SUSE-IU-2025:1410-1: Security update of suse/sl-micro/6.0/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat May 24 07:16:09 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:1410-1
Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.4 , suse/sl-micro/6.0/base-os-container:latest
Image Release : 7.4
Severity : critical
Type : security
References : 1010996 1199079 1215199 1223809 1224013 1224597 1224757 1224868
1228659 1229003 1230764 1231103 1232493 1233075 1233098 1234128
1234798 1235501 1235526 1236086 1236704 1237111 1238212 1238471
1238527 1238714 1238737 1238742 1238745 1238862 1238961 1238983
1239079 1239108 1239470 1239476 1239487 1239510 1239883 1239909
1239997 1240009 1240181 1240343 1240557 1240576 1240655 1240709
1240712 1240713 1240717 1240740 1240785 1240802 1240809 1240811
1240835 1240897 1240934 1240936 1240944 1241010 1241020 1241038
1241051 1241078 1241083 1241123 1241151 1241167 1241175 1241204
1241250 1241265 1241266 1241280 1241332 1241333 1241341 1241343
1241344 1241347 1241357 1241361 1241369 1241371 1241373 1241378
1241394 1241402 1241412 1241413 1241416 1241424 1241426 1241433
1241436 1241441 1241442 1241443 1241451 1241452 1241453 1241456
1241458 1241459 1241526 1241528 1241537 1241541 1241545 1241547
1241548 1241550 1241551 1241573 1241574 1241575 1241578 1241590
1241593 1241598 1241599 1241601 1241626 1241640 1241648 1242006
1242044 1242172 1242283 1242307 1242313 1242314 1242315 1242321
1242326 1242327 1242328 1242332 1242333 1242335 1242336 1242342
1242343 1242344 1242345 1242346 1242347 1242348 1242414 1242526
1242528 1242534 1242535 1242536 1242537 1242538 1242539 1242540
1242546 1242556 1242596 1242710 1242778 1242831 1242901 1242985
1243317 441356 CVE-2023-53034 CVE-2024-27018 CVE-2024-27415 CVE-2024-28956
CVE-2024-35840 CVE-2024-46763 CVE-2024-46865 CVE-2024-50083 CVE-2024-50162
CVE-2024-50163 CVE-2024-56406 CVE-2024-56641 CVE-2024-56702 CVE-2024-57924
CVE-2024-57998 CVE-2024-58001 CVE-2024-58068 CVE-2024-58070 CVE-2024-58088
CVE-2024-58093 CVE-2024-58094 CVE-2024-58095 CVE-2024-58096 CVE-2024-58097
CVE-2025-21683 CVE-2025-21696 CVE-2025-21707 CVE-2025-21758 CVE-2025-21768
CVE-2025-21792 CVE-2025-21808 CVE-2025-21812 CVE-2025-21833 CVE-2025-21852
CVE-2025-21853 CVE-2025-21854 CVE-2025-21867 CVE-2025-21904 CVE-2025-21925
CVE-2025-21926 CVE-2025-21931 CVE-2025-21962 CVE-2025-21963 CVE-2025-21964
CVE-2025-21980 CVE-2025-21985 CVE-2025-21999 CVE-2025-22004 CVE-2025-22015
CVE-2025-22016 CVE-2025-22017 CVE-2025-22018 CVE-2025-22020 CVE-2025-22025
CVE-2025-22027 CVE-2025-22029 CVE-2025-22033 CVE-2025-22036 CVE-2025-22044
CVE-2025-22045 CVE-2025-22050 CVE-2025-22053 CVE-2025-22055 CVE-2025-22058
CVE-2025-22060 CVE-2025-22062 CVE-2025-22064 CVE-2025-22065 CVE-2025-22075
CVE-2025-22080 CVE-2025-22086 CVE-2025-22088 CVE-2025-22090 CVE-2025-22093
CVE-2025-22097 CVE-2025-22102 CVE-2025-22104 CVE-2025-22105 CVE-2025-22106
CVE-2025-22107 CVE-2025-22108 CVE-2025-22109 CVE-2025-22115 CVE-2025-22116
CVE-2025-22121 CVE-2025-22128 CVE-2025-23129 CVE-2025-23131 CVE-2025-23133
CVE-2025-23136 CVE-2025-23138 CVE-2025-23145 CVE-2025-2588 CVE-2025-29087
CVE-2025-29088 CVE-2025-32414 CVE-2025-32415 CVE-2025-3360 CVE-2025-37785
CVE-2025-37798 CVE-2025-37799 CVE-2025-37860 CVE-2025-39728 CVE-2025-4802
-----------------------------------------------------------------
The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 313
Released: Mon May 12 11:36:50 2025
Summary: Recommended update for NetworkManager
Type: recommended
Severity: important
References: 1224868
This update for NetworkManager fixes the following issues:
- Add config-server subpackage (bsc#1224868).
