SUSE-IU-2026:2219-1: Security update of suse/sl-micro/6.1/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue Apr 14 07:27:05 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:2219-1
Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.114 , suse/sl-micro/6.1/base-os-container:latest
Image Release : 5.114
Severity : important
Type : security
References : 1226591 1245728 1249998 1251135 1251186 1251971 1252073 1252266
1253049 1253455 1254306 1255084 1256645 1256647 1256690 1256784
1257183 1257466 1257472 1257473 1257506 1257561 1257682 1257732
1257755 1257773 1257777 1257814 1257952 1258280 1258286 1258293
1258303 1258305 1258330 1258337 1258338 1258340 1258376 1258389
1258414 1258424 1258447 1258524 1258832 1258849 1259188 1259461
1259580 1259707 1259795 1259797 1259865 1259870 1259886 1259889
1259891 1259997 1259998 1260005 1260009 1260347 1260464 1260471
1260481 1260486 1260497 1260500 1260527 1260544 1260550 1260562
1260580 1260730 1260732 1260735 1260799 1261412 1261496 1261498
1261507 1261669 CVE-2024-38542 CVE-2025-39817 CVE-2025-39998
CVE-2025-40201 CVE-2025-40253 CVE-2025-68794 CVE-2025-71066 CVE-2025-71125
CVE-2025-71231 CVE-2025-71268 CVE-2025-71269 CVE-2026-23030 CVE-2026-23047
CVE-2026-23054 CVE-2026-23069 CVE-2026-23088 CVE-2026-23103 CVE-2026-23120
CVE-2026-23125 CVE-2026-23136 CVE-2026-23140 CVE-2026-23154 CVE-2026-23157
CVE-2026-23169 CVE-2026-23187 CVE-2026-23193 CVE-2026-23201 CVE-2026-23202
CVE-2026-23204 CVE-2026-23207 CVE-2026-23216 CVE-2026-23231 CVE-2026-23242
CVE-2026-23243 CVE-2026-23255 CVE-2026-23262 CVE-2026-23270 CVE-2026-23272
CVE-2026-23274 CVE-2026-23277 CVE-2026-23278 CVE-2026-23281 CVE-2026-23292
CVE-2026-23293 CVE-2026-23304 CVE-2026-23317 CVE-2026-23319 CVE-2026-23335
CVE-2026-23343 CVE-2026-23361 CVE-2026-23379 CVE-2026-23381 CVE-2026-23383
CVE-2026-23386 CVE-2026-23395 CVE-2026-23398 CVE-2026-23412 CVE-2026-23413
CVE-2026-23414 CVE-2026-23419 CVE-2026-31788
-----------------------------------------------------------------
The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: kernel-340
Released: Mon Apr 13 20:28:29 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1226591,1245728,1249998,1251135,1251186,1251971,1252073,1252266,1253049,1253455,1254306,1255084,1256645,1256647,1256690,1256784,1257183,1257466,1257472,1257473,1257506,1257561,1257682,1257732,1257755,1257773,1257777,1257814,1257952,1258280,1258286,1258293,1258303,1258305,1258330,1258337,1258338,1258340,1258376,1258389,1258414,1258424,1258447,1258524,1258832,1258849,1259188,1259461,1259580,1259707,1259795,1259797,1259865,1259870,1259886,1259889,1259891,1259997,1259998,1260005,1260009,1260347,1260464,1260471,1260481,1260486,1260497,1260500,1260527,1260544,1260550,1260562,1260580,1260730,1260732,1260735,1260799,1261412,1261496,1261498,1261507,1261669,CVE-2024-38542,CVE-2025-39817,CVE-2025-39998,CVE-2025-40201,CVE-2025-40253,CVE-2025-68794,CVE-2025-71066,CVE-2025-71125,CVE-2025-71231,CVE-2025-71268,CVE-2025-71269,CVE-2026-23030,CVE-2026-23047,CVE-2026-23054,CVE-2026-23069,CVE-2026-23088,CVE-2026-23103,CVE-2026-23120,CVE-2026-23125,CVE-2026-23136,CVE-2026-23140,CVE-2026-23154
,CVE-2026-23157,CVE-2026-23169,CVE-2026-23187,CVE-2026-23193,CVE-2026-23201,CVE-2026-23202,CVE-2026-23204,CVE-2026-23207,CVE-2026-23216,CVE-2026-23231,CVE-2026-23242,CVE-2026-23243,CVE-2026-23255,CVE-2026-23262,CVE-2026-23270,CVE-2026-23272,CVE-2026-23274,CVE-2026-23277,CVE-2026-23278,CVE-2026-23281,CVE-2026-23292,CVE-2026-23293,CVE-2026-23304,CVE-2026-23317,CVE-2026-23319,CVE-2026-23335,CVE-2026-23343,CVE-2026-23361,CVE-2026-23379,CVE-2026-23381,CVE-2026-23383,CVE-2026-23386,CVE-2026-23395,CVE-2026-23398,CVE-2026-23412,CVE-2026-23413,CVE-2026-23414,CVE-2026-23419,CVE-2026-31788
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks (bsc#1226591).
- CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (bsc#1249998).
- CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073).
- CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths
(bsc#1253455).
- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
- CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647).
- CVE-2025-71125: tracing: Do not register unsupported perf events (bsc#1256784).
- CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865).
- CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889).
- CVE-2026-23030: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (bsc#1257561).
- CVE-2026-23047: libceph: make calc_target() set t->paused, not just clear it (bsc#1257682).
- CVE-2026-23069: vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755).
