Title of the patch: Security update for the Linux Kernel

---

Description of the patch: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603). - CVE-2024-14027: xattr: switch to CLASS(fd) (bsc#1259420). - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1253471). - CVE-2025-68265: nvme: fix admin request_queue lifetime (bsc#1255360). - CVE-2025-68310: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (bsc#1255160). - CVE-2025-71302: drm/panthor: fix for dma-fence safe access rules (bsc#1264837). - CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826). - CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799). - CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018). - CVE-2026-23276: net: add xmit recursion limit to tunnel xmit functions (bsc#1260012). - CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538). - CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555). - CVE-2026-23316: net: ipv4: fix ARM64 alignment fault in multipath hash seed (bsc#1260573). - CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505). - CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523). - CVE-2026-23346: arm64: io: Rename ioremap_prot() to __ioremap_prot() (bsc#1260529). - CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526). - CVE-2026-23354: x86/fred: Correct speculative safety in fred_extint() (bsc#1260801). - CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530). - CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811). - CVE-2026-23375: mm: thp: deny THP for files on anonymous inodes (bsc#1260576). - CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546). - CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566). - CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531). - CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728). - CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020). - CVE-2026-23417: bpf: Fix constant blinding for PROBE_MEM32 stores (bsc#1261410). - CVE-2026-23436: net: add helpers for lookup and walking netdevs under netdev_lock() (bsc#1261617). - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261635). - CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641). - CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768). - CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581). - CVE-2026-23445: igc: fix page fault in XDP TX timestamps handling (bsc#1261702). - CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779). - CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584). - CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687). - CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703). - CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686). - CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781). - CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692). - CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636). - CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694). - CVE-2026-31392: smb: client: fix krb5 mount with username option (bsc#1261788). - CVE-2026-31395: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event handler (bsc#1261786). - CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645). - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638). - CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796). - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261629). - CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632). - CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752). - CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099). - CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100). - CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055). - CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061). - CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054). - CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063). - CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053). - CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074). - CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086). - CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087). - CVE-2026-31435: netfs: Fix read abandonment during retry (bsc#1262601). - CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616). - CVE-2026-31453: xfs: avoid dereferencing log items after push callbacks (bsc#1262617). - CVE-2026-31456: mm/pagewalk: fix race between concurrent split and refault (bsc#1262627). - CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671). - CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673). - CVE-2026-31503: udp: Fix wildcard bind conflict check when using hash2 (bsc#1263077). - CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085). - CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093). - CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095). - CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752). - CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012). - CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725). - CVE-2026-31526: bpf: Fix exception exit lock checking for subprogs (bsc#1262662). - CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001). - CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758). - CVE-2026-31547: drm/xe: Fix missing runtime PM reference in ccs_mode_store (bsc#1263018). - CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104). - CVE-2026-31554: futex: Require sys_futex_requeue() to have identical flags (bsc#1263107). - CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064). - CVE-2026-31579: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit (bsc#1263074). - CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176). - CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165). - CVE-2026-31644: net: lan966x: fix use-after-free and leak in lan966x_fdma_reload() (bsc#1263048). - CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582). - CVE-2026-31658: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() (bsc#1263052). - CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131). - CVE-2026-31666: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() (bsc#1263138). - CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140). - CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141). - CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556). - CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562). - CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592). - CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593). - CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595). - CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596). - CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668). - CVE-2026-31691: igb: remove napi_synchronize() in igb_down() (bsc#1263604). - CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901). - CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882). - CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059). - CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181). - CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014). - CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931). - CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933). - CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995). - CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097). - CVE-2026-43045: mshv: Refactor and rename memory region handling functions (bsc#1263942). - CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082). - CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183). - CVE-2026-43082: net: txgbe: leave space for null terminators on property_entry (bsc#1264233). - CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469). - CVE-2026-43153: xfs: remove xfs_attr_leaf_hasname (bsc#1264586). - CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848). - CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427). - CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085). - CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119). - CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116). - CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674). - CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). - CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960). The following non security issues were fixed: - accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes). - ACPI: AGDI: fix missing newline in error message (git-fixes). - ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes). - ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes). - ACPI: video: Add backlight=native quirk for Dell OptiPlex 7770 AIO (git-fixes). - ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes). - ACPI: video: Move Lenovo Legion S7 15ACH6 quirk to the right section (git-fixes). - ALSA: 6fire: Fix input volume change detection (git-fixes). - ALSA: 6fire: fix use-after-free on disconnect (git-fixes). - ALSA: aoa: i2sbus: clear stale prepared state (git-fixes). - ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes). - ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes). - ALSA: aoa: Use guard() for mutex locks (stable-fixes). - ALSA: asihpi: avoid write overflow check warning (stable-fixes). - ALSA: caiaq: Don't abort when no input device is available (git-fixes). - ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes). - ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes). - ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes). - ALSA: caiaq: Handle probe errors properly (git-fixes). - ALSA: caiaq: take a reference on the USB device in create_card() (git-fixes). - ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes). - ALSA: core: Fix potential data race at fasync handling (git-fixes). - ALSA: core: Serialize deferred fasync state checks (git-fixes). - ALSA: core: Validate compress device numbers without dynamic minors (git-fixes). - ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes). - ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes). - ALSA: ctxfi: Limit PTP to a single page (git-fixes). - ALSA: firewire-tascam: Do not drop unread control events (git-fixes). - ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes). - ALSA: hda/hdmi: Add quirk for TUXEDO IBS14G6 (stable-fixes). - ALSA: hda/realtek - fixed speaker no sound update (git-fixes). - ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes). - ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable-fixes). - ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable-fixes). - ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes). - ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes). - ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes). - ALSA: hda: cs35l41: Put ACPI device on missing physical node (git-fixes). - ALSA: hda: cs35l56: Propagate ASP TX source control errors (git-fixes). - ALSA: hda: cs35l56: Put ACPI device after setting companion (git-fixes). - ALSA: hda: Fix NULL pointer dereference in snd_hda_ctl_add() (git-fixes). - ALSA: misc: Use guard() for spin locks (stable-fixes). - ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (stable-fixes). - ALSA: pcmtest: fix reference leak on failed device registration (git-fixes). - ALSA: pcmtest: Fix resource leaks in module init error paths (git-fixes). - ALSA: pcmtest: Return -EFAULT on pattern read copy failure (git-fixes). - ALSA: sc6000: Keep the programmed board state in card-private data (git-fixes). - ALSA: scarlett2: Add missing error check when initialise Autogain Status (git-fixes). - ALSA: scarlett2: Add missing sentinel initializer field (git-fixes). - ALSA: seq: Notify client and port info changes (stable-fixes). - ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable-fixes). - ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes). - ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes). - ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git-fixes). - ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes). - ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes). - ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes). - ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes). - ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git-fixes). - ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes). - ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes). - ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes). - ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes). - ALSA: virtio: drop an extaneous kernel-doc comment (git-fixes). - amdgpu/jpeg: fix deepsleep register for jpeg 5_0_0 and 5_0_2 (stable-fixes). - ASoC: amd: acp: Add DMI quirk for Valve Steam Deck OLED (git-fixes). - ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes). - ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes). - ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes). - ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes). - ASoC: codecs: ab8500: Fix casting of private data (git-fixes). - ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes). - ASoC: cs35l56: Don't use devres to unregister component (git-fixes). - ASoC: cs35l56: Fix hibernate write in runtime resume error path (git-fixes). - ASoC: fsl_easrc: Change the type for iec958 channel status controls (git-fixes). - ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes). - ASoC: fsl_easrc: fix comment typo (git-fixes). - ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes). - ASoC: fsl_micfil: Add access property for "VAD Detected" (git-fixes). - ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes). - ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes). - ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes). - ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes). - ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes). - ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes). - ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes). - ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes). - ASoC: qcom: q6apm-dai: reset queue ptr on trigger stop (git-fixes). - ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes). - ASoC: qcom: q6apm: move component registration to unmanaged version (git-fixes). - ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes). - ASoC: qcom: qdsp6: topology: check widget type before accessing data (git-fixes). - ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable-fixes). - ASoC: SOF: compress: return the configured codec from get_params (git-fixes). - ASoC: SOF: Don't allow pointer operations on unconfigured streams (git-fixes). - ASoC: SOF: Intel: hda: Place check before dereference (git-fixes). - ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes). - ASoC: sti: Return errors from regmap_field_alloc() (git-fixes). - ASoC: sti: use managed regmap_field allocations (git-fixes). - ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable-fixes). - ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes). - backlight: sky81452-backlight: Check return value of devm_gpiod_get_optional() in sky81452_bl_parse_dt() (git-fixes). - batman-adv: bla: only purge non-released claims (git-fixes). - batman-adv: bla: prevent use-after-free when deleting claims (git-fixes). - batman-adv: bla: put backbone reference on failed claim hash insert (git-fixes). - batman-adv: fix integer overflow on buff_pos (git-fixes). - batman-adv: hold claim backbone gateways by reference (git-fixes). - batman-adv: reject new tp_meter sessions during teardown (git-fixes). - batman-adv: reject oversized global TT response buffers (git-fixes). - batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes). - bitfield: Add FIELD_MODIFY() helper (jsc#PED-14238). - Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes). - Bluetooth: btmtk: validate WMT event SKB length before struct access (git-fixes). - Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (bsc#1260996). - Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git-fixes). - Bluetooth: hci_event: fix memset typo (git-fixes). - Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes). - Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes). - Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes). - Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git-fixes). - Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes). - Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git-fixes). - Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes). - Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git-fixes). - Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git-fixes). - Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes). - Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes). - Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes). - Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes). - Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes). - Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes). - Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes). - bpf: Add third round of bounds deduction (git-fixes). - bpf: Fix u32/s32 bounds when ranges cross min/max boundary (git-fixes). - bpf: Improve bounds when s64 crosses sign boundary (git-fixes). - bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI (git-fixes). - btrfs: qgroup: update all parent qgroups when doing quick inherit (bsc#1258933). - btrfs: reject root items with drop_progress and zero drop_level (git-fixes). - btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes). - bus: mhi: host: pci_generic: Switch to async power up to avoid boot delays (git-fixes). - bus: rifsc: fix RIF configuration check for peripherals (git-fixes). - can: mcp251x: add error handling for power enable in open and resume (stable-fixes). - can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes). - can: ucan: fix devres lifetime (git-fixes). - cdc-acm: new quirk for EPSON HMD (stable-fixes). - check-for-config-changes: Exclude CC_MS_EXTENSIONS. - check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}. - comedi: dt2815: add hardware detection to prevent crash (stable-fixes). - cpufreq: intel_pstate: Drop Arrow Lake from "scaling factor" list (bsc#1249104). - crypto: af_alg - limit RX SG extraction by receive buffer budget (git-fixes). - crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes). - crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git-fixes). - crypto: atmel-ecc - Release client on allocation failure (git-fixes). - crypto: atmel-sha204a - Fix error codes in OTP reads (git-fixes). - crypto: atmel-sha204a - Fix OTP sysfs read and error handling (git-fixes). - crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes). - crypto: atmel-sha204a - Fix uninitialized data access on OTP read error (git-fixes). - crypto: atmel-tdes - fix DMA sync direction (git-fixes). - crypto: ccp - copy IV using skcipher ivsize (git-fixes). - crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes). - crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes). - crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes). - crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes). - crypto: drivers - Switch back to struct platform_driver::remove() (jsc#PED-14238). - crypto: drivers - Use str_enable_disable-like helpers (jsc#PED-14238). - crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes). - crypto: iaa - Adjust workqueue allocation type (jsc#PED-14238). - crypto: iaa - fix per-node CPU counter reset in rebalance_wq_table() (git-fixes). - crypto: iaa - Move compression CRC into request object (jsc#PED-14238). - crypto: iaa - Optimize rebalance_wq_table() (jsc#PED-14238). - crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-14238). - crypto: iaa - Remove unreachable pr_debug from iaa_crypto_cleanup_module (jsc#PED-14238). - crypto: iaa - Remove unused disable_async argument from iaa_decompress (jsc#PED-14238). - crypto: iaa - Replace sprintf with sysfs_emit in sysfs show functions (jsc#PED-14238). - crypto: iaa - Simplify init_iaa_device() (jsc#PED-14238). - crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes). - crypto: nx - Fix packed layout in struct nx842_crypto_header (git-fixes). - crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes). - crypto: qat - #undef field_get() before local definition (jsc#PED-14238). - crypto: qat - add adf_rl_get_num_svc_aes() in rate limiting (jsc#PED-14238). - crypto: qat - add bank state save and restore for qat_420xx (jsc#PED-14238). - crypto: qat - add command queue telemetry counters for GEN6 (jsc#PED-14238). - crypto: qat - add compression slice count for rate limiting (jsc#PED-14238). - crypto: qat - add decompression service for rate limiting (jsc#PED-14238). - crypto: qat - add decompression service to telemetry (jsc#PED-14238). - crypto: qat - add firmware headers for GEN6 devices (jsc#PED-14238). - crypto: qat - add GEN6 firmware loader (jsc#PED-14238). - crypto: qat - add get_svc_slice_cnt() in device data structure (jsc#PED-14238). - crypto: qat - add live migration enablers for GEN6 devices (jsc#PED-14238). - crypto: qat - add macro to write 64-bit values to registers (jsc#PED-14238). - crypto: qat - add missing header inclusion (jsc#PED-14238). - crypto: qat - add qat_6xxx driver (jsc#PED-14238). - crypto: qat - add ring buffer idle telemetry counter for GEN6 (jsc#PED-14238). - crypto: qat - add support for decompression service to GEN6 devices (jsc#PED-14238). - crypto: qat - consolidate service enums (jsc#PED-14238). - crypto: qat - Constify struct pm_status_row (jsc#PED-14238). - crypto: qat - disable 4xxx AE cluster when lead engine is fused off (git-fixes). - crypto: qat - disable 420xx AE cluster when lead engine is fused off (git-fixes). - crypto: qat - do not export adf_cfg_services (jsc#PED-14238). - crypto: qat - enable power management debugfs for GEN6 devices (jsc#PED-14238). - crypto: qat - enable RAS support for GEN6 devices (jsc#PED-14238). - crypto: qat - enable rate limiting feature for GEN6 devices (jsc#PED-14238). - crypto: qat - enable reporting of error counters for GEN6 devices (jsc#PED-14238). - crypto: qat - enable telemetry for GEN6 devices (jsc#PED-14238). - crypto: qat - export adf_get_service_mask() (jsc#PED-14238). - crypto: qat - export adf_init_admin_pm() (jsc#PED-14238). - crypto: qat - expose configuration functions (jsc#PED-14238). - crypto: qat - fix compression instance leak (git-fixes). - crypto: qat - fix IRQ cleanup on 6xxx probe failure (git-fixes). - crypto: qat - fix object goals in Makefiles (jsc#PED-14238. - crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes). - crypto: qat - Fix typo "accelaration" (jsc#PED-14238). - crypto: qat - fix virtual channel configuration for GEN6 devices (jsc#PED-14238). - crypto: qat - include qat_common in top Makefile (jsc#PED-14238). - crypto: qat - introduce fuse array (jsc#PED-14238). - crypto: qat - make adf_dev_autoreset() static (jsc#PED-14238). - crypto: qat - optimize allocations for fw authentication (jsc#PED-14238). - crypto: qat - refactor compression template logic (jsc#PED-14238). - crypto: qat - refactor FW signing algorithm (jsc#PED-14238). - crypto: qat - refactor ring-related debug functions (jsc#PED-14238). - crypto: qat - refactor service parsing logic (jsc#PED-14238). - crypto: qat - relocate and rename bank state structure definition (jsc#PED-14238). - crypto: qat - relocate bank state helper functions (jsc#PED-14238). - crypto: qat - relocate power management debugfs helper APIs (jsc#PED-14238). - crypto: qat - relocate service related functions (jsc#PED-14238). - crypto: qat - remove BITS_IN_DWORD() (jsc#PED-14238). - crypto: qat - Remove dst_null support (jsc#PED-14238). - crypto: qat - remove duplicate masking for GEN6 devices (jsc#PED-14238). - crypto: qat - remove initialization in device class (jsc#PED-14238). - crypto: qat - remove redundant FW image size check (jsc#PED-14238). - crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-14238). - crypto: qat - remove unused members in suof structure (jsc#PED-14238). - crypto: qat - rename and relocate timer logic (jsc#PED-14238). - crypto: qat - reorder objects in qat_common Makefile (jsc#PED-14238). - crypto: qat - replace CHECK_STAT macro with static inline function (jsc#PED-14238). - crypto: qat - Replace kzalloc() + copy_from_user() with memdup_user() (jsc#PED-14238). - crypto: qat - restore ASYM service support for GEN6 devices (jsc#PED-14238). - crypto: qat - Return pointer directly in adf_ctl_alloc_resources (jsc#PED-14238). - crypto: qat - set command ids as reserved (jsc#PED-14238). - crypto: qat - switch to standard pattern for PCI IDs (jsc#PED-14238). - crypto: qat - update firmware api (jsc#PED-14238). - crypto: qat - use pr_fmt() in adf_gen4_hw_data.c (jsc#PED-14238). - crypto: qat - use pr_fmt() in qat uclo.c (jsc#PED-14238). - crypto: qat - use simple_strtoull to improve qat_uclo_parse_num (jsc#PED-14238). - crypto: qat - use swab32 macro (git-fixes). - crypto: qat - validate service in rate limiting sysfs api (jsc#PED-14238). - crypto: qat/qat_6xxx - Fix NULL vs IS_ERR() check in adf_probe() (jsc#PED-14238). - crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes). - crypto: simd - reject compat registrations without __ prefixes (git-fixes). - crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes). - crypto: tegra - Disable softirqs before finalizing request (git-fixes). - devres: fix missing node debug info in devm_krealloc() (git-fixes). - dmaengine: dw-axi-dmac: fix Alignment should match open parenthesis (git-fixes). - dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes). - dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes). - dpll: zl3073x: Add support to adjust phase (bsc#1255752). - dpll: zl3073x: Fix output pin phase adjustment sign (bsc#1255752). - dpll: zl3073x: fix REF_PHASE_OFFSET_COMP register width for some chip IDs (bsc#1255752). - dpll: zl3073x: Specify phase adjustment granularity for pins (bsc#1255752). - drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes). - drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes). - drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes). - drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git-fixes). - drm/amd/display: Change dither policy for 10 bpc output back to dithering (git-fixes). - drm/amd/display: Correct logic check error for fastboot (git-fixes). - drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git-fixes). - drm/amd/display: Disable fastboot on DCE 6 too (stable-fixes). - drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes). - drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes). - drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes). - drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes). - drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes). - drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes). - drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes). - drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes). - drm/amd/pm: fix incorrect FeatureCtrlMask setting on smu v14.0.x (git-fixes). - drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git-fixes). - drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable-fixes). - drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes). - drm/amdgpu/gfx11: look at the right prop for gfx queue priority (git-fixes). - drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes). - drm/amdgpu/jpeg: set no_user_fence for JPEG v5.0.0 ring (git-fixes). - drm/amdgpu/pm: add missing revision check for CI (git-fixes). - drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes). - drm/amdgpu/pm: drop SMU driver if version not matched messages (stable-fixes). - drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes). - drm/amdgpu/vce: Prevent partial address patches (stable-fixes). - drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes). - drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes). - drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes). - drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes). - drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes). - drm/amdgpu/vcn: set no_user_fence for VCN v5.0.0 enc ring (git-fixes). - drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes). - drm/amdgpu: Add default case in DVI mode validation (git-fixes). - drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes). - drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes). - drm/amdgpu: gate VM CPU HDP flush on reset lock (stable-fixes). - drm/amdgpu: replace PASID IDR with XArray (git-fixes). - drm/amdgpu: Use SMUIO 15.0.0 offsets for TSC upper and lower count (stable-fixes). - drm/amdgpu: zero-initialize GART table on allocation (stable-fixes). - drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes). - drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable-fixes). - drm/amdkfd: Make all TLB-flushes heavy-weight (stable-fixes). - drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes). - drm/arcpgu: fix device node leak (git-fixes). - drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes). - drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes). - drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes). - drm/bridge: stm_lvds: Do not fail atomic_check on disabled connector (git-fixes). - drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git-fixes). - drm/exynos: remove bridge when component_add fails (git-fixes). - drm/fb-helper: Fix clipping when damage area spans a single scanline (git-fixes). - drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes). - drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes). - drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes). - drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes). - drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes). - drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git-fixes). - drm/i915/wm: Verify the correct plane DDB entry (git-fixes). - drm/i915: skip __i915_request_skip() for already signaled requests (git-fixes). - drm/imagination: Switch reset_reason fields from enum to u32 (git-fixes). - drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes). - drm/loongson: Use managed KMS polling (git-fixes). - drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes). - drm/msm/a6xx: Fix HLSQ register dumping (git-fixes). - drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes). - drm/msm/dpu: fix mismatch between power and frequency (git-fixes). - drm/msm/dsi: add the missing parameter description (git-fixes). - drm/msm/dsi: fix bits_per_pclk (git-fixes). - drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes). - drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes). - drm/msm/gem: fix error handling in msm_ioctl_gem_info_get_metadata() (git-fixes). - drm/msm/shrinker: Fix can_block() logic (git-fixes). - drm/nouveau: fix nvkm_device leak on aperture removal failure (git-fixes). - drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes). - drm/panel: boe-tv101wum-nl6: restore MODE_LPM after sending disable cmds (git-fixes). - drm/panel: himax-hx83102: restore MODE_LPM after sending disable cmds (git-fixes). - drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes). - drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes). - drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes). - drm/panthor: Fix outdated function documentation (git-fixes). - drm/radeon: add missing revision check for CI (git-fixes). - drm/sun4i: backend: fix error pointer dereference (git-fixes). - drm/sun4i: Fix resource leaks (git-fixes). - drm/v3d: Handle error from drm_sched_entity_init() (git-fixes). - drm/vc4: Fix a memory leak in hang state error path (git-fixes). - drm/vc4: Fix memory leak of BO array in hang state (git-fixes). - drm/vc4: platform_get_irq_byname() returns an int (stable-fixes). - drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git-fixes). - drm/vc4: Release runtime PM reference after binding V3D (git-fixes). - drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes). - drm/xe/bo: Fix bo leak on GGTT flag validation in xe_bo_init_locked() (git-fixes). - drm/xe/bo: Fix bo leak on unaligned size validation in xe_bo_init_locked() (git-fixes). - drm/xe/debugfs: Correct printing of register whitelist ranges (git-fixes). - drm/xe/dma-buf: handle empty bo and UAF races (git-fixes). - drm/xe/gsc: Fix BO leak on error in query_compatibility_version() (git-fixes). - drm/xe/uapi: update used tracking kernel-doc (git-fixes). - drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() (git-fixes). - drm/xe: Fix error cleanup in xe_exec_queue_create_ioctl() (git-fixes). - dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes). - efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git-fixes). - efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes). - erofs: add GFP_NOIO in the bio completion if needed (git-fixes). - ext4: fix fsync(2) for nojournal mode (git-fixes). - ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes). - ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes). - extcon: Fixed sysfs duplicate filename issue (git-fixes). - extcon: ptn5150: handle pending IRQ events during system resume (git-fixes). - fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes). - fbdev: offb: fix PCI device reference leak on probe failure (git-fixes). - fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes). - fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes). - firmware: arm_ffa: Use the correct buffer size during RXTX_MAP (git-fixes). - firmware: dmi: Correct an indexing error in dmi.h (git-fixes). - firmware: google: framebuffer: Do not mark framebuffer as busy (git-fixes). - firmware: google: framebuffer: Do not unregister platform device (git-fixes). - gpio: of: clear OF_POPULATED on hog nodes in remove path (git-fixes). - gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes). - gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes). - HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes). - HID: amd_sfh: don't log error when device discovery fails with -EOPNOTSUPP (git-fixes). - HID: apple: ensure the keyboard backlight is off if suspending (git-fixes). - HID: asus: do not abort probe when not necessary (git-fixes). - HID: asus: make asus_resume adhere to linux kernel coding standards (git-fixes). - HID: core: clamp report_size in s32ton() to avoid undefined shift (stable-fixes). - HID: logitech-hidpp: Enable MX Master 4 over bluetooth (stable-fixes). - HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (stable-fixes). - HID: multitouch: Check to ensure report responses match the request (stable-fixes). - HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes). - HID: roccat: fix use-after-free in roccat_report_event (stable-fixes). - HID: usbhid: fix deadlock in hid_post_reset() (git-fixes). - HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes). - hisi_acc_vfio_pci: add eq and aeq interruption restore (git-fixes). - hisi_acc_vfio_pci: bugfix cache write-back issue (git-fixes). - hisi_acc_vfio_pci: bugfix the problem of uninstalling driver (git-fixes). - hv_sock: fix ARM64 support (git-fixes). - hv_sock: update outdated comment for renamed vsock_stream_recvmsg() (git-fixes). - hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes). - hwmon: (corsair-psu) Close HID device on probe errors (git-fixes). - hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes). - hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes). - hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes). - hwmon: (ltc4286) Add missing MODULE_IMPORT_NS("PMBUS") (git-fixes). - hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt (git-fixes). - hwmon: (powerz) Fix use-after-free on USB disconnect (git-fixes). - hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data() (git-fixes). - i2c: s3c24xx: check the size of the SMBUS message before using it (stable-fixes). - i2c: smbus: reject oversized block transfers in the common path (git-fixes). - i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes). - i2c: stub: Reject I2C block transfers with invalid length (git-fixes). - i2c: tegra: Add HS mode support (bsc#1261550). - i2c: tegra: Add Tegra256 support (bsc#1261550). - i2c: tegra: Do not configure DMA if not