-----------------------------------------------------------------
Advisory ID: 314
Released: Mon May 12 11:55:56 2025
Summary: Security update for glib2
Type: security
Severity: moderate
References: 1240897,CVE-2025-3360
This update for glib2 fixes the following issues:
- CVE-2025-3360: Fixed integer overflow and buffer underread when
parsing a very long and invalid ISO 8601 timestamp with
g_date_time_new_from_iso8601() (bsc#1240897).
-----------------------------------------------------------------
Advisory ID: 324
Released: Fri May 16 11:41:30 2025
Summary: Recommended update for elemental-operator
Type: recommended
Severity: moderate
References: 1242901
This update for elemental-operator fixes the following issues:
- Fix questions.yaml default tag
- operator: update RBAC for upgrade plans (bsc#1242901)
-----------------------------------------------------------------
Advisory ID: 325
Released: Fri May 16 14:45:12 2025
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1241020,1241078,CVE-2025-29087,CVE-2025-29088
This update for sqlite3 fixes the following issues:
- Update to release 3.49.1:
* Improve portability of makefiles and configure scripts.
* CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws()
function, introduced in version 3.44.0, that could lead to a
memory error if the separator string is very large (hundreds
of megabytes).
* CVE-2025-29088, bsc#1241078: Enhanced the
SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust
against misuse.
- Update to release 3.49.0:
* Enhancements to the query planner:
- Improve the query-time index optimization so that it works on
WITHOUT ROWID tables.
- Better query plans for large star-query joins. This fixes
three different performance regressions that were reported
on the SQLite Forum.
- When two or more queries have the same estimated cost, use
the one with the fewer bytes per row.
* Enhance the iif() SQL function so that it can accept any number
of arguments greater than or equal to two.
* Enhance the session extension so that it works on databases
that make use of generated columns.
* Omit the SQLITE_USE_STDIO_FOR_CONSOLE compile-time option which
was not implemented correctly and never worked right. In its place
add the SQLITE_USE_W32_FOR_CONSOLE_IO compile-time option. This
option applies to command-line tools like the CLI only, not to the
SQLite core. It causes Win32 APIs to be used for console I/O
instead of stdio. This option affects Windows builds only.
* Three new options to sqlite3_db_config(). All default 'on'.
SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE
SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE
SQLITE_DBCONFIG_ENABLE_COMMENTS
- Re-enable SONAME which got disabled by default in 3.48.0.
* https://www.sqlite.org/src/forumpost/5a3b44f510df8ded
* https://sqlite.org/forum/forumpost/ab8f15697a
- Update to release 3.48.0:
* Improved EXPLAIN QUERY PLAN output for covering indexes.
* Allow a two-argument version of the iif() SQL function.
* Also allow if() as an alternative spelling for iif().
* Add the '.dbtotxt' command to the CLI.
* Add the SQLITE_IOCAP_SUBPAGE_READ property to the
xDeviceCharacteristics method of the sqlite3_io_methods object.