- CVE-2026-23088: tracing: Fix crash on synthetic stacktrace field usage (bsc#1257814).
- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
- CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280).
- CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293).
- CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303).
- CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305).
- CVE-2026-23154: net: fix segmentation of forwarding fraglist GRO (bsc#1258286).
- CVE-2026-23169: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1258389).
- CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330).
- CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414).
- CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337).
- CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340).
- CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447).
- CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (bsc#1259188).
- CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795).
- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).
- CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891).
- CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870).
- CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886).
- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009).
- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
- CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997).
- CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).
- CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464).
- CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500).
- CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).
- CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544).
- CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562).
- CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim (bsc#1260735).
- CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550).
- CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527).
- CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732).
- CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481).
- CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).
- CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497).
- CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799).
- CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (bsc#1260580).
- CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730).
- CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412).
- CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).
- CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496).
- CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507).
- CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).
The following non-security bugs were fixed:
- ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() (git-fixes).
- ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (stable-fixes).
- ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address() (git-fixes).
- ACPI: PM: Save NVS memory on Lenovo G70-35 (stable-fixes).
- ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (git-fixes).
- ALSA: caiaq: fix stack out-of-bounds read in init_card (git-fixes).
- ALSA: firewire-lib: fix uninitialized local variable (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (stable-fixes).
- ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (stable-fixes).
- ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (stable-fixes).
- ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk (stable-fixes).
- ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git-fixes).
- ALSA: pci: hda: use snd_kcontrol_chip() (stable-fixes).
- ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (git-fixes).
- ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces (stable-fixes).
- ASoC: Intel: catpt: Fix the device initialization (git-fixes).
- ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload (git-fixes).
- ASoC: adau1372: Fix clock leak on PLL lock failure (git-fixes).
- ASoC: adau1372: Fix unchecked clk_prepare_enable() return value (git-fixes).
- ASoC: amd: acp-mach-common: Add missing error check for clock acquisition (git-fixes).
- ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (git-fixes).
- ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA (stable-fixes).
- ASoC: detect empty DMI strings (git-fixes).
- ASoC: ep93xx: Fix unchecked clk_prepare_enable() and add rollback on failure (git-fixes).
- ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (stable-fixes).
- ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (stable-fixes).
- ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start (git-fixes).
