The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter . * CVE-2023-3389: Fixed a use-after-free vulnerability in the io_uring subsystem . * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver . * CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c . * CVE-2023-3212: Fixed a NULL pointer dereference flaw in the gfs2 file system . * CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub driver . * CVE-2023-3357: Fixed a NULL pointer dereference flaw in the AMD Sensor Fusion Hub driver . * CVE-2023-35828: Fixed a use-after-free flaw in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c . * CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system . * CVE-2023-35829: Fixed a use-after-free flaw in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c . * CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c . * CVE-2023-35823: Fixed a use-after-free flaw in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c . * CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font . * CVE-2023-21102: Fixed possible bypass of shadow stack protection in __efi_rt_asm_wrapper of efi-rt-wrapper.S . * CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect . * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . The following non-security bugs were fixed: * Drop dvb-core fix patch due to a bug . * Enable kernel modules bttv bt878 and snd-bt878 . * Fix missing top level chapter numbers on SLE12 SP5 . * Fix usrmerge error . * Generalize kernel-doc build requirements. * Get module prefix from kmod . * Remove orphaned CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT . * Revert "mtd: rawnand: arasan: Prevent an unsupported configuration" . * Revert "net: phy: dp83867: perform soft reset and retain established link" . * Squashfs: fix handling and sanity checking of xattr_ids count . * Update the Mellanox/Nvidia mlx5_core driver . * acpi: sleep: Avoid breaking S3 wakeup due to might_sleep . * affs: initialize fsdata in affs_truncate . * alsa: ac97: Fix possible NULL dereference in snd_ac97_mixer . * alsa: hda/realtek: Add "Intel Reference board" and "NUC 13" SSID in the ALC256 . * alsa: hda/realtek: Add Lenovo P3 Tower platform . * alsa: hda/realtek: Add a quirk for Compaq N14JP6 . * alsa: hda/realtek: Add a quirk for HP Slim Desktop S01 . * alsa: hda/realtek: Add quirk for ASUS ROG G634Z . * alsa: hda/realtek: Add quirk for ASUS ROG GV601V . * alsa: hda/realtek: Add quirk for Clevo NS50AU . * alsa: hda/realtek: Add quirks for ASUS GU604V and GU603V . * alsa: hda/realtek: Add quirks for Asus ROG 2024 laptops using CS35L41 . * alsa: hda/realtek: Add quirks for ROG ALLY CS35l41 audio . * alsa: hda/realtek: Enable 4 amplifiers instead of 2 on a HP platform . * alsa: hda/realtek: Enable mute/micmute LEDs and limit mic boost on EliteBook . * alsa: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs . * alsa: oss: avoid missing-prototype warnings . * alsa: usb-audio: Add quirk flag for HEM devices to enable native DSD playback . * alsa: usb-audio: Fix broken resume due to UAC3 power state . * amdgpu: validate offset_in_bo of drm_amdgpu_gem_va . * arm64: Add missing Set/Way CMO encodings . * arm64: Always load shadow stack pointer directly from the task struct * arm64: Stash shadow stack pointer in the task struct on interrupt * arm64: dts: Move BCM4908 dts to bcmbca folder * arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name * arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename * arm64: dts: imx8-ss-dma: assign default clock rate for lpuarts . * arm64: dts: imx8mn-beacon: Fix SPI CS pinmux . * arm64: dts: imx8mn-var-som: fix PHY detection bug by adding deassert * arm64: dts: imx8qm-mek: correct GPIOs for USDHC2 CD and WP signals . * arm64: dts: qcom: sc7180-lite: Fix SDRAM freq for misidentified sc7180-lite boards . * arm: 9295/1: unwind:fix unwind abort for uleb128 case * arm: cpu: Switch to arch_cpu_finalize_init . * arm: dts: Fix erroneous ADS touchscreen polarities . * arm: dts: vexpress: add missing cache properties . * asoc: codecs: wsa881x: do not set can_multi_write flag . * asoc: dwc: limit the number of overrun messages . * asoc: dwc: move DMA init to snd_soc_dai_driver probe . * asoc: es8316: Do not set rate constraints for unsupported MCLKs . * asoc: es8316: Increment max value for ALC Capture Target Volume control . * asoc: imx-audmix: check return value of devm_kasprintf . * asoc: mediatek: mt8173: Fix irq error path . * asoc: nau8824: Add quirk to active-high jack-detect . * asoc: simple-card: Add missing of_node_put in case of error . * asoc: soc-pcm: test if a BE can be prepared . * asoc: ssm2602: Add workaround for playback distortions . * ath6kl: Use struct_group to avoid size-mismatched casting . * batman-adv: Broken sync while rescheduling delayed work . * binfmt_elf: Take the mmap lock when walking the VMA list . * bluetooth: Fix l2cap_disconnect_req deadlock . * bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk . * bluetooth: L2CAP: Add missing checks for invalid DCID . * bluetooth: hci_qca: fix debugfs registration . * bnxt_en: Do not issue AP reset during ethtool"s reset operation . * bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks . * bnxt_en: Query default VLAN before VNIC setup on a VF . * bnxt_en: Skip firmware fatal error recovery if chip is not accessible . * bpf, arm64: Call build_prologue first in first JIT pass * bpf, arm64: Clear prog- greater than jited_len along prog- greater than jited * bpf, arm64: Feed byte-offset into bpf line info * bpf, arm64: Use emit_addr_mov_i64 for BPF_PSEUDO_FUNC * bpf: Add extra path pointer check to d_path helper . * bpf: Fix UAF in task local storage . * btrfs: unset reloc control if transaction commit fails in prepare_to_relocate . * bus: fsl-mc: fsl-mc-allocator: Drop a write-only variable . * bus: ti-sysc: Fix dispc quirk masking bool variables . * can: isotp: isotp_sendmsg: fix return error fix on TX path . * can: j1939: avoid possible use-after-free when j1939_can_rx_register fails . * can: j1939: change j1939_netdev_lock type to mutex . * can: j1939: j1939_sk_send_loop_abort: improved error queue handling in J1939 Socket . * can: kvaser_pciefd: Remove handler for unused KVASER_PCIEFD_PACK_TYPE_EFRAME_ACK . * can: kvaser_pciefd: Remove useless write to interrupt register . * can: length: fix bitstuffing count . * can: length: fix description of the RRS field . * can: length: make header self contained . * ceph: fix use-after-free bug for inodes when flushing capsnaps . * cgroup: Use cgroup_attach_{lock,unlock} from cgroup_attach_task_all . * cgroup: always put cset in cgroup_css_set_put_fork . * cgroup: fix missing cpus_read_{lock,unlock} in cgroup_transfer_tasks . * clk: Fix memory leak in devm_clk_notifier_register . * clk: cdce925: check return value of kasprintf . * clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe . * clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe . * clk: imx: scu: use _safe list iterator to avoid a use after free . * clk: keystone: sci-clk: check return value of kasprintf . * clk: samsung: Add Exynos4212 compatible to CLKOUT driver . * clk: si5341: check return value of {devm_}kasprintf . * clk: si5341: free unused memory on probe failure . * clk: si5341: return error if one synth clock registration fails . * clk: tegra: tegra124-emc: Fix potential memory leak . * clk: ti: clkctrl: check return value of kasprintf . * clk: vc5: check memory returned by kasprintf . * clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe . * crypto: marvell/cesa - Fix type mismatch warning . * crypto: nx - fix build warnings when DEBUG_FS is not enabled . * dmaengine: at_xdmac: Move the free desc to the tail of the desc list . * dmaengine: at_xdmac: fix potential Oops in at_xdmac_prep_interleaved . * dmaengine: pl330: rename _start to prevent build error . * drivers: meson: secure-pwrc: always enable DMA domain . * drm/amd/display: Add logging for display MALL refresh setting . * drm/amd/display: Add minimal pipe split transition state . * drm/amd/display: Add wrapper to call planes and stream update . * drm/amd/display: Explicitly specify update type per plane info change . * drm/amd/display: Fix artifacting on eDP panels when engaging freesync video mode . * drm/amd/display: Use dc_update_planes_and_stream . * drm/amd/display: drop redundant memset in get_available_dsc_slices . * drm/amd/display: edp do not add non-edid timings . * drm/amd/display: fix the system hang while disable PSR . * drm/amd/pm: Fix power context allocation in SMU13 . * drm/amd/pm: reverse mclk and fclk clocks levels for renoir . * drm/amd/pm: reverse mclk and fclk clocks levels for vangogh . * drm/amd/pm: reverse mclk and fclk clocks levels for yellow carp . * drm/amdgpu: Use the default reset when loading or reloading the driver . * drm/amdgpu: fix xclk freq on CHIP_STONEY . * drm/amdgpu: release gpu full access after "amdgpu_device_ip_late_init" . * drm/amdgpu: skip disabling fence driver src_irqs when device is unplugged . * drm/amdkfd: Fix potential deallocation of previously deallocated memory . * drm/ast: Fix ARM compatibility . * drm/bridge: tc358768: always enable HS video mode . * drm/bridge: tc358768: fix PLL parameters computation . * drm/bridge: tc358768: fix PLL target frequency . * drm/bridge: tc358768: fix TCLK_ZEROCNT computation . * drm/bridge: tc358768: fix TXTAGOCNT computation . * drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl . * drm/exynos: vidi: fix a wrong error return . * drm/i915/gt: Use the correct error value when kernel_context fails . * drm/i915/gvt: remove unused variable gma_bottom in command parser . * drm/i915/selftests: Add some missing error propagation . * drm/i915/selftests: Increase timeout for live_parallel_switch . * drm/i915/selftests: Stop using kthread_stop . * drm/i915: Explain the magic numbers for AUX SYNC/precharge length . * drm/i915: Use 18 fast wake AUX sync len . * drm/msm/adreno: fix sparse warnings in a6xx code . * drm/msm/dp: Free resources after unregistering them . * drm/msm/dpu: correct MERGE_3D length . * drm/msm/dpu: do not enable color-management if DSPPs are not available . * drm/msm/dsi: do not allow enabling 14nm VCO with unprogrammed rate . * drm/msm: Be more shouty if per-process pgtables are not working . * drm/msm: Set max segment size earlier . * drm/nouveau/dp: check for NULL nv_connector- greater than native_mode . * drm/nouveau: add nv_encoder pointer check for NULL . * drm/nouveau: do not detect DSM for non-NVIDIA device . * drm/panel: sharp-ls043t1le01: adjust mode settings . * drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H . * drm/radeon: fix possible division-by-zero errors . * drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl . * drm/rockchip: vop: Leave vblank enabled in self-refresh . * drm/vram-helper: fix function names in vram helper doc . * drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks` . * drm:amd:amdgpu: Fix missing buffer object unlock in failure path . * dt-bindings: i3c: silvaco,i3c-master: fix missing schema restriction . * eeprom: at24: also select REGMAP . * elf: correct note name comment . * ext4: unconditionally enable the i_version counter . * extcon: Fix kernel doc of property capability fields to avoid warnings . * extcon: Fix kernel doc of property fields to avoid warnings . * extcon: usbc-tusb320: Add USB TYPE-C support . * extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered . * extcon: usbc-tusb320: Unregister typec port on driver removal . * extcon: usbc-tusb320: Update state on probe even if no IRQ pending . * fbcon: Fix null-ptr-deref in soft_cursor . * fbdev: Prevent possible use-after-free in fb_release Backporting changes: * replace refcount_read with atomic_read * fbdev: fbcon: Destroy mutex on freeing struct fb_info * fbdev: imsttfb: Fix use after free bug in imsttfb_probe . * fbdev: modedb: Add 1920x1080 at 60 Hz video mode . * fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe . * fbdev: stifb: Fix info entry in sti_struct on error path . * firmware: arm_ffa: Set handle field to zero in memory descriptor . * firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool . * fs/jfs: fix shift exponent db_agl2size negative . * fs: hfsplus: fix UAF issue in hfsplus_put_super . * fs: jfs: fix possible NULL pointer dereference in dbFree . * fs: jfs: fix shift-out-of-bounds in dbAllocAG . * fs: jfs: fix shift-out-of-bounds in dbDiscardAG . * fs: sysv: Fix sysv_nblocks returns wrong value . * gfs2: Do not deref jdesc in evict . * hfs/hfsplus: avoid WARN_ON for sanity check, use proper error handling . * hfs/hfsplus: use WARN_ON for sanity check . * hfs: Fix OOB Write in hfs_asc2mac . * hfs: fix OOB Read in __hfs_brec_find . * hfs: fix missing hfs_bnode_get in __hfs_bnode_create . * hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount . * hid: amd_sfh: Add missing check for dma_alloc_coherent . * hid: google: add jewel USB id . * hid: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651 . * hid: wacom: Add error check to wacom_parse_and_register . * hwmon: fix fan pwm temperature scaling . * hwrng: imx-rngc - fix the timeout for init and self check . * hwrng: st - keep clock enabled while hwrng is registered . * i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle . * i2c: mv64xxx: Fix reading invalid status value in atomic mode . * i2c: qup: Add missing unwind goto in qup_i2c_probe . * i2c: sprd: Delete i2c adapter in .remove"s error path . * iavf: remove mask from iavf_irq_enable_queues . * ib/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate * ib/isert: Fix dead lock in ib_isert * ib/isert: Fix incorrect release of isert connection * ib/isert: Fix possible list corruption in CMA handler * ib/rdmavt: add missing locks in rvt_ruc_loopback * ib/uverbs: Fix to consider event queue closing also upon non-blocking mode * ibmvnic: Do not reset dql stats on NON_FATAL err . * ice, xsk: Diversify return values from xsk_wakeup call paths . * ice: Do not double unplug aux on peer initiated reset . * ice: Do not use WQ_MEM_RECLAIM flag for workqueue . * ice: Fix DSCP PFC TLV creation . * ice: Fix XDP memory leak when NIC is brought up and down . * ice: Fix ice_xdp_xmit when XDP TX queue number is not sufficient . * ice: Fix memory corruption in VF driver . * ice: Ignore EEXIST when setting promisc mode . * ice: Prevent set_channel from changing queues while RDMA active . * ice: Reset FDIR counter in FDIR init stage . * ice: add profile conflict check for AVF FDIR . * ice: block LAN in case of VF to VF offload . * ice: config netdev tc before setting queues number . * ice: copy last block omitted in ice_get_module_eeprom . * ice: ethtool: Prohibit improper channel config for DCB . * ice: ethtool: advertise 1000M speeds properly . * ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg . * ice: fix wrong fallback logic for FDIR . * ice: handle E822 generic device ID in PLDM header . * ice: switch: fix potential memleak in ice_add_adv_recipe . * ice: use bitmap_free instead of devm_kfree . * ice: xsk: use Rx ring"s XDP ring when picking NAPI context . * ieee802154: hwsim: Fix possible memory leaks . * ifcvf/vDPA: fix misuse virtio-net device config size for blk dev . * igb: fix bit_shift to be in [1..8] range . * igb: fix nvm.ops.read error handling . * igc: Clean the TX buffer and TX descriptor ring . * igc: Fix possible system crash when loading module . * iio: accel: fxls8962af: errata bug only applicable for FXLS8962AF . * iio: accel: fxls8962af: fixup buffer scan element type . * iio: adc: ad7192: Fix internal/external clock selection . * iio: adc: ad7192: Fix null ad7192_state pointer access . * init, x86: Move mem_encrypt_init into arch_cpu_finalize_init . * init: Invoke arch_cpu_finalize_init earlier . * init: Provide arch_cpu_finalize_init . * init: Remove check_bugs leftovers . * input: adxl34x - do not hardcode interrupt trigger type . * input: drv260x - fix typo in register value define . * input: drv260x - remove unused .reg_defaults . * input: drv260x - sleep between polling GO bit . * input: fix open count when closing inhibited device . * input: psmouse - fix OOB access in Elantech protocol . * input: soc_button_array - add invalid acpi_index DMI quirk handling . * input: xpad - delete a Razer DeathAdder mouse VID/PID entry . * integrity: Fix possible multiple allocation in integrity_inode_get . * io_uring: hold uring mutex around poll removal . * ipvlan:Fix out-of-bounds caused by unclear skb- greater than cb . * irqchip/clps711x: Remove unused clps711x_intc_init function . * irqchip/ftintc010: Mark all function static . * irqchip/jcore-aic: Fix missing allocation of IRQ descriptors . * jfs: Fix fortify moan in symlink . * kernel-binary: Add back kernel-default-base guarded by option Add configsh option for splitting off kernel-default-base, and for not signing the kernel on non-efi * kernel-docs: Add buildrequires on python3-base when using python3 The python3 binary is provided by python3-base. * kernel-docs: Use python3 together with python3-Sphinx . * kprobe: reverse kp- greater than flags when arm_kprobe failed . * kprobes: Fix check for probe enabled in kill_kprobe . * kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list . * kprobes: Forbid probing on trampoline and BPF code areas . * kprobes: Prohibit probes in gate area . * kprobes: Skip clearing aggrprobe"s post_handler in kprobe-on-ftrace case . * kprobes: do not call disarm_kprobe for disabled kprobes . * kvm: arm64: Do not hypercall before EL2 init * kvm: arm64: Propagate errors from __pkvm_prot_finalize hypercall * kvm: arm64: Save PSTATE early on exit * kvm: arm64: vgic: Read HW interrupt pending state from the HW * lpfc: Account for fabric domain ctlr device loss recovery . * lpfc: Change firmware upgrade logging to KERN_NOTICE instead of TRACE_EVENT . * lpfc: Clean up SLI-4 CQE status handling . * lpfc: Clear NLP_IN_DEV_LOSS flag if already in rediscovery . * lpfc: Copyright updates for 14.2.0.13 patches . * lpfc: Enhance congestion statistics collection . * lpfc: Fix use-after-free rport memory access in lpfc_register_remote_port . * lpfc: Revise NPIV ELS unsol rcv cmpl logic to drop ndlp based on nlp_state . * lpfc: Update lpfc version to 14.2.0.13 . * mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write . * mailbox: mailbox-test: fix a locking issue in mbox_test_message_write . * mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 . * media: cec: core: do not set last_initiator if tx in progress . * media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer . * media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer . * media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref in rtl28xxu_i2c_xfer . * media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer . * media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer . * media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address . * media: dvb_ca_en50221: fix a size write bug . * media: dvb_demux: fix a bug for the continuity counter . * media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table . * media: netup_unidvb: fix irq init by register it at the end of probe . * memory: brcmstb_dpfe: fix testing array offset after use . * meson saradc: fix clock divider mask length . * mfd: intel-lpss: Add missing check for platform_get_resource . * mfd: pm8008: Fix module autoloading . * mfd: rt5033: Drop rt5033-battery sub-device . * mfd: stmfx: Fix error path in stmfx_chip_init . * mfd: stmfx: Nullify stmfx- greater than vdd in case of error . * mfd: stmpe: Only disable the regulators if they are enabled . * misc: fastrpc: Create fastrpc scalar with correct buffer count . * misc: pci_endpoint_test: Free IRQs before removing the device . * misc: pci_endpoint_test: Re-init completion for every test . * mlx5: do not use RT_TOS for IPv6 flowlabel . * mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next . * mm/vmalloc: do not output a spurious warning when huge vmalloc fails . * mm: Move mm_cachep initialization to mm_init . * mm: vmalloc: avoid