* Add the SQLITE_PREPARE_DONT_LOG option to sqlite3_prepare_v3()
that prevents warning messages being sent to the error log if
the SQL is ill-formed. This allows sqlite3_prepare_v3() to be
used to do test compiles of SQL to check for validity without
polluting the error log with false messages.
* Increase the minimum allowed value of SQLITE_LIMIT_LENGTH from
1 to 30.
* Added the SQLITE_FCNTL_NULL_IO file control.
* Extend the FTS5 auxiliary API xInstToken() to work with prefix
queries via the insttoken configuration option and the
fts5_insttoken() SQL function.
* Increase the maximum number of arguments to an SQL function
from 127 to 1000.
- Update to release 3.47.2:
* Fix a problem in text-to-floating-point conversion that affects
text values where the first 16 significant digits are
'1844674407370955'. This issue was introduced in 3.47.0 and
only arises on x64 and i386 hardware.
* Other minor bug fixes.
- Enable the session extension, because NodeJS 22 needs it.
- Update to release 3.47.1:
* Fix the makefiles so that they once again honored DESTDIR for
the 'install' target.
* Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to
work around issues on some non-standard VFSes caused by making
SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0.
* Fix incorrect answers to certain obscure IN queries caused by
new query optimizations added in the 3.47.0 release.
* Other minor bug fixes.
- Update to release 3.47.0:
* Allow arbitrary expressions in the second argument to the RAISE
function.
* If the RHS of the ->> operator is negative, then access array
elements counting from the right.
* Fix a problem with rolling back hot journal files in the
seldom-used unix-dotfile VFS.
* FTS5 tables can now be dropped even if they use a non-standard
tokenizer that has not been registered.
* Fix the group_concat() aggregate function so that it returns an
empty string, not a NULL, if it receives a single input value
which is an empty string.
* Enhance the generate_series() table-valued function so that it
is able to recognize and use constraints on its output value.
Preupdate hooks now recognize when a column added by ALTER
TABLE ADD COLUMN has a non-null default value.
* Improved reuse of subqueries associated with the IN operator,
especially when the IN operator has been duplicated due to
predicate push-down.
* Use a Bloom filter on subqueries on the right-hand side of the
IN operator, in cases where that seems likely to improve
performance.
* Ensure that queries like 'SELECT func(a) FROM tab GROUP BY 1'
only invoke the func() function once per row.
* No attempt is made to create automatic indexes on a column
that is known to be non-selective because of its use in other
indexes that have been analyzed.
* Adjustments to the query planner so that it produces better
plans for star queries with a large number of dimension
tables.
* Add the 'order-by-subquery' optimization, that seeks to
disable sort operations in outer queries if the desired order
is obtained naturally due to ORDER BY clauses in subqueries.
* The 'indexed-subtype-expr' optimization strives to use
expressions that are part of an index rather than recomputing
the expression based on table values, as long as the query
planner can prove that the subtype of the expression will
never be used.
* Miscellaneous coding tweaks for faster runtimes.
* Add the experimental sqlite3_rsync program.
* Add extension functions median(), percentile(),
percentile_cont(), and percentile_disc() to the CLI.
* Add the .www dot-command to the CLI.
* The sqlite3_analyzer utility now provides a break-out of
statistics for WITHOUT ROWID tables.
* The sqldiff utility avoids creating an empty database if its
second argument does not exist.
* Enhance the sqlite_dbpage table-valued function such that
INSERT can be used to increase or decrease the size of the
database file.
* SQLite no longer makes any use of the 'long double' data type,
as hardware support for long double is becoming less common
and long double creates challenges for some compiler tool
chains. Instead, SQLite uses Dekker's algorithm when extended
precision is needed.
* The TCL Interface for SQLite supports TCL9. Everything
probably still works for TCL 8.5 and later, though this is not
guaranteed. Users are encouraged to upgrade to TCL9.
* Fix a corruption-causing bug in the JavaScript 'opfs' VFS.