- ASoC: soc-core: drop delayed_work_pending() check before flush (git-fixes).
- ASoC: soc-core: flush delayed work before removing DAIs and widgets (git-fixes).
- Bluetooth: HIDP: Fix possible UAF (git-fixes).
- Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (git-fixes).
- Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (git-fixes).
- Bluetooth: L2CAP: Fix send LE flow credits in ACL link (git-fixes).
- Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (git-fixes).
- Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (git-fixes).
- Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (git-fixes).
- Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (git-fixes).
- Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (git-fixes).
- Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete (git-fixes).
- Bluetooth: MGMT: validate LTK enc_size on load (git-fixes).
- Bluetooth: MGMT: validate mesh send advertising payload length (git-fixes).
- Bluetooth: Remove 3 repeated macro definitions (stable-fixes).
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (git-fixes).
- Bluetooth: SCO: fix race conditions in sco_sock_connect() (git-fixes).
- Bluetooth: SMP: derive legacy responder STK authentication from MITM state (git-fixes).
- Bluetooth: SMP: force responder MITM requirements before building the pairing response (git-fixes).
- Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (git-fixes).
- Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (git-fixes).
- Bluetooth: btusb: clamp SCO altsetting table indices (git-fixes).
- Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt (git-fixes).
- Bluetooth: hci_ll: Fix firmware leak on error path (git-fixes).
- Bluetooth: hci_sync: Fix hci_le_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Remove remaining dependencies of hci_request (stable-fixes).
- Bluetooth: hci_sync: call destroy in hci_cmd_sync_run if immediate (git-fixes).
- Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes).
- Drivers: hv: remove stale comment (git-fixes).
- Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes).
- Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git-fixes).
- Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes).
- HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (stable-fixes).
- HID: apple: avoid memory leak in apple_report_fixup() (stable-fixes).
- HID: asus: avoid memory leak in asus_report_fixup() (stable-fixes).
- HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (stable-fixes).
- HID: mcp2221: cancel last I2C command on read error (stable-fixes).
- Input: synaptics-rmi4 - fix a locking bug in an error path (git-fixes).
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461).
- NFC: nxp-nci: allow GPIOs to sleep (git-fixes).
- NFC: pn533: bound the UART receive buffer (git-fixes).
- PCI: Update BAR # and window messages (stable-fixes).
- PCI: hv: Correct a comment (git-fixes).
- PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes).
- PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes).
- PCI: hv: remove unnecessary module_init/exit functions (git-fixes).
- PM: runtime: Fix a race condition related to device removal (git-fixes).
- RDMA/mana_ib: Access remote atomic for MRs (bsc#1251135).
- RDMA/mana_ib: Add EQ creation for rnic adapter (git-fixes).
- RDMA/mana_ib: Add device statistics support (git-fixes).
- RDMA/mana_ib: Add device-memory support (git-fixes).
- RDMA/mana_ib: Add port statistics support (git-fixes).
- RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).
- RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).
- RDMA/mana_ib: Adding and deleting GIDs (git-fixes).
- RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).
- RDMA/mana_ib: Configure mac address in RNIC (git-fixes).
- RDMA/mana_ib: Create and destroy RC QP (git-fixes).
- RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).
- RDMA/mana_ib: Create and destroy rnic adapter (git-fixes).
- RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).
- RDMA/mana_ib: Enable RoCE on port 1 (git-fixes).
- RDMA/mana_ib: Extend modify QP (git-fixes).
- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
- RDMA/mana_ib: Fix error code in probe() (git-fixes).
- RDMA/mana_ib: Fix integer overflow during queue creation (bsc#1251135).
- RDMA/mana_ib: Fix missing ret value (git-fixes).
- RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).
- RDMA/mana_ib: Implement DMABUF MR support (git-fixes).
- RDMA/mana_ib: Implement port parameters (git-fixes).
- RDMA/mana_ib: Implement uapi to create and destroy RC QP (git-fixes).
