  • net: set the minimum for nethotdata.netdevbudget_usecs (git-fixes).
  • net: skip offload for NETIFFIPV6_CSUM if ipv6 header contains extension (git-fixes).
  • netdev-genl: avoid empty messages in queue dump (git-fixes).
  • netdev: fix repeated netlink messages in queue dump (git-fixes).
  • netlink: annotate data-races around sk->sk_err (git-fixes).
  • netpoll: Ensure clean state on setup failures (git-fixes).
  • nfs: handle failure of nfsgetlock_context in unlock path (git-fixes).
  • nfsd: add listhead nfgc to struct nfsd_file (git-fixes).
  • nilfs2: add pointer check for nilfsdirectpropagate() (git-fixes).
  • nilfs2: do not propagate ENOENT error from nilfsbtreepropagate() (git-fixes).
  • nvme-pci: acquire cqpolllock in nvmepollirqdisable (git-fixes bsc#1223096).
  • nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
  • nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
  • nvme-pci: make nvmepcinpagesprp() _always_inline (git-fixes).
  • nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
  • nvme-tcp: select CONFIGTLS from CONFIGNVMETCPTLS (git-fixes).
  • nvme: Add 'partial_nid' quirk (bsc#1241148).
  • nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
  • nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
  • nvme: multipath: fix return value of nvmeavailablepath (git-fixes).
  • nvme: re-read ANA log page after ns scan completes (git-fixes).
  • nvme: requeue namespace scan on missed AENs (git-fixes).
  • nvme: unblock ctrl state transition for firmware update (git-fixes).
  • nvmet-fc: inline nvmetfcdelete_assoc (git-fixes).
  • nvmet-fc: inline nvmetfcfree_hostport (git-fixes).
  • nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
  • nvmet-fc: take tgtport reference only once (git-fixes).
  • nvmet-fc: update tgtport ref per assoc (git-fixes).
  • nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
  • nvmet-fcloop: add ref counting to lport (git-fixes).
  • nvmet-fcloop: replace kref with refcount (git-fixes).
  • nvmet-tcp: select CONFIGTLS from CONFIGNVMETARGETTCP_TLS (git-fixes).
  • objtool, panic: Disable SMAP in _stackchk_fail() (bsc#1243963).
  • ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
  • octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
  • padata: do not leak refcount in reorder_work (git-fixes).
  • phy: Fix error handling in tegraxusbport_init (git-fixes).
  • phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
  • phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
  • phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
  • phy: tegra: xusb: remove a stray unlock (git-fixes).
  • platform/x86: dell-wmi-sysman: Avoid buffer overflow in currentpasswordstore() (git-fixes).
  • powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
  • powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
  • qibfs: fix another leak (git-fixes)
  • rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
  • rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
  • rcu: Break rcunode0 --> &rq->__lock order (git-fixes)
  • rcu: Introduce rcucpuonline() (git-fixes)
  • regulator: max20086: fix invalid memory access (git-fixes).
  • s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
  • scsi: Improve CDL control (git-fixes).
  • scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
  • scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
  • scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmo_callbk (bsc#1242993).
  • scsi: lpfc: Convert timeouts to secstojiffies() (bsc#1242993).
  • scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
  • scsi: lpfc: Create lpfcvmidinfo sysfs entry (bsc#1242993).
  • scsi: lpfc: Fix lpfccheckslindlp() handling for GENREQUEST64 commands (bsc#1242993).
  • scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
  • scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
  • scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
  • scsi: lpfc: Restart erattpoll timer if HBASETUP flag still unset (bsc#1242993).
  • scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
  • scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
  • scsi: lpfc: convert timeouts to secstojiffies() (bsc#1242993).
  • scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
  • scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
  • scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
  • scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
  • scsi: qla2xxx: Remove duplicate struct crbaddrpair (bsc#1243090).
  • scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
  • scsi: qla2xxx: Remove unused qllogqp (bsc#1243090).
  • scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qla82xxpciregion_offset() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qla82xxwaitforstatechange() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qlt83xxiospace_config() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qltfcport_deleted() (bsc#1243090).
  • scsi: qla2xxx: Remove unused qltfreeqfull_cmds() (bsc#1243090).
  • selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
  • smb3: fix Open files on server counter going negative (git-fixes).
  • smb: client: Use stryesno() helper function (git-fixes).
  • smb: client: allow more DFS referrals to be cached (git-fixes).
  • smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
  • smb: client: change return value in opencacheddirbydentry() if !cfids (git-fixes).
  • smb: client: do not retry DFS targets on server shutdown (git-fixes).
  • smb: client: do not trust DFSREFSTORAGESERVER bit (git-fixes).
  • smb: client: do not try following DFS links in cifstreeconnect() (git-fixes).
  • smb: client: fix DFS interlink failover (git-fixes).
  • smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
  • smb: client: fix hang in waitforresponse() for negproto (bsc#1242709).
  • smb: client: fix potential race in cifsputtcon() (git-fixes).
  • smb: client: fix return value of parsedfsreferrals() (git-fixes).
  • smb: client: get rid of @nlsc param in cifstreeconnect() (git-fixes).
  • smb: client: get rid of TCPServerInfo::refpath_lock (git-fixes).
  • smb: client: get rid of kstrdup() in getsesrefpath() (git-fixes).
  • smb: client: improve purging of cached referrals (git-fixes).
  • smb: client: introduce avforeach_entry() helper (git-fixes).
  • smb: client: optimize referral walk on failed link targets (git-fixes).
  • smb: client: parse DNS domain name from domain= option (git-fixes).
  • smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
  • smb: client: provide dnsresolve{unc,name} helpers (git-fixes).
  • smb: client: refresh referral without acquiring refpath_lock (git-fixes).
  • smb: client: remove unnecessary checks in opencacheddir() (git-fixes).
  • spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
  • spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
  • spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
  • spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
  • spi: tegra114: Use value to check for invalid delays (git-fixes).
  • tcpbpf: Charge receive socket buffer in bpftcp_ingress() (git-fixes).
  • tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
  • thermal: intel: x86pkgtemp_thermal: Fix bogus trip temperature (git-fixes).
  • usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
  • vhost-scsi: Fix handling of multiple calls to vhostscsiset_endpoint (git-fixes).
  • virtio_console: fix missing byte order handling for cols and rows (git-fixes).
  • wifi: mac80211: Set nchannels after allocating struct cfg80211scan_request (git-fixes).
  • wifi: mt76: disable napi on driver removal (git-fixes).
  • x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
  • x86/xen: move xenreserveextra_memory() (git-fixes).
  • xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
  • xen: Change xen-acpi-processor dom0 dependency (git-fixes).
  • xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
  • xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
  • xhci: split free interrupter into separate remove and free parts (git-fixes).
  • xsk: Add truesize to skbaddrx_frag() (git-fixes).
  • xsk: Do not assume metadata is always requested in TX completion (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP6 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP6 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP6 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