supported (bsc#1261550). - i2c: tegra: Don't mark devices with pins as IRQ safe (stable-fixes). - i2c: tegra: Update Tegra256 timing parameters (bsc#1261550). - i2c: tegra: Use separate variables for fast and fastplus (bsc#1261550). - i3c: dw: Fix memory leak in dw_i3c_master_i3c_xfers() (git-fixes). - i3c: master: Fix error codes at send_ccc_cmd (git-fixes). - i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git-fixes). - ibmveth: Disable GSO for packets with small MSS (bsc#1265144). - iio: adc: ad7192: Revert "properly check spi_get_device_match_data()" (stable-fixes). - iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes). - iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git-fixes). - iio: frequency: admv1013: add dev variable (stable-fixes). - iio: frequency: admv1013: fix NULL pointer dereference on str (git-fixes). - Input: bcm5974 - recover from failed mode switch (stable-fixes). - Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes). - Input: uinput - fix circular locking dependency with ff-core (git-fixes). - Input: uinput - take event lock when submitting FF request "event" (stable-fixes). - Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes). - Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes). - interconnect: debugfs: fix devm_kstrdup and kfree mismatch (git-fixes). - io_uring/timeout: check unused sqe fields (git-fixes). - iommu/amd: move wait_on_sem() out of spinlock (git-fixes bsc#1260593). - iommu/amd: serialize sequence allocation under concurrent TLB invalidations (git-fixes bsc#1260593). - iommu/vt-d: Remove LPIG from page group response descriptor (jsc#PED-16113). - ipmi: Add limits to event and receive message requests (git-fixes). - ipmi: Check event message buffer response for bad data (git-fixes). - ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes). - ipmi: ssif_bmc: fix message desynchronization after truncated response (git-fixes). - ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git-fixes). - ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (git-fixes). - KVM: arm64: Allow cacheable stage 2 mapping using VMA flags (git-fixes). - KVM: arm64: Assume non-PFNMAP/MIXEDMAP VMAs can be mapped cacheable (git-fixes). - KVM: arm64: Block cacheable PFNMAP mapping (git-fixes). - KVM: arm64: Consolidate idreg callbacks (git-fixes). - KVM: arm64: Discard PC update state on vcpu reset (git-fixes). - KVM: arm64: Finalize ID registers only once per VM (git-fixes). - KVM: arm64: Fix MTE flag initialization for protected VMs (git-fixes). - KVM: arm64: Fix page leak in user_mem_abort() (git-fixes). - KVM: arm64: Fix Trace Buffer trap polarity for protected VMs (git-fixes). - KVM: arm64: Fix Trace Buffer trapping for protected VMs (git-fixes). - KVM: arm64: Fix vma_shift staleness on nested hwpoison path (git-fixes). - KVM: arm64: Hide S1POE from guests when not supported by the host (git-fixes). - KVM: arm64: Limit clearing of ID_{AA64PFR0,PFR1}_EL1.GIC to userspace irqchip (git-fixes). - KVM: arm64: Make all 32bit ID registers fully writable (git-fixes). - KVM: arm64: nv: Add trap config for DBGWCR<15>_EL1 (git-fixes). - KVM: arm64: nv: Return correct RES0 bits for FGT registers (git-fixes). - KVM: arm64: pkvm: Fallback to level-3 mapping on host stage-2 fault (git-fixes). - KVM: arm64: Read PMUVer as unsigned (git-fixes). - KVM: arm64: Rename the device variable to s2_force_noncacheable (git-fixes). - KVM: arm64: Return early from trace helpers when KVM isn't available (git-fixes). - KVM: arm64: Set ID_{AA64PFR0,PFR1}_EL1.GIC when GICv3 is configured (git-fixes). - KVM: arm64: vgic-v3: Release reserved slot outside of lpi_xa's lock (git-fixes). - KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes). - KVM: nSVM: Use vcpu->arch.cr2 when updating vmcb12 on nested #VMEXIT (git-fixes). - KVM: nVMX: Add consistency check for TSC_MULTIPLIER=0 (git-fixes). - KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes). - KVM: SEV: Disallow LAUNCH_FINISH if vCPUs are actively being created (git-fixes). - KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (git-fixes). - KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish (git-fixes). - KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock (git-fixes). - KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (git-fixes). - KVM: SVM: Disallow EFER.LMSLE when not supported by hardware (git-fixes). - KVM: SVM: Fix a missing kunmap_local() in sev_gmem_post_populate() (git-fixes). - KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes). - KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes). - KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes). - KVM: SVM: Properly check RAX in the emulator for SVM instructions (git-fixes). - KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (git-fixes). - KVM: TDX: Explicitly set user-return MSRs that *may* be clobbered by the TDX-Module (git-fixes). - KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes). - KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes). - KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (git-fixes). - KVM: x86: Advertise EferLmsleUnsupported to userspace (git-fixes). - KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes). - KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes). - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git-fixes). - KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes). - KVM: x86: Ignore cpuid faulting in SMM (git-fixes). - leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes). - leds: qcom-lpg: Check for array overflow when selecting the high resolution (stable-fixes). - lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git-fixes). - md/raid1: fix the comparing region of interval tree (bsc#1261555). - md/raid1: serialize overlap io for writemostly disk (bsc#1261555). - media: amphion: Fix race between m2m job_abort and device_run (git-fixes). - media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes). - media: chips-media: wave5: add missing spinlock protection for handle_dynamic_resolution_change() (git-fixes). - media: chips-media: wave5: add missing spinlock protection for send_eos_event() (git-fixes). - media: chips-media: wave5: fix a potential memory leak in wave5_vdi_init() (git-fixes). - media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes). - media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes). - media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes). - media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes). - media: i2c: imx283: Enter full standby when stopping streaming (git-fixes). - media: i2c: imx283: Fix hang when going from large to small resolution (git-fixes). - media: i2c: imx412: Assert reset GPIO during probe (git-fixes). - media: i2c: ov08d10: fix image vertical start setting (git-fixes). - media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes). - media: intel/ipu6: fix error pointer dereference (git-fixes). - media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes). - media: nxp: imx8-isi: Reduce minimum queued buffers from 2 to 0 (git-fixes). - media: omap3isp: drop the use count of v4l2 pipeline (git-fixes). - media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes). - media: rc: streamzap: Error handling in probe (git-fixes). - media: rc: xbox_remote: heed DMA restrictions (git-fixes). - media: saa7164: add ioremap return checks and cleanups (git-fixes). - media: staging: imx: configure src_mux in csi_start (git-fixes). - media: staging: imx: request mbus_config in csi_start (git-fixes). - media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes). - media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes). - media: vidtv: fix nfeeds state corruption on start_streaming failure (git-fixes). - media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes). - media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes). - memory: tegra30-emc: Fix dll_change check (git-fixes). - memory: tegra124-emc: Fix dll_change check (git-fixes). - mfd: core: Preserve OF node when ACPI handle is present (git-fixes). - mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git-fixes). - mfd: stpmic1: Attempt system shutdown twice in case PMIC is confused (git-fixes). - mkspec: Add signature to source list only when it exists. - mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes). - mmc: vub300: fix NULL-deref on disconnect (git-fixes). - modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199). - mtd: docg3: fix use-after-free in docg3_release() (git-fixes). - mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git-fixes). - mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git-fixes). - mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes). - mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes). - mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes). - mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() (git-fixes). - mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes). - mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes). - net-shapers: don't free