- RDMA/mana_ib: Introduce helpers to create and destroy mana queues (git-fixes).
- RDMA/mana_ib: Introduce mana_ib_get_netdev helper function (git-fixes).
- RDMA/mana_ib: Introduce mana_ib_install_cq_cb helper function (git-fixes).
- RDMA/mana_ib: Introduce mdev_to_gc helper function (git-fixes).
- RDMA/mana_ib: Modify QP state (git-fixes).
- RDMA/mana_ib: Process QP error events in mana_ib (git-fixes).
- RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes).
- RDMA/mana_ib: Set correct device into ib (git-fixes).
- RDMA/mana_ib: Take CQ type from the device type (git-fixes).
- RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).
- RDMA/mana_ib: UD/GSI work requests (git-fixes).
- RDMA/mana_ib: Use num_comp_vectors of ib_device (git-fixes).
- RDMA/mana_ib: Use safer allocation function() (bsc#1251135).
- RDMA/mana_ib: Use struct mana_ib_queue for CQs (git-fixes).
- RDMA/mana_ib: Use struct mana_ib_queue for RAW QPs (git-fixes).
- RDMA/mana_ib: Use struct mana_ib_queue for WQs (git-fixes).
- RDMA/mana_ib: add additional port counters (bsc#1251135).
- RDMA/mana_ib: add support of multiple ports (bsc#1251135).
- RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).
- RDMA/mana_ib: create EQs for RNIC CQs (git-fixes).
- RDMA/mana_ib: create and destroy RNIC cqs (git-fixes).
- RDMA/mana_ib: create kernel-level CQs (git-fixes).
- RDMA/mana_ib: create/destroy AH (git-fixes).
- RDMA/mana_ib: extend mana QP table (git-fixes).
- RDMA/mana_ib: extend query device (git-fixes).
- RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).
- RDMA/mana_ib: implement get_dma_mr (git-fixes).
- RDMA/mana_ib: implement req_notify_cq (git-fixes).
- RDMA/mana_ib: implement uapi for creation of rnic cq (git-fixes).
- RDMA/mana_ib: indicate CM support (git-fixes).
- RDMA/mana_ib: introduce a helper to remove cq callbacks (git-fixes).
- RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).
- RDMA/mana_ib: remove useless return values from dbg prints (git-fixes).
- RDMA/mana_ib: request error CQEs when supported (git-fixes).
- RDMA/mana_ib: set node_guid (git-fixes).
- RDMA/mana_ib: support of the zero based MRs (bsc#1251135).
- RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes).
- Remove 'scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans' changes (bsc#1257506).
- USB: core: Limit the length of unkillable synchronous timeouts (git-fixes).
- USB: dummy-hcd: Fix interrupt synchronization error (git-fixes).
- USB: dummy-hcd: Fix locking/synchronization error (git-fixes).
- USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed (stable-fixes).
- USB: serial: f81232: fix incomplete serial port generation (stable-fixes).
- USB: usbcore: Introduce usb_bulk_msg_killable() (git-fixes).
- USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts (git-fixes).
- accel/qaic: Handle DBC deactivation if the owner went away (git-fixes).
- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
- apparmor: fix differential encoding verification (bsc#1258849).
- apparmor: fix memory leak in verify_header (bsc#1258849).
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
- apparmor: fix race on rawdata dereference (bsc#1258849).
- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
- batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes).
- bonding: do not set usable_slaves for broadcast mode (git-fixes).
- btrfs: fix zero size inode with non-zero size after log replay (git-fixes).
- btrfs: log new dentries when logging parent dir of a conflicting inode (git-fixes).
- btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777).
- can: bcm: fix locking for bcm_op runtime updates (git-fixes).
- can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes).
- can: gw: fix OOB heap access in cgw_csum_crc8_rel() (git-fixes).
- can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value (git-fixes).
- can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (git-fixes).
- can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes).