Correct 'mode=ro' handling for the 'opfs' VFS. Work around a
couple of browser-specific OPFS quirks.
* Add the fts5_tokenizer_v2 API and the locale=1 option, for
creating custom locale-aware tokenizers and fts5 tables that
may take advantage of them.
* Add the contentless_unindexed=1 option, for creating
contentless fts5 tables that store the values of any UNINDEXED
columns persistently in the database.
* Allow an FTS5 table to be dropped even if it uses a custom
tokenizer whose implementation is not available.
- Update to release 3.46.1:
* Improved robustness while parsing the tokenize= arguments in
FTS5.
* Enhancements to covering index prediction in the query planner.
* Do not let the number of terms on a VALUES clause be limited by
SQLITE_LIMIT_COMPOUND_SELECT, even if the VALUES clause
contains elements that appear to be variables due to
double-quoted string literals.
* Fix the window function version of group_concat() so that it
returns an empty string if it has one or more empty string
inputs.
* In FTS5 secure-delete mode, fix false-positive integrity-check
reports about corrupt indexes.
* Syntax errors in ALTER TABLE should always return SQLITE_ERROR.
In some cases, they were formerly returning SQLITE_INTERNAL.
* Other minor fixes.
- Update to release 3.46.0:
* https://sqlite.org/releaselog/3_46_0.html
* Enhance PRAGMA optimize in multiple ways.
* Enhancements to the date and time functions.
* Add support for underscore ('_') characters between digits in
numeric literals.
* Add the json_pretty() SQL function.
* Query planner improvements.
* Allocate additional memory from the heap for the SQL parser
stack if that stack overflows, rather than reporting a 'parser
stack overflow' error.
* Allow ASCII control characters within JSON5 string literals.
* Fix the -> and ->> JSON operators so that when the right-hand
side operand is a string that looks like an integer it is still
treated as a string, because that is what PostgreSQL does.
- Update to release 3.45.3:
* Fix a long-standing bug (going back to version 3.24.0) that
might (rarely) cause the 'old.*' values of an UPDATE trigger
to be incorrect if that trigger fires in response to an UPSERT.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added as item 8e in version 3.35.0. The
optimization was being attempted in some contexts where it did
not work, resulting in incorrect query results.
- Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream.
- Update to release 3.45.2:
* Added the SQLITE_RESULT_SUBTYPE property for application-
defined SQL functions.
* Enhancements to the JSON SQL functions
* Add the FTS5 tokendata option to the FTS5 virtual table.
* The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by
default.
* Query planner improvements
* Increase the default value for SQLITE_MAX_PAGE_COUNT from
1073741824 to 4294967294.
* Enhancements to the CLI
* Restore the JSON BLOB input bug, and promise to support the
anomaly in subsequent releases, for backward compatibility.
* Fix the PRAGMA integrity_check command so that it works on
read-only databases that contain FTS3 and FTS5 tables.
* Fix issues associated with processing corrupt JSONB inputs.
* Fix a long-standing bug in which a read of a few bytes past the
end of a memory-mapped segment might occur when accessing a
craftily corrupted database using memory-mapped database.
* Fix a long-standing bug in which a NULL pointer dereference
might occur in the bytecode engine due to incorrect bytecode
being generated for a class of SQL statements that are
deliberately designed to stress the query planner but which
are otherwise pointless.
* Fix an error in UPSERT, introduced in version 3.35.0.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added in version 3.35.0.