reply skb after genlmsg_reply() (git-fixes). - net/mlx5: Fix HCA caps leak on notifier init failure (git-fixes). - net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626). - net/sched: cls_fw: fix NULL dereference of "old" filters before change() (git-fixes). - net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421). - net: gro: don't merge zcopy skbs (git-fixes). - net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf (git-fixes). - net: mana: Add MAC address to vPort logs and clarify error messages (git-fixes). - net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes). - net: mana: Don't overwrite port probe error with add_adev result (git-fixes). - net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846). - net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes). - net: mana: Fix RX skb truesize accounting (bsc#1248754). - net: mana: Guard mana_remove against double invocation (git-fixes). - net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git-fixes). - net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes). - net: mana: Init gf_stats_work before potential error paths in probe (git-fixes). - net: mana: Init link_change_work before potential error paths in probe (git-fixes). - net: mana: Move current_speed debugfs file to mana_init_port() (git-fixes). - net: mana: remove double CQ cleanup in mana_create_rxq error path (git-fixes). - net: mana: Set default number of queues to 16 (bsc#1261648). - net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes). - net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes). - net: mana: Use pci_name() for debugfs directory naming (git-fixes). - net: phy: broadcom: Save PHY counters during suspend (git-fixes). - net: phy: DP83TC811: add reading of abilities (git-fixes). - net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes). - net: phy: fix a return path in get_phy_c45_ids() (git-fixes). - net: phy: qcom: at803x: Use the correct bit to disable extended next page (git-fixes). - net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes). - net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes). - net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes). - net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes). - net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes). - net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes). - net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes). - net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes). - net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler (git-fixes). - NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git-fixes). - nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes). - nfc: pn533: allocate rx skb before consuming bytes (git-fixes). - nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes). - NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes). - nvme-apple: drop invalid put of admin queue reference count (git-fixes). - nvme-auth: Include SC_C in RVAL controller hash (bsc#1260428). - nvme-loop: do not cancel I/O and admin tagset during ctrl reset/shutdown (bsc#1262709). - nvme-pci: add NVME_QUIRK_DISABLE_WRITE_ZEROES for Kingston OM3SGP4 (git-fixes). - nvme: Allow reauth from sysfs (bsc#1259672). - nvme: Expose the tls_configured sysfs for secure concat connections (bsc#1259672). - nvme: expose TLS mode (bsc#1259672). - nvme: fix admin queue leak on controller reset (git-fixes). - nvme: fix PCIe subsystem reset controller state transition (bsc#1261738). - nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git-fixes). - ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718). - ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718). - openvswitch: vport: fix self-deadlock on release of tunnel ports (git-fixes). - panic/printk: replace other_cpu_in_panic() with panic_on_other_cpu() (bsc#1261149). - panic/printk: replace this_cpu_in_panic() with panic_on_this_cpu() (bsc#1261149). - panic: introduce helper functions for panic state (bsc#1261149). - panic: use angle-bracket include for panic.h (bsc#1261149). - PCI/AER: Clear only error bits in PCIe Device Status (git-fixes). - PCI/AER: Stop ruling out unbound devices as error source (git-fixes). - PCI/ASPM: Fix pci_clear_and_set_config_dword() usage (git-fixes). - PCI/NPEM: Set LED_HW_PLUGGABLE for hotplug-capable ports (git-fixes). - PCI/TPH: Allow TPH enable for RCiEPs (git-fixes). - PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes). - PCI: dwc: rcar-gen4: Change EPC BAR alignment to 4K as per the documentation (git-fixes). - PCI: Enable AtomicOps only if Root Port supports them (git-fixes). - PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes). - PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup (git-fixes). - PCI: epf-mhi: Return 0, not remaining timeout, when eDMA ops complete (git-fixes). - PCI: hv: Set default NUMA node to 0 for devices without affinity info (bsc#1261648). - PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git-fixes). - PCI: qcom: Advertise Hotplug Slot Capability with no Command Completion support (git-fixes). - PCI: tegra194: Allow system suspend when the Endpoint link is not up (git-fixes). - PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes). - PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes). - PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes). - PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on (git-fixes). - PCI: tegra194: Fix polling delay for L2 state (git-fixes). - PCI: tegra194: Free up Endpoint resources during remove() (git-fixes). - PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes). - PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes). - PCI: tegra194: Use devm_gpiod_get_optional() to parse "nvidia,refclk-select" (git-fixes). - PCI: tegra194: Use DWC IP core version (git-fixes). - pinctrl: abx500: Fix type of 'argument' variable (git-fixes). - pinctrl: Fix spelling problem (git-fixes). - pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes). - pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git-fixes). - pinctrl: pic32: use consistent spacing around '+' (git-fixes). - pinctrl: pinctrl-pic32: Fix resource leak (git-fixes). - pinctrl: realtek: Fix function signature for config argument (git-fixes). - pinctrl: renesas: rzg2l: Fix save/restore of {IOLH,IEN,PUPD,SMT} registers (git-fixes). - platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes). - platform/surface: surfacepro3_button: Drop wakeup source on remove (git-fixes). - platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable-fixes). - platform/x86/intel-uncore-freq: Handle autonomous UFS status bit (git-fixes). - platform/x86: asus-wmi: adjust screenpad power/brightness handling (git-fixes). - platform/x86: asus-wmi: fix screenpad brightness range (git-fixes). - platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git-fixes). - platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes). - platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes). - platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes). - power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes). - power: supply: max17042: avoid overflow when determining health (git-fixes). - powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535). - powerpc/crash: Update backup region offset in elfcorehdr on memory hotplug (bsc#1259535). - printk/nbcon/panic: Allow printk kthread to sleep when the system is in panic (bsc#1261149). - printk/nbcon: Block printk kthreads when any CPU is in an emergency context (bsc#1261149). - printk/nbcon: Release nbcon consoles ownership in atomic flush after each emitted record (bsc#1261149). - printk/nbcon: Restore IRQ in atomic flush after each emitted record (bsc#1261149). - printk/nbcon: use panic_on_this_cpu() helper (bsc#1261149). - printk: Allow printk_trigger_flush() to flush all types (bsc#1262750). - printk: Allow to use the printk kthread immediately even for 1st nbcon (jsc#PED-7912). - printk: Avoid irq_work for printk_deferred() on suspend (bsc#1262750). - printk: Avoid scheduling irq_work on suspend (bsc#1262750). - printk: console_flush_one_record() code cleanup (bsc#1261149). - printk: Introduce console_flush_one_record (bsc#1261149). - printk: Use console_flush_one_record for legacy printer kthread (bsc#1261149). - pwm: imx-tpm: Count the number of enabled channels in probe (git-fixes). - qat: don't mess with ->d_name (jsc#PED-14238). - r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes). - RDMA/irdma: Fix double free related to rereg_user_mr (git-fixes). - RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes). - RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes). - RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes). - RDMA/mana: Validate rx_hash_key_len (git-fixes). - RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes). - RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes). - RDMA/mana_ib: Support memory windows (git-fixes). - regulator: act8945a: fix OF node reference imbalance (git-fixes). - regulator: bd9571mwv: fix OF node reference imbalance (git-fixes). - regulator: max77650: fix OF node reference imbalance (git-fixes). - regulator: mt6357: fix OF node reference imbalance (git-fixes). - regulator: rk808: fix OF node reference imbalance (git-fixes). - remoteproc: xlnx: Fix sram property parsing (git-fixes). - remoteproc: xlnx: Only access buffer information if IPI is buffered (git-fixes). - Revert "ALSA: usb: Increase volume range that triggers a warning" (git-fixes). - Revert "serial: 8250: Revert "drop lockdep annotation from serial8250_clear_IER()"" (bsc#1262480). - Revert "serial: 8250: Switch to nbcon console" (bsc#1262480). - rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes). - rtc: ntxec: fix OF node reference imbalance (git-fixes). - s390/dasd: Copy detected format information to secondary device (bsc#1259994). - s390/dasd: Fix gendisk parent after copy pair swap (bsc#1259994). - s390/dasd: Move quiesce state with pprc swap (bsc#1259994). - sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961). - sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961). - sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961). - scsi: lpfc: Add clean up of aborted NVMe commands during PCI fcn reset (bsc#1262019). - scsi: lpfc: Add log messages to fabric login error labels (bsc#1262019). - scsi: lpfc: Add PCI ID support for LPe42100 series adapters (bsc#1262019). - scsi: lpfc: Add REG_VFI mailbox cmd error handling (bsc#1262019). - scsi: lpfc: Break out of IRQ affinity assignment when mask reaches nr_cpu_ids (bsc#1262019). - scsi: lpfc: Check ASIC_ID register to aid diagnostics during failed fw updates (bsc#1262019). - scsi: lpfc: Cleanup error exit paths in lpfc_fdmi_cmd() and associated messages (bsc#1262019). - scsi: lpfc: ELIMINATE kernel-doc warnings in lpfc.h (bsc#1262019). - scsi: lpfc: Fix incorrect txcmplq_cnt during cleanup in lpfc_sli_abort_ring() (bsc#1262019). - scsi: lpfc: Introduce 128G link speed selection and support (bsc#1262019). - scsi: lpfc: Log discarded and insufficient RQE buffer events (bsc#1262019). - scsi: lpfc: Log MCQE contents for mbox commands with no context (bsc#1262019). - scsi: lpfc: Properly set WC for DPP mapping (bsc#1262019). - scsi: lpfc: Reduce pointer chasing when accessing vmid_flag (bsc#1262019). - scsi: lpfc: Remove deprecated PBDE feature (bsc#1262019). - scsi: lpfc: Remove unnecessary ndlp kref get in lpfc_check_nlp_post_devloss (bsc#1262019). - scsi: lpfc: Restrict first burst to non-FCoE and SLI4 adapters only (bsc#1262019). - scsi: lpfc: Select mailbox rq_create cmd version based on SLI4 if_type (bsc#1262019). - scsi: lpfc: Update class of service bit field to 3 bits for WQE submissions (bsc#1262019). - scsi: lpfc: Update construction of SGL when XPSGL is enabled (bsc#1262019). - scsi: lpfc: Update copyright year string for 2026 (bsc#1262019). - scsi: lpfc: Update log message when ndlp kref get is unsuccessful (bsc#1262019). - scsi: lpfc: Update lpfc version to 14.4.0.14 (bsc#1262019). - scsi: lpfc: Update lpfc version to 15.0.0.0 (bsc#1262019). - scsi: lpfc: Update outdated comment for renamed lpfc_freenode() (bsc#1262019). - scsi: lpfc: Use min_t() instead of min() in lpfc_sli4_driver_resource_setup (bsc#1262019). - scsi: lpfc: Use the crc32c() function (bsc#1262019). - scsi: mpi3mr: Add NULL checks when resetting request and reply queues (git-fixes). - scsi: ses: Fix devices attaching to different hosts (git-fixes). - scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git-fixes). - scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449). - scsi: ufs: ufs-pci: Add support for Intel Wildcat Lake (jsc#PED-13771). - selftests/bpf: Test cross-sign 64bits range refinement (git-fixes). - selftests/bpf: Test invariants on JSLT crossing sign (git-fixes). - selftests/bpf: test refining u32/s32 bounds when ranges cross min/max boundary (git-fixes). - selftests: net: build net/lib dependency in all target (bsc#1262245). - selinux: don't reserve xattr slot when we won't fill it (stable-fixes). - selinux: prune /sys/fs/selinux/disable (stable-fixes). - selinux: shrink critical section in sel_write_load() (stable-fixes). - serial: 8250: Add serial8250_handle_irq_locked() (bsc#1262480). - serial: 8250: Protect LCR write in shutdown (bsc#1262480). - serial: 8250_dw: Avoid unnecessary LCR writes (bsc#1262480). - serial: 8250_dw: Ensure BUSY is deasserted (bsc#1262480). - serial: 8250_dw: Rework dw8250_handle_irq() locking and IIR handling (bsc#1262480). - serial: 8250_dw: Rework IIR_NO_INT handling to stop interrupt storm (bsc#1262480). - Set CONFIG_INTEL_TSX_MODE to follow upstream AUTO default (bsc#1263044). - soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes). - soc: qcom: aoss: compare against normalized cooling state (git-fixes). - soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes). - soc: qcom: ocmem: make the core clock optional (git-fixes). - soc: qcom: ocmem: register reasons for probe deferrals (git-fixes). - soc: qcom: ocmem: return -EPROBE_DEFER is ocmem is not available (git-fixes). - sound: ua101: fix division by zero at probe (git-fixes). - soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes). - soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes). - soundwire: debugfs: initialize firmware_file to empty string (git-fixes). - spi: aspeed-smc: fix controller deregistration (git-fixes). - spi: at91-usart: fix controller deregistration (git-fixes). - spi: atmel: fix controller deregistration (git-fixes). - spi: bcm63xx: fix controller deregistration (git-fixes). - spi: bcmbca-hsspi: fix controller deregistration (git-fixes). - spi: cadence: fix controller deregistration (git-fixes). - spi: cadence: fix unclocked access on unbind (git-fixes). - spi: ch341: fix memory leaks on probe failures (git-fixes). - spi: coldfire-qspi: fix controller deregistration (git-fixes). - spi: dln2: fix controller deregistration (git-fixes). - spi: fix controller cleanup() documentation (git-fixes). - spi: fix misleading controller deregistration kernel-doc (git-fixes). - spi: fix misleading controller registration kernel-doc (git-fixes). - spi: fsl-espi: fix controller deregistration (git-fixes). - spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes). - spi: fsl: fix controller deregistration (git-fixes). - spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes). - spi: img-spfi: fix controller deregistration (git-fixes). - spi: imx: fix runtime pm leak on probe deferral (git-fixes). - spi: imx: fix use-after-free on unbind (git-fixes). - spi: lantiq-ssc: fix controller deregistration (git-fixes). - spi: meson-spicc: fix controller deregistration (git-fixes). - spi: microchip-core-qspi: fix controller deregistration (git-fixes). - spi: mpc52xx: fix controller deregistration (git-fixes). - spi: mpc52xx: fix use-after-free on registration failure (git-fixes). - spi: mpc52xx: fix use-after-free on unbind (git-fixes). - spi: mtk-nor: fix controller deregistration (git-fixes). - spi: mtk-snfi: fix memory leak in probe (git-fixes). - spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes). - spi: mxic: fix controller deregistration (git-fixes). - spi: mxs: fix controller deregistration (git-fixes). - spi: npcm-pspi: fix controller deregistration (git-fixes). - spi: omap2-mcspi: fix controller deregistration (git-fixes). - spi: orion: fix clock imbalance on registration failure (git-fixes). - spi: orion: fix controller deregistration (git-fixes). - spi: orion: fix runtime pm leak on unbind (git-fixes). - spi: pic32-sqi: fix controller deregistration (git-fixes). - spi: pic32: fix controller deregistration (git-fixes). - spi: pl022: fix controller deregistration (git-fixes). - spi: qup: fix controller deregistration (git-fixes). - spi: rockchip: fix controller deregistration (git-fixes). - spi: rockchip: Read ISR, not IMR, to detect cs-inactive IRQ (git-fixes). - spi: rspi: fix controller deregistration (git-fixes). - spi: s3c64xx: fix controller deregistration (git-fixes). - spi: s3c64xx: fix NULL-deref on driver unbind (git-fixes). - spi: sh-hspi: fix controller deregistration (git-fixes). - spi: sprd: fix controller deregistration (git-fixes). - spi: st-ssc4: fix controller deregistration (git-fixes). - spi: sun4i: fix controller deregistration (git-fixes). - spi: sun6i: fix controller deregistration (git-fixes). - spi: syncuacer: fix controller deregistration (git-fixes). - spi: ti-qspi: fix controller deregistration (git-fixes). - spi: topcliff-pch: fix controller deregistration (git-fixes). - spi: topcliff-pch: fix use-after-free on unbind (git-fixes). - spi: uniphier: fix controller deregistration (git-fixes). - spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable-fixes). - spi: zynq-qspi: fix controller deregistration (git-fixes). - spi: zynq-qspi: Simplify clock handling with devm_clk_get_enabled() (stable-fixes). - spi: zynqmp-gqspi: fix controller deregistration (git-fixes). - staging: media: atomisp: Disallow all private IOCTLs (git-fixes). - staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes). - staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes). - staging: vme_user: fix root device leak on init failure (git-fixes). - tg3: replace placeholder MAC address with device property (git-fixes). - thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes). - thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes). - thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes). - tools/power/turbostat: Fix microcode patch level output for AMD/Hygon (git-fixes). - tools: hv: Fix cross-compilation (git-fixes). - tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() (git-fixes). - tpm: avoid -Wunused-but-set-variable (git-fixes). - tpm: Fix auth session leak in tpm2_get_random() error path (git-fixes). - tpm: tpm_tis: add error logging for data transfer (git-fixes). - tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes). - tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() (git-fixes). - tty: serial: ip22zilog: Fix section mispatch warning (git-fixes). - udp: Force compute_score to always inline (bsc#1241259). - unshare: fix unshare_fs() handling (git-fixes). - USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (git-fixes). - usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes). - usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes). - USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes). - usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes). - usb: gadget: f_hid: Add missing error code (git-fixes). - usb: gadget: f_hid: don't call cdev_init while cdev in use (git-fixes). - usb: gadget: f_hid: move list and spinlock inits from bind to alloc (stable-fixes). - usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git-fixes). - usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (git-fixes). - usb: gadget: f_uac1_legacy: validate control request size (stable-fixes). - usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes). - usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo (git-fixes). - USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes). - usb: port: add delay after usb_hub_set_port_power() (git-fixes). - usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes). - USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes). - USB: serial: option: add MeiG Smart SRM825WN (stable-fixes). - USB: serial: option: add support for Rolling Wireless RW135R-GL (stable-fixes). - USB: serial: option: add Telit Cinterion FN990A MBIM composition (git-fixes). - USB: serial: option: add Telit Cinterion LE910Cx compositions (stable-fixes). - usb: storage: Expand range of matched versions for VL817 quirks entry (git-fixes). - usb: typec: tcpm: reset internal port states on soft reset AMS (git-fixes). - usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes). - usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable-fixes). - usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable-fixes). - usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git-fixes). - usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes). - vfio/pci: Lock upstream bridge for vfio_pci_core_disable() (git-fixes). - vfio/pds: Fix memory leak in pds_vfio_dirty_enable() (git-fixes). - vfio/pds: Fix missing detach_ioas op (git-fixes). - vfio/pds: replace bitmap_free with vfree (git-fixes). - vfio/type1: Fix error unwind in migration dirty bitmap allocation (git-fixes). - vfio: Fix unbalanced vfio_df_close call in no-iommu mode (git-fixes). - vfio: Prevent open_count decrement to negative (git-fixes). - virt: arm-cca-guest: fix error check for RSI_INCOMPLETE (git-fixes). - virt: sev-guest: Do not use host-controlled page order in cleanup path (git-fixes). - virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git-fixes). - virt: tdx-guest: Return error for GetQuote failures (git-fixes). - wifi: ath5k: do not access array OOB (git-fixes). - wifi: ath9k: Fix typo (git-fixes). - wifi: ath10k: fix station lookup failure during disconnect (git-fixes). - wifi: ath11k: fix memory leaks in beacon template setup (git-fixes). - wifi: ath12k: fix leak in some ath12k_wmi_xxx() functions (git-fixes). - wifi: ath12k: use lockdep_assert_in_rcu_read_lock() for RCU assertions (git-fixes). - wifi: b43: enforce bounds check on firmware key index in b43_rx() (git-fixes). - wifi: b43legacy: enforce bounds check on firmware key index in RX path (git-fixes). - wifi: brcmfmac: Fix error pointer dereference (git-fixes). - wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task (git-fixes). - wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes). - wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes). - wifi: cw1200: Revert "Fix locking in error paths" (git-fixes). - wifi: libertas: notify firmware load wait on disconnect (git-fixes). - wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes). - wifi: mac80211: check tdls flag in ieee80211_tdls_oper (stable-fixes). - wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes). - wifi: mac80211: handle VHT EXT NSS in ieee80211_determine_our_sta_mode() (git-fixes). - wifi: mac80211: remove station if connection prep fails (git-fixes). - wifi: mac80211: use safe list iteration in radar detect work (git-fixes). - wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req() (git-fixes). - wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable-fixes). - wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes). - wifi: mt76: mt7615: fix use_cts_prot support (git-fixes). - wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git-fixes). - wifi: mt76: mt7915: fix use_cts_prot support (git-fixes). - wifi: mt76: mt7921: fix 6GHz regulatory update on connection (git-fixes). - wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes). - wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git-fixes). - wifi: mt76: mt7921: Place upper limit on station AID (git-fixes). - wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes). - wifi: mt76: mt7925: fix AMPDU state handling in mt7925_tx_check_aggr (git-fixes). - wifi: mt76: mt7925: fix incorrect length field in txpower command (git-fixes). - wifi: mt76: mt7925: Fix incorrect MLO mode in firmware control (git-fixes). - wifi: mt76: mt7925: fix incorrect TLV length in CLC command (git-fixes). - wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_tx_check_aggr() (git-fixes). - wifi: mt76: mt7925: prevent NULL vif dereference in mt7925_mac_write_txwi (git-fixes). - wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes). - wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes). - wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work() (git-fixes). - wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes). - wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git-fixes). - wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes). - wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes). - wifi: rt2x00usb: fix devres lifetime (git-fixes). - wifi: rtl8xxxu: fix potential use of uninitialized value (git-fixes). - wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes). - wifi: rtw88: Add additional USB IDs for RTL8812BU (bsc#1263135). - wifi: rtw88: Add BUFFALO WI-U3-866DHP to the USB ID list (bsc#1263135). - wifi: rtw88: Add support for Mercusys MA30N and D-Link DWA-T185 rev. A1 (bsc#1263135). - wifi: rtw88: check for PCI upstream bridge existence (git-fixes). - wifi: rtw88: fix device leak on probe failure (git-fixes). - wifi: rtw88: rtw8822bu VID/PID for BUFFALO WI-U2-866DM (bsc#1263135). - wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes). - wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes). - x86/acpi/boot: Correct acpi_is_processor_usable() check again (git-fixes). - x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git-fixes). - x86/boot/sev: Support memory acceptance in the EFI stub under SVSM (git-fixes). - x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes). - x86/CPU/AMD: Add X86_FEATURE_ZEN6 (bsc#1263255). - x86/cpufeatures: Free up unused feature bits (bsc#1263255). - x86/fred: Fix early boot failures on SEV-ES/SNP guests (git-fixes). - x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges() (git-fixes). - x86/sev: Add missing RIP_REL_REF() invocations during sme_enable() (git-fixes). - x86/sev: Do not touch VMSA pages during SNP guest memory kdump (git-fixes). - x86/sev: Ensure SVSM reserved fields in a page validation entry are initialized to zero (git-fixes). - x86/sev: Fix operator precedence in GHCB_MSR_VMPL_REQ_LEVEL macro (git-fixes). - x86/sev: Improve handling of writes to intercepted TSC MSRs (git-fixes). - x86/sev: Make sure pages are not skipped during kdump (git-fixes). - x86/tsx: Get the tsx= command line parameter with early_param() (bsc#1250951 bsc#1263044). - x86/tsx: Make tsx_ctrl_state static (bsc#1250951 bsc#1263044). - x86/vmware: Parse MP tables for SEV-SNP enabled guests under VMware hypervisors (git-fixes). - X.509: Fix out-of-bounds access when parsing extensions (git-fixes). - Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815).

---

Patchnames: SUSE-SLES-16.0-814

---

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).