- can: ucan: Fix infinite loop from zero-length messages (git-fixes).
- can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes).
- comedi: Reinit dev->spinlock between attachments to low-level drivers (git-fixes).
- comedi: me4000: Fix potential overrun of firmware buffer (git-fixes).
- comedi: me_daq: Fix potential overrun of firmware buffer (git-fixes).
- comedi: ni_atmio16d: Fix invalid clean-up after failed attach (git-fixes).
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (git-fixes).
- crypto: caam - fix DMA corruption on long hmac keys (git-fixes).
- crypto: caam - fix overflow on long hmac keys (git-fixes).
- dmaengine: idxd: Fix freeing the allocated ida too late (git-fixes).
- dmaengine: idxd: Fix leaking event log memory (git-fixes).
- dmaengine: idxd: Fix memory leak when a wq is reset (git-fixes).
- dmaengine: idxd: Fix not releasing workqueue on .release() (git-fixes).
- dmaengine: idxd: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (git-fixes).
- dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes).
- dmaengine: sh: rz-dmac: Protect the driver specific lists (git-fixes).
- dmaengine: xilinx: xdma: Fix regmap init error handling (git-fixes).
- dmaengine: xilinx: xilinx_dma: Fix dma_device directions (git-fixes).
- dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (git-fixes).
- dmaengine: xilinx: xilinx_dma: Fix unmasked residue subtraction (git-fixes).
- drm/amd/display: Add pixel_clock to amd_pp_display_configuration (stable-fixes).
- drm/amd/display: Fix DisplayID not-found handling in parse_edid_displayid_vrr() (git-fixes).
- drm/amd: Set num IP blocks to 0 if discovery fails (stable-fixes).
- drm/amdgpu/gmc9.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub2.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub2.3: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub3.0.1: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub3.0.2: add bounds checking for cid (stable-fixes).
- drm/amdgpu/mmhub3.0: add bounds checking for cid (stable-fixes).
- drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib (git-fixes).
- drm/amdgpu: Fix use-after-free race in VM acquire (stable-fixes).
- drm/amdgpu: apply state adjust rules to some additional HAINAN vairants (stable-fixes).
- drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable-fixes).
- drm/ast: dp501: Fix initialization of SCU2C (git-fixes).
- drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding (git-fixes).
- drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD (stable-fixes).
- drm/i915/dp: Use crtc_state->enhanced_framing properly on ivb/hsw CPU eDP (git-fixes).
- drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (git-fixes).
- drm/i915/gt: Check set_default_submission() before deferencing (git-fixes).
- drm/ioc32: stop speculation on the drm_compat_ioctl path (git-fixes).
- drm/msm/dsi: Document DSC related pclk_rate and hdisplay calculations (stable-fixes).
- drm/msm/dsi: fix hdisplay calculation when programming dsi registers (git-fixes).
- drm/msm/dsi: fix pclk rate calculation for bonded dsi (git-fixes).
- drm/radeon: apply state adjust rules to some additional HAINAN vairants (stable-fixes).
- drm/sched: Fix kernel-doc warning for drm_sched_job_done() (git-fixes).
- drm/solomon: Fix page start when updating rectangle in page addressing mode (git-fixes).
- firmware: arm_scpi: Fix device_node reference leak in probe path (git-fixes).
- gpio: mxc: map Both Edge pad wakeup to Rising Edge (git-fixes).
- hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format (git-fixes).
- hv/hv_kvp_daemon: Pass NIC name to hv_get_dns_info as well (git-fixes).
- hwmon: (adm1177) fix sysfs ABI violation and current unit conversion (git-fixes).
- hwmon: (axi-fan-control) Make use of dev_err_probe() (stable-fixes).
- hwmon: (axi-fan-control) Use device firmware agnostic API (stable-fixes).
- hwmon: (it87) Check the it87_lock() return value (git-fixes).
- hwmon: (occ) Fix division by zero in occ_show_power_1() (git-fixes).