-----------------------------------------------------------------
Advisory ID: 328
Released: Wed May 21 13:04:20 2025
Summary: Security update for glibc
Type: security
Severity: critical
References: 1234128,1239883,1243317,CVE-2025-4802
This update for glibc fixes the following issues:
- CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. (elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static) (bsc#1243317)
- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
-----------------------------------------------------------------
Advisory ID: 329
Released: Wed May 21 13:23:02 2025
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1241453,1241551,CVE-2025-32414,CVE-2025-32415
This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read (bsc#1241453)
-----------------------------------------------------------------
Advisory ID: 330
Released: Wed May 21 17:37:32 2025
Summary: Security update for perl
Type: security
Severity: important
References: 1241083,CVE-2024-56406
This update for perl fixes the following issues:
- CVE-2024-56406: Fixed heap buffer overflow with tr// [bsc#1241083]
-----------------------------------------------------------------
Advisory ID: 331
Released: Wed May 21 17:40:23 2025
Summary: Security update for ca-certificates-mozilla
Type: security
Severity: moderate
References: 1010996,1199079,1229003,1234798,1240009,1240343,441356
This update for ca-certificates-mozilla fixes the following issues:
- test for a concretely missing certificate rather than
just the directory, as the latter is now also provided by
openssl-3
- Re-create java-cacerts with SOURCE_DATE_EPOCH set
for reproducible builds (bsc#1229003)
- explicit remove distrusted certs, as the distrust does not get exported
correctly and the SSL certs are still trusted. (bsc#1240343)
- Entrust.net Premium 2048 Secure Server CA
- Entrust Root Certification Authority
- AffirmTrust Commercial
- AffirmTrust Networking
- AffirmTrust Premium
- AffirmTrust Premium ECC
- Entrust Root Certification Authority - G2
- Entrust Root Certification Authority - EC1
- GlobalSign Root E46
- GLOBALTRUST 2020
- pass file argument to awk (bsc#1240009)
- update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
- remove extensive signature printing in comments of the cert
bundle
- Define two macros to break a build cycle with p11-kit.
- Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798)
Removed:
- SecureSign RootCA11
- Security Communication RootCA3
Added:
- TWCA CYBER Root CA
- TWCA Global Root CA G2
- SecureSign Root CA12
- SecureSign Root CA14
- SecureSign Root CA15
-----------------------------------------------------------------
Advisory ID: kernel-22
Released: Fri May 23 09:19:59 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1215199,1223809,1224013,1224597,1224757,1228659,1230764,1231103,1232493,1233075,1233098,1235501,1235526,1236086,1236704,1237111,1238212,1238471,1238527,1238714,1238737,1238742,1238745,1238862,1238961,1238983,1239079,1239108,1239470,1239476,1239487,1239510,1239997,1240181,1240557,1240576,1240655,1240709,1240712,1240713,1240717,1240740,1240785,1240802,1240809,1240811,1240835,1240934,1240936,1240944,1241010,1241038,1241051,1241123,1241151,1241167,1241175,1241204,1241250,1241265,1241266,1241280,1241332,1241333,1241341,1241343,1241344,1241347,1241357,1241361,1241369,1241371,1241373,1241378,1241394,1241402,1241412,1241413,1241416,1241424,1241426,1241433,1241436,1241441,1241442,1241443,1241451,1241452,1241456,1241458,1241459,1241526,1241528,1241537,1241541,1241545,1241547,1241548,1241550,1241573,1241574,1241575,1241578,1241590,1241593,1241598,1241599,1241601,1241626,1241640,1241648,1242006,1242044,1242172,1242283,1242307,1242313,1242314,1242315,1242321,1242326,1242327,1242328,1