warn_alloc noise caused by fatal signal . * mmc: bcm2835: fix deferred probing . * mmc: meson-gx: remove redundant mmc_request_done call from irq context . * mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS . * mmc: mmci: stm32: fix max busy timeout calculation . * mmc: mtk-sd: fix deferred probing . * mmc: mvsdio: fix deferred probing . * mmc: omap: fix deferred probing . * mmc: omap_hsmmc: fix deferred probing . * mmc: owl: fix deferred probing . * mmc: sdhci-acpi: fix deferred probing . * mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 . * mmc: sdhci-spear: fix deferred probing . * mmc: sh_mmcif: fix deferred probing . * mmc: sunxi: fix deferred probing . * mmc: usdhi60rol0: fix deferred probing . * mtd: rawnand: meson: fix unaligned DMA buffers handling . * net/mlx5: Add forgotten cleanup calls into mlx5_init_once error path . * net/mlx5: Allow async trigger completion execution on single CPU systems . * net/mlx5: Allow future addition of IPsec object modifiers . * net/mlx5: Avoid false positive lockdep warning by adding lock_class_key . * net/mlx5: Avoid recovery in probe flows . * net/mlx5: Bridge, fix ageing of peer FDB entries . * net/mlx5: Bridge, verify LAG state when adding bond to bridge . * net/mlx5: DR, Check force-loopback RC QP capability independently from RoCE . * net/mlx5: DR, Fix crc32 calculation to work on big-endian CPUs . * net/mlx5: DR, Fix missing flow_source when creating multi-destination FW table . * net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device . * net/mlx5: Do not advertise IPsec netdev support for non-IPsec device . * net/mlx5: Do not use already freed action pointer . * net/mlx5: E-Switch, Fix an Oops in error handling code . * net/mlx5: E-Switch, properly handle ingress tagged packets on VST . * net/mlx5: E-switch, Create per vport table based on devlink encap mode . * net/mlx5: E-switch, Do not destroy indirect table in split rule . * net/mlx5: E-switch, Fix missing set of split_count when forward to ovs internal port . * net/mlx5: E-switch, Fix setting of reserved fields on MODIFY_SCHEDULING_ELEMENT . * net/mlx5: Enhance debug print in page allocation failure . * net/mlx5: Fix FW tracer timestamp calculation . * net/mlx5: Fix RoCE setting at HCA level . * net/mlx5: Fix crash during sync firmware reset . * net/mlx5: Fix error message when failing to allocate device memory . * net/mlx5: Fix handling of entry refcount when command is not issued to FW . * net/mlx5: Fix possible use-after-free in async command interface . * net/mlx5: Fix ptp max frequency adjustment range . * net/mlx5: Fix steering rules cleanup . * net/mlx5: Fix uninitialized variable bug in outlen_write . * net/mlx5: Geneve, Fix handling of Geneve object id as error code . * net/mlx5: Initialize flow steering during driver probe . * net/mlx5: Read embedded cpu after init bit cleared . * net/mlx5: Read the TC mapping of all priorities on ETS query . * net/mlx5: Rearm the FW tracer after each tracer event . * net/mlx5: SF, Drain health before removing device . * net/mlx5: SF: Fix probing active SFs during driver probe phase . * net/mlx5: Serialize module cleanup with reload and remove . * net/mlx5: Wait for firmware to enable CRS before pci_restore_state . * net/mlx5: add IFC bits for bypassing port select flow table * net/mlx5: check attr pointer validity before dereferencing it . * net/mlx5: correct ECE offset in query qp output . * net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work . * net/mlx5: fs, fail conflicting actions . * net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers . * net/mlx5: fw_tracer, Fix event handling . * net/mlx5: fw_tracer, Zero consumer index when reloading the tracer . * net/mlx5e: Always clear dest encap in neigh-update-del . * net/mlx5e: Avoid false lock dependency warning on tc_ht even more . * net/mlx5e: Block entering switchdev mode with ns inconsistency . * net/mlx5e: Do not attach netdev profile while handling internal error . * net/mlx5e: Do not increment ESN when updating IPsec ESN state . * net/mlx5e: Do not support encap rules with gbp option . * net/mlx5e: E-Switch, Fix comparing termination table instance . * net/mlx5e: Extend SKB room check to include PTP-SQ . * net/mlx5e: Fix MPLSoUDP encap to use MPLS action information . * net/mlx5e: Fix SQ wake logic in ptp napi_poll context . * net/mlx5e: Fix capability check for updating vnic env counters . * net/mlx5e: Fix error handling in mlx5e_refresh_tirs . * net/mlx5e: Fix hw mtu initializing at XDP SQ allocation . * net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS . * net/mlx5e: Fix use-after-free when reverting termination table . * net/mlx5e: Fix wrong application of the LRO state . * net/mlx5e: Fix wrong tc flag used when set hw-tc-offload off . * net/mlx5e: IPoIB, Do not allow CQE compression to be turned on by default . * net/mlx5e: IPoIB, Show unknown speed instead of error . * net/mlx5e: Modify slow path rules to go to slow fdb . * net/mlx5e: QoS, Fix wrongfully setting