- hwmon: (occ) Fix missing newline in occ_show_extended() (git-fixes).
- hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature (git-fixes).
- hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() (git-fixes).
- hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes (git-fixes).
- hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (git-fixes).
- hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (git-fixes).
- hwmon: (pxe1610) Check return value of page-select write in probe (git-fixes).
- hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (git-fixes).
- hwmon: axi-fan: do not use driver_override as IRQ name (git-fixes).
- i2c: cp2615: fix serial string NULL-deref at probe (git-fixes).
- i2c: cp2615: replace deprecated strncpy with strscpy (stable-fixes).
- i2c: fsi: Fix a potential leak in fsi_i2c_probe() (git-fixes).
- i2c: pxa: defer reset on Armada 3700 when recovery is used (git-fixes).
- idpf: nullify pointers after they are freed (git-fixes).
- iio: accel: fix ADXL355 temperature signature value (git-fixes).
- iio: adc: ti-adc161s626: fix buffer read on big-endian (git-fixes).
- iio: chemical: bme680: Fix measurement wait duration calculation (git-fixes).
- iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (git-fixes).
- iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (git-fixes).
- iio: dac: ad5770r: fix error return in ad5770r_read_raw() (git-fixes).
- iio: dac: ds4424: reject -128 RAW value (git-fixes).
- iio: frequency: adf4377: Fix duplicated soft reset mask (git-fixes).
- iio: gyro: mpu3050-core: fix pm_runtime error handling (git-fixes).
- iio: gyro: mpu3050-i2c: fix pm_runtime error handling (git-fixes).
- iio: gyro: mpu3050: Fix incorrect free_irq() variable (git-fixes).
- iio: gyro: mpu3050: Fix irq resource leak (git-fixes).
- iio: gyro: mpu3050: Fix out-of-sequence free_irq() (git-fixes).
- iio: gyro: mpu3050: Move iio_device_register() to correct location (git-fixes).
- iio: imu: bmi160: Remove potential undefined behavior in bmi160_config_pin() (git-fixes).
- iio: imu: bno055: fix BNO055_SCAN_CH_COUNT off by one (git-fixes).
- iio: imu: inv_icm42600: fix odr switch to the same value (git-fixes).
- iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (git-fixes).
- iio: light: vcnl4035: fix scan buffer on big-endian (git-fixes).
- iio: potentiometer: mcp4131: fix double application of wiper shift (git-fixes).
- media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (git-fixes).
- media: tegra-video: Use accessors for pad config 'try_*' fields (stable-fixes).
- mfd: omap-usb-host: Convert to platform remove callback returning void (stable-fixes).
- mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes).
- mfd: qcom-pm8xxx: Convert to platform remove callback returning void (stable-fixes).
- mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes).
- misc: fastrpc: possible double-free of cctx->remote_heap (git-fixes).
- mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (git-fixes).
- mmc: sdhci: fix timing selection for 1-bit bus width (git-fixes).
- mtd: Avoid boot crash in RedBoot partition table parser (git-fixes).
- mtd: rawnand: brcmnand: skip DMA during panic write (git-fixes).
- mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (git-fixes).
- mtd: rawnand: pl353: make sure optimal timings are applied (git-fixes).
- mtd: rawnand: serialize lock/unlock against other NAND operations (git-fixes).
- mtd: spi-nor: core: avoid odd length/address reads on 8D-8D-8D mode (stable-fixes).
- mtd: spi-nor: core: avoid odd length/address writes in 8D-8D-8D mode (stable-fixes).
- net/mana: Null service_wq on setup error to prevent double destroy (git-fix).
- net/mlx5: Fix crash when moving to switchdev mode (git-fixes).
- net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (git-fixes).
- net/x25: Fix overflow when accumulating packets (git-fixes).
- net/x25: Fix potential double free of skb (git-fixes).
- net: mana: Add metadata support for xdp mode (git-fixes).