242332,1242333,1242335,1242336,1242342,1242343,1242344,1242345,1242346,1242347,1242348,1242414,1242526,1242528,1242534,1242535,1242536,1242537,1242538,1242539,1242540,1242546,1242556,1242596,1242710,1242778,1242831,1242985,CVE-2023-53034,CVE-2024-27018,CVE-2024-27415,CVE-2024-28956,CVE-2024-35840,CVE-2024-46763,CVE-2024-46865,CVE-2024-50083,CVE-2024-50162,CVE-2024-50163,CVE-2024-56641,CVE-2024-56702,CVE-2024-57924,CVE-2024-57998,CVE-2024-58001,CVE-2024-58068,CVE-2024-58070,CVE-2024-58088,CVE-2024-58093,CVE-2024-58094,CVE-2024-58095,CVE-2024-58096,CVE-2024-58097,CVE-2025-21683,CVE-2025-21696,CVE-2025-21707,CVE-2025-21758,CVE-2025-21768,CVE-2025-21792,CVE-2025-21808,CVE-2025-21812,CVE-2025-21833,CVE-2025-21852,CVE-2025-21853,CVE-2025-21854,CVE-2025-21867,CVE-2025-21904,CVE-2025-21925,CVE-2025-21926,CVE-2025-21931,CVE-2025-21962,CVE-2025-21963,CVE-2025-21964,CVE-2025-21980,CVE-2025-21985,CVE-2025-21999,CVE-2025-22004,CVE-2025-22015,CVE-2025-22016,CVE-2025-22017,CVE-2025-22018,CVE-2025-
22020,CVE-2025-22025,CVE-2025-22027,CVE-2025-22029,CVE-2025-22033,CVE-2025-22036,CVE-2025-22044,CVE-2025-22045,CVE-2025-22050,CVE-2025-22053,CVE-2025-22055,CVE-2025-22058,CVE-2025-22060,CVE-2025-22062,CVE-2025-22064,CVE-2025-22065,CVE-2025-22075,CVE-2025-22080,CVE-2025-22086,CVE-2025-22088,CVE-2025-22090,CVE-2025-22093,CVE-2025-22097,CVE-2025-22102,CVE-2025-22104,CVE-2025-22105,CVE-2025-22106,CVE-2025-22107,CVE-2025-22108,CVE-2025-22109,CVE-2025-22115,CVE-2025-22116,CVE-2025-22121,CVE-2025-22128,CVE-2025-23129,CVE-2025-23131,CVE-2025-23133,CVE-2025-23136,CVE-2025-23138,CVE-2025-23145,CVE-2025-37785,CVE-2025-37798,CVE-2025-37799,CVE-2025-37860,CVE-2025-39728
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Drop PCI patch that caused a regression (bsc#1241123)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- Revert 'drivers: core: synchronize really_probe() and dev_uevent()' (stable-fixes).
- Revert 'drm/meson: vclk: fix calculation of 59.94 fractional rates' (git-fixes).
- Revert 'tcp: Fix bind() regression for v6-only wildcard and'
- Revert 'wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()' (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc: Do not use --- in kernel logs (git-fixes).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
-----------------------------------------------------------------
Advisory ID: 337
Released: Fri May 23 15:00:13 2025
Summary: Security update for augeas
Type: security
Severity: moderate
References: 1239909,CVE-2025-2588
This update for augeas fixes the following issues:
- CVE-2025-2588: Fixed check for NULL pointers when calling re_case_expand in function fa_expand_nocase (bsc#1239909)
The following package changes have been done:
- glibc-2.38-9.1 updated
- libxml2-2-2.11.6-8.1 updated
- perl-base-5.38.2-2.1 updated
- SL-Micro-release-6.0-25.28 updated
- kernel-default-6.4.0-29.1 updated
- libglib-2_0-0-2.76.2-7.1 updated
- libsqlite3-0-3.49.1-1.1 updated
- libgobject-2_0-0-2.76.2-7.1 updated
- libgmodule-2_0-0-2.76.2-7.1 updated
- ca-certificates-mozilla-2.74-1.1 updated
- libgio-2_0-0-2.76.2-7.1 updated
- glib2-tools-2.76.2-7.1 updated
- libnm0-1.42.6-6.1 updated
- NetworkManager-1.42.6-6.1 updated
- elemental-register-1.6.9-1.1 updated
- elemental-support-1.6.9-1.1 updated
- glibc-locale-base-2.38-9.1 updated
- libfa1-1.14.1-2.1 updated
- libaugeas0-1.14.1-2.1 updated
- container:suse-toolbox-image-1.0.0-8.7 updated
More information about the sle-container-updates
mailing list