parent_element_id on MODIFY_SCHEDULING_ELEMENT . * net/mlx5e: Set uplink rep as NETNS_LOCAL . * net/mlx5e: TC, Fix ct_clear overwriting ct action metadata . * net/mlx5e: Update rx ring hw mtu upon each rx-fcs flag change . * net/mlx5e: Verify flow_source cap before using it . * net/mlx5e: do as little as possible in napi poll when budget is 0 . * net/mlx5e: kTLS, Fix build time constant test in RX . * net/mlx5e: kTLS, Fix build time constant test in TX . * net/net_failover: fix txq exceeding warning . * net/sched: fix initialization order when updating chain 0 head . * net/sched: flower: fix possible OOB write in fl_set_geneve_opt . * net/sched: sch_netem: Fix arithmetic in netem_dump for 32-bit platforms . * net/sched: tcindex: Do not use perfect hashing . * net: ena: Account for the number of processed bytes in XDP . * net: ena: Do not register memory info on XDP exchange . * net: ena: Fix rx_copybreak value update . * net: ena: Fix toeplitz initial hash value . * net: ena: Set default value for RX interrupt moderation . * net: ena: Update NUMA TPH hint register upon NUMA node update . * net: ena: Use bitmask to indicate packet redirection . * net: hns3: add interrupts re-initialization while doing VF FLR . * net: hns3: fix output information incomplete for dumping tx queue info with debugfs . * net: hns3: fix reset delay time to avoid configuration timeout . * net: hns3: fix sending pfc frames after reset issue . * net: hns3: fix tm port shapping of fibre port is incorrect after driver initialization . * net: mlx5: eliminate anonymous module_init module_exit . * net: sched: fix possible refcount leak in tc_chain_tmplt_add . * net: usb: qmi_wwan: add support for Compal RXM-G1 . * nfcsim.c: Fix error checking for debugfs_create_dir . * nfp: only report pause frame configuration for physical device . * nilfs2: fix buffer corruption due to concurrent device reads . * nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key . * nilfs2: fix possible out-of-bounds segment allocation in resize ioctl . * nouveau: fix client work fence deletion race . * nvme-core: fix dev_pm_qos memleak . * nvme-core: fix memory leak in dhchap_ctrl_secret . * nvme-core: fix memory leak in dhchap_secret_store . * nvme-pci: add quirk for missing secondary temperature thresholds . * nvme: double KA polling frequency to avoid KATO with TBKAS on . * ocfs2: fix defrag path triggering jbd2 ASSERT . * ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown . * ocfs2: fix non-auto defrag path not working issue . * octeontx2-pf: Avoid use of GFP_KERNEL in atomic context . * octeontx2-pf: Fix resource leakage in VF driver unbind . * octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt . * octeontx2-pf: Recalculate UDP checksum for ptp 1-step sync packet . * pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free . * pci: Add pci_clear_master stub for non-CONFIG_PCI . * pci: Release resource invalidated by coalescing . * pci: cadence: Fix Gen2 Link Retraining process . * pci: endpoint: Add missing documentation about the MSI/MSI-X range . * pci: ftpci100: Release the clock resources . * pci: pciehp: Cancel bringup sequence if card is not present . * pci: qcom: Disable write access to read only registers for IP v2.3.3 . * pci: rockchip: Add poll and timeout to wait for PHY PLLs to be locked . * pci: rockchip: Assert PCI Configuration Enable bit after probe . * pci: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core . * pci: rockchip: Set address alignment for endpoint mode . * pci: rockchip: Use u32 variable to access 32-bit registers . * pci: rockchip: Write PCI Device ID to correct register . * pci: vmd: Reset VMD config register between soft reboots . * pinctrl: at91-pio4: check return value of devm_kasprintf . * pinctrl: cherryview: Return correct value if pin in push-pull mode . * pinctrl: meson-axg: add missing GPIOA_18 gpio group . * pinctrl: microchip-sgpio: check return value of devm_kasprintf . * platform/surface: aggregator: Allow completion work-items to be executed in parallel . * platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0 . * platform/x86: intel_scu_pcidrv: Add back PCI ID for Medfield . * platform/x86: think-lmi: Correct NVME password handling . * platform/x86: think-lmi: Correct System password interface . * platform/x86: think-lmi: mutex protection around multiple WMI calls . * platform/x86: thinkpad_acpi: Fix lkp-tests warnings for platform profiles . * pm: domains: fix integer overflow issues in genpd_parse_state . * power: supply: Fix logic checking if system is running from battery . * power: supply: Ratelimit no data debug output . * power: supply: ab8500: Fix external_power_changed race . * power: supply: bq27xxx: Use mod_delayed_work instead of cancel + schedule . * power: supply: sc27xx: Fix external_power_changed race . * powerpc/64s/radix: Fix exit lazy tlb mm switch with irqs enabled . * powerpc/64s/radix: Fix soft dirty tracking . * powerpc/64s: Make POWER10 and later use pause_short in cpu_relax loops . * powerpc/iommu: Limit number of TCEs to 512 for H_STUFF_TCE hcall . * powerpc/purgatory: remove PGO flags . * powerpc/set_memory: Avoid spinlock recursion in change_page_attr . * powerpc: Redefine HMT_xxx macros as empty on PPC32 . * powerpc: add ISA v3.0 / v3.1 wait opcode macro . * pstore/ram: Add check for kstrdup . * qed/qede: Fix scheduling while atomic . * radeon: avoid double free in ci_dpm_init . * rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check . * rdma/bnxt_re: Avoid calling wake_up threads from spin_lock context * rdma/bnxt_re: Disable/kill tasklet only if it is enabled * rdma/bnxt_re: Fix to remove an unnecessary log * rdma/bnxt_re: Fix to remove unnecessary return labels * rdma/bnxt_re: Remove a redundant check inside bnxt_re_update_gid * rdma/bnxt_re: Remove unnecessary checks * rdma/bnxt_re: Return directly without goto jumps * rdma/bnxt_re: Use unique names while registering interrupts * rdma/bnxt_re: wraparound mbox producer index * rdma/cma: Always set static rate to 0 for RoCE * rdma/hns: Fix hns_roce_table_get return value * rdma/irdma: avoid fortify-string warning in irdma_clr_wqes * rdma/mlx5: Do not set tx affinity when lag is in hash mode * rdma/mlx5: Fix affinity assignment * rdma/mlx5: Initiate dropless RQ for RAW Ethernet functions * rdma/mlx5: Rely on RoCE fw cap instead of devlink when setting profile . * rdma/rtrs-clt: Replace list_next_or_null_rr_rcu with an inline function * rdma/rtrs-srv: Pass the correct number of entries for dma mapped SGL * rdma/rtrs: Fix rxe_dealloc_pd warning * rdma/rtrs: Fix the last iu- greater than buf leak in err path * rdma/rxe: Fix packet length checks * rdma/rxe: Fix ref count error in check_rkey * rdma/rxe: Fix rxe_cq_post * rdma/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task" * rdma/rxe: Fix the use-before-initialization error of resp_pkts * rdma/rxe: Remove dangling declaration of rxe_cq_disable * rdma/rxe: Remove the unused variable obj * rdma/rxe: Removed unused name from rxe_task struct * rdma/uverbs: Restrict usage of privileged QKEYs * rdma/vmw_pvrdma: Remove unnecessary check on wr- greater than opcode * regmap: Account for register length when chunking . * regmap: spi-avmm: Fix regmap_bus max_raw_write . * regulator: Fix error checking for debugfs_create_dir . * regulator: core: Fix more error checking for debugfs_create_dir . * regulator: core: Streamline debugfs operations . * regulator: helper: Document ramp_delay parameter of regulator_set_ramp_delay_regmap . * regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK . * reiserfs: Add missing calls to reiserfs_security_free . * reiserfs: Add security prefix to xattr name in reiserfs_security_write . * revert "squashfs: harden sanity check in squashfs_read_xattr_id_table" . * rpm/check-for-config-changes: ignore also PAHOLE_HAS_* We now also have options like CONFIG_PAHOLE_HAS_LANG_EXCLUDE. * rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm * rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error * rtc: st-lpc: Release some resources in st_rtc_probe in case of error . * s390/dasd: Use correct lock while counting channel queue length . * s390/gmap: voluntarily schedule during key setting . * s390/pkey: zeroize key blobs . * sched/rt: pick_next_rt_entity: check list_entry * scsi: core: Decrease scsi_device"s iorequest_cnt if dispatch failed . * scsi: stex: Fix gcc 13 warnings . * selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET . * serial: 8250: lock port for UART_IER access in omap8250_irq . * serial: 8250: lock port for stop_rx in omap8250_irq . * serial: 8250: omap: Fix freeing of resources on failed register . * serial: 8250_omap: Use force_suspend and resume for system suspend . * serial: atmel: do not enable IRQs prematurely . * serial: lantiq: add missing interrupt ack . * sfc: disable RXFCS and RXALL features by default . * signal/s390: Use force_sigsegv in default_trap_handler . * soc/fsl/qe: fix usb.c build errors . * soc: samsung: exynos-pmu: Re-introduce Exynos4212 support . * soundwire: dmi-quirks: add new mapping for HP Spectre x360 . * spi: dw: Round of n_bytes to power of 2 . * spi: fsl-dspi: avoid SCK glitches with continuous transfers . * spi: lpspi: disable lpspi module irq in DMA mode . * spi: qup: Request DMA before enabling clocks . * spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG . * spi: tegra210-quad: Fix combined sequence * spi: tegra210-quad: Fix iterator outside loop . * spi: tegra210-quad: Multi-cs support * squashfs: harden sanity check in squashfs_read_xattr_id_table . * staging: octeon: delete my name from TODO contact . * sunrpc: Clean up svc_deferred_class trace events . * supported.conf: Move bt878 and bttv modules to kernel-*-extra * test_firmware: Use kstrtobool instead of strtobool . * test_firmware: fix the memory leak of the allocated firmware buffer . * test_firmware: prevent race conditions by a correct implementation of locking . * test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation . * thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe . * thunderbolt: dma_test: Use correct value for absent rings when creating paths . * tls: Skip tls_append_frag on zero copy size . * tools: bpftool: Remove invalid \" json escape . * tpm, tpm_tis: Request threaded interrupt handler . * tracing/histograms: Allow variables to have some modifiers . * tracing/probe: trace_probe_primary_from_call: checked list_first_entry . * tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode . * tracing: Have event format check not flag %p* on __get_dynamic_array . * tracing: Introduce helpers to safely handle dynamic-sized sockaddrs . * tracing: Update print fmt check to handle new __get_sockaddr macro . * tty: serial: imx: fix rs485 rx after tx . * tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk in case of error . * tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk when iterating clk . * usb: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM . * usb: dwc3-meson-g12a: Fix an error handling path in dwc3_meson_g12a_probe . * usb: dwc3: fix use-after-free on core driver unbind . * usb: dwc3: gadget: Propagate core init errors to UDC during pullup . * usb: dwc3: gadget: Reset num TRBs before giving back the request . * usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe . * usb: dwc3: qcom: Fix potential memory leak . * usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove . * usb: dwc3: qcom: fix NULL-deref on suspend . * usb: gadget: u_serial: Add null pointer check in gserial_suspend . * usb: gadget: udc: fix NULL dereference in remove . * usb: hide unused usbfs_notify_suspend/resume functions . * usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe . * usb: serial: option: add Quectel EM061KGL series . * usb: typec: ucsi: Fix command cancellation . * usb: xhci: Remove unused udev from xhci_log_ctx trace event . * usrmerge: Adjust module path in the kernel sources . * usrmerge: Compatibility with earlier rpm * vdpa/mlx5: Directly assign memory key . * vdpa/mlx5: Do not clear mr struct on destroy MR . * vdpa/mlx5: Fix wrong configuration of virtio_version_1_0 . * vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit . * vhost_vdpa: support PACKED when setting-getting vring_base . * w1: fix loop in w1_fini . * w1: w1_therm: fix locking behavior in convert_t . * watchdog: menz069_wdt: fix watchdog initialisation . * wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key . * wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx . * wifi: ath9k: convert msecs to jiffies where needed . * wifi: ath9k: do not allow to overwrite ENDPOINT0 attributes . * wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation . * wifi: atmel: Fix an error handling path in atmel_probe . * wifi: b43: fix incorrect __packed annotation . * wifi: cfg80211: fix locking in regulatory disconnect . * wifi: cfg80211: fix locking in sched scan stop work . * wifi: cfg80211: rewrite merging of inherited elements . * wifi: iwlwifi: mvm: indicate HW decrypt for beacon protection . * wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler . * wifi: iwlwifi: pull from TXQs with softirqs disabled . * wifi: mac80211: simplify chanctx allocation . * wifi: mt76: mt7615: fix possible race in mt7615_mac_sta_poll . * wifi: mwifiex: Fix the size of a memory allocation in mwifiex_ret_802_11_scan . * wifi: orinoco: Fix an error handling path in orinoco_cs_probe . * wifi: orinoco: Fix an error handling path in spectrum_cs_probe . * wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled . * wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown . * wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value . * wifi: wilc1000: fix for absent RSN capabilities WFA testcase . * writeback: fix dereferencing NULL mapping- greater than host on writeback_page_template . * x86/build: Avoid relocation information in final vmlinux . * x86/cpu: Switch to arch_cpu_finalize_init . * x86/fpu: Mark init functions __init . * x86/fpu: Move FPU initialization into arch_cpu_finalize_init . * x86/fpu: Remove cpuinfo argument from init functions . * x86/init: Initialize signal frame size late . * x86/kprobes: Fix __recover_optprobed_insn check optimizing logic . * x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range . * x86/microcode/amd: Remove load_microcode_amd"s bsp parameter . * x86/microcode: Print previous version of microcode after reload . * x86/mm: Fix RESERVE_BRK for older binutils . * x86/mm: Fix use of uninitialized buffer in sme_enable . * x86/mm: Initialize text poking earlier . * x86/mm: Use mm_alloc in poking_init . * x86/mm: fix poking_init for Xen PV guests . * x86/sgx: Fix race between reclaimer and page fault handler . * x86/sgx: Mark PCMD page as dirty when modifying contents . * x86/xen: fix secondary processor fpu initialization . * xfs: fix rm_offset flag handling in rmap keys . * xfs: set bnobt/cntbt numrecs correctly when formatting new AGs . ## Special Instructions and Notes: * Please reboot the system after installing this update.