- net: mana: Add standard counter rx_missed_errors (git-fixes).
- net: mana: Add support for auxiliary device servicing events (bsc#1251971).
- net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).
- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).
- net: mana: Fix double destroy_workqueue on service rescan PCI path (git-fixes).
- net: mana: Fix use-after-free in reset service rescan path (git-fixes).
- net: mana: Fix warnings for missing export.h header inclusion (git-fixes).
- net: mana: Handle Reset Request from MANA NIC (bsc#1245728 bsc#1251971).
- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
- net: mana: Handle hardware recovery events when probing the device (bsc#1257466).
- net: mana: Handle unsupported HWC commands (git-fixes).
- net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472).
- net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).
- net: mana: Probe rdma device in mana driver (git-fixes).
- net: mana: Reduce waiting time if HWC not responding (bsc#1252266).
- net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes).
- net: mana: Support HW link state events (bsc#1253049).
- net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).
- net: mana: Use mana_cleanup_port_context() for rxq cleanup (git-fixes).
- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).
- net: mana: fix use-after-free in add_adev() error path (git-fixes).
- net: mana: use ethtool string helpers (git-fixes).
- net: nfc: nci: Fix zero-length proprietary notifications (git-fixes).
- net: usb: aqc111: Do not perform PM inside suspend callback (git-fixes).
- net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (git-fixes).
- net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check (git-fixes).
- net: usb: lan78xx: fix TX byte statistics for small packets (git-fixes).
- net: usb: lan78xx: fix silent drop of packets with checksum errors (git-fixes).
- net: usb: pegasus: validate USB endpoints (stable-fixes).
- nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (git-fixes).
- nfc: nci: fix circular locking dependency in nci_close_device (git-fixes).
- nfc: nci: free skb on nci_transceive early error paths (git-fixes).
- nfc: rawsock: cancel tx_work before socket teardown (git-fixes).
- nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (git-fixes).
- phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (git-fixes).
- pinctrl: equilibrium: fix warning trace on load (git-fixes).
- pinctrl: equilibrium: rename irq_chip function callbacks (stable-fixes).
- pinctrl: mediatek: common: Fix probe failure for devices without EINT (git-fixes).
- pinctrl: qcom: spmi-gpio: implement .get_direction() (git-fixes).
- platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (git-fixes).
- platform/x86: ISST: Correct locked bit width (git-fixes).
- platform/x86: dell-wmi-sysman: Do not hex dump plaintext password data (git-fixes).
- platform/x86: dell-wmi: Add audio/mic mute key codes (stable-fixes).
- platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (stable-fixes).
- platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (stable-fixes).
- platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (stable-fixes).
- qmi_wwan: allow max_mtu above hard_mtu to control rx_urb_size (git-fixes).
- regmap: Synchronize cache for the page selector (git-fixes).
- regulator: pca9450: Correct interrupt type (git-fixes).
- regulator: pca9450: Make IRQ optional (stable-fixes).
- remoteproc: sysmon: Correct subsys_name_len type in QMI request (git-fixes).
- rename Hyper-v patch files to simplify further SP6-SP7 merges
- s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306).
- scsi: mpi3mr: Event processing debug improvement (bsc#1251186, bsc#1258832).
- scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (git-fixes).
- scsi: storvsc: Remove redundant ternary operators (git-fixes).
- selftests/powerpc: Re-order *FLAGS to follow lib.mk (bsc#1261669).
- selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669).
- selftests/powerpc: make sub-folders buildable on their own (bsc#1261669).
- serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY (git-fixes).
- serial: 8250: Fix TX deadlock when using DMA (git-fixes).
- serial: 8250_pci: add support for the AX99100 (stable-fixes).
- serial: uartlite: fix PM runtime usage count underflow on probe (git-fixes).
- soc: aspeed: socinfo: Mask table entries for accurate SoC ID matching (git-fixes).