openSUSE:Leap 15.6 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-vdso": "6.4.0-150600.8.40.1",
            "cluster-md-kmp-azure": "6.4.0-150600.8.40.1",
            "kselftests-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-extra": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "reiserfs-kmp-azure": "6.4.0-150600.8.40.1",
            "ocfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "gfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-optional": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1",
            "dlm-kmp-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

openSUSE:Leap 15.6 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-vdso": "6.4.0-150600.8.40.1",
            "cluster-md-kmp-azure": "6.4.0-150600.8.40.1",
            "kselftests-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-extra": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "reiserfs-kmp-azure": "6.4.0-150600.8.40.1",
            "ocfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "gfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-optional": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1",
            "dlm-kmp-azure": "6.4.0-150600.8.40.1"
        }
    ]
}

openSUSE:Leap 15.6 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150600.8.40.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-azure-devel": "6.4.0-150600.8.40.1",
            "kernel-azure": "6.4.0-150600.8.40.1",
            "kernel-source-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-vdso": "6.4.0-150600.8.40.1",
            "cluster-md-kmp-azure": "6.4.0-150600.8.40.1",
            "kselftests-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-extra": "6.4.0-150600.8.40.1",
            "kernel-syms-azure": "6.4.0-150600.8.40.1",
            "reiserfs-kmp-azure": "6.4.0-150600.8.40.1",
            "ocfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "gfs2-kmp-azure": "6.4.0-150600.8.40.1",
            "kernel-azure-optional": "6.4.0-150600.8.40.1",
            "kernel-devel-azure": "6.4.0-150600.8.40.1",
            "dlm-kmp-azure": "6.4.0-150600.8.40.1"
        }
    ]
}