- soc: fsl: qbman: fix race condition in qman_destroy_fq (git-fixes).
- spi: fix statistics allocation (git-fixes).
- spi: fix use-after-free on controller registration failure (git-fixes).
- spi: spi-fsl-lpspi: fix teardown order issue (UAF) (git-fixes).
- staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() (stable-fixes).
- tg3: Fix race for querying speed/duplex (bsc#1257183).
- thunderbolt: Fix property read in nhi_wake_supported() (git-fixes).
- tools/hv: add a .gitignore file (git-fixes).
- tools/hv: reduce resouce usage in hv_get_dns_info helper (git-fixes).
- tools/hv: reduce resource usage in hv_kvp_daemon (git-fixes).
- tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes).
- tools: hv: lsvmbus: change shebang to use python3 (git-fixes).
- usb/core/quirks: Add Huawei ME906S-device to wakeup quirk (stable-fixes).
- usb: cdc-acm: Restore CAP_BRK functionnality to CH343 (git-fixes).
- usb: cdns3: call cdns_power_is_lost() only once in cdns_resume() (stable-fixes).
- usb: cdns3: fix role switching during resume (git-fixes).
- usb: cdns3: gadget: fix NULL pointer dereference in ep_queue (git-fixes).
- usb: cdns3: gadget: fix state inconsistency on gadget init failure (git-fixes).
- usb: cdns3: remove redundant if branch (stable-fixes).
- usb: class: cdc-wdm: fix reordering issue in read code path (git-fixes).
- usb: core: do not power off roothub PHYs if phy_set_mode() fails (git-fixes).
- usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop() (git-fixes).
- usb: dwc3: pci: add support for the Intel Nova Lake -H (stable-fixes).
- usb: ehci-brcm: fix sleep during atomic (git-fixes).
- usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() (git-fixes).
- usb: gadget: f_rndis: Protect RNDIS options with mutex (git-fixes).
- usb: gadget: f_subset: Fix unbalanced refcnt in geth_free (git-fixes).
- usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop (git-fixes).
- usb: gadget: uvc: fix NULL pointer dereference during unbind race (git-fixes).
- usb: image: mdc800: kill download URB on timeout (stable-fixes).
- usb: mdc800: handle signal and read racing (stable-fixes).
- usb: misc: uss720: properly clean up reference in uss720_probe() (stable-fixes).
- usb: renesas_usbhs: fix use-after-free in ISR during device removal (git-fixes).
- usb: roles: get usb role switch from parent only for usb-b-connector (git-fixes).
- usb: ulpi: fix double free in ulpi_register_interface() error path (git-fixes).
- usb: usbtmc: Flush anchored URBs in usbtmc_release (git-fixes).
- usb: xhci: Fix memory leak in xhci_disable_slot() (git-fixes).
- usb: xhci: Prevent interrupt storm on host controller error (HCE) (stable-fixes).
- usb: yurex: fix race in probe (stable-fixes).
- wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down (git-fixes).
- wifi: cw1200: Fix locking in error paths (git-fixes).
- wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() (git-fixes).
- wifi: mac80211: Fix static_branch_dec() underflow for aql_disable (git-fixes).
- wifi: mac80211: fix NULL deref in mesh_matches_local() (git-fixes).
- wifi: mac80211: set default WMM parameters on all links (stable-fixes).
- wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() (git-fixes).
- wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() (git-fixes).
- wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() (git-fixes).
- wifi: rsi: Do not default to -EOPNOTSUPP in rsi_mac80211_config (git-fixes).
- wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation (git-fixes).
- wifi: wlcore: Fix a locking bug (git-fixes).
- wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (git-fixes).
- x86/platform/uv: Handle deconfigured sockets (bsc#1260347).
- xen/privcmd: unregister xenstore notifier on module exit (git-fixes).
The following package changes have been done:
- kernel-default-6.4.0-41.1 updated
More information about the sle-container-updates
mailing list