SUSE-IU-2026:1212-1: Security update of suse/sl-micro/6.2/rt-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Feb 28 08:14:49 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/rt-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1212-1
Image Tags : suse/sl-micro/6.2/rt-os-container:2.3.0 , suse/sl-micro/6.2/rt-os-container:2.3.0-6.62 , suse/sl-micro/6.2/rt-os-container:latest
Image Release : 6.62
Severity : important
Type : security
References : 1205462 1214285 1215199 1235905 1242505 1242974 1242986 1243452
1243507 1243662 1246184 1246282 1247030 1247292 1247712 1248166
1248175 1248178 1248179 1248185 1248188 1248196 1248206 1248208
1248209 1248211 1248212 1248213 1248214 1248216 1248217 1248222
1248227 1248228 1248229 1248232 1248234 1248240 1248360 1248366
1248384 1248626 1249307 1249609 1249895 1249998 1250032 1250082
1250388 1250705 1250738 1250748 1252712 1252773 1252784 1252891
1252900 1253049 1253078 1253079 1253087 1253344 1253500 1253739
1254244 1254308 1254447 1254839 1254842 1254845 1254977 1255102
1255128 1255157 1255164 1255172 1255216 1255232 1255241 1255245
1255266 1255268 1255269 1255319 1255327 1255346 1255403 1255417
1255459 1255482 1255506 1255526 1255527 1255529 1255530 1255536
1255537 1255542 1255544 1255547 1255569 1255593 1255622 1255694
1255695 1255703 1255708 1255811 1255930 1256579 1256582 1256584
1256586 1256591 1256592 1256593 1256594 1256597 1256605 1256607
1256608 1256609 1256610 1256611 1256612 1256613 1256616 1256617
1256619 1256622 1256623 1256625 1256627 1256628 1256630 1256632
1256638 1256641 1256643 1256645 1256646 1256650 1256651 1256653
1256654 1256655 1256656 1256659 1256660 1256661 1256664 1256665
1256667 1256668 1256674 1256677 1256680 1256682 1256683 1256688
1256689 1256716 1256726 1256728 1256730 1256733 1256737 1256741
1256742 1256744 1256748 1256749 1256752 1256754 1256755 1256756
1256757 1256759 1256760 1256761 1256763 1256770 1256773 1256774
1256777 1256779 1256781 1256785 1256792 1256793 1256794 1256864
1256865 1256867 1256975 1257015 1257035 1257053 1257154 1257155
1257158 1257159 1257163 1257164 1257167 1257168 1257179 1257180
1257202 1257204 1257207 1257208 1257215 1257217 1257218 1257220
1257221 1257225 1257227 1257232 1257234 1257236 1257243 1257245
1257276 1257277 1257279 1257282 1257296 1257309 1257473 1257504
1257603 CVE-2024-54031 CVE-2025-37744 CVE-2025-37751 CVE-2025-37841
CVE-2025-37845 CVE-2025-37904 CVE-2025-37955 CVE-2025-38243 CVE-2025-38262
CVE-2025-38297 CVE-2025-38298 CVE-2025-38379 CVE-2025-38423 CVE-2025-38505
CVE-2025-38507 CVE-2025-38510 CVE-2025-38511 CVE-2025-38512 CVE-2025-38513
CVE-2025-38515 CVE-2025-38516 CVE-2025-38520 CVE-2025-38521 CVE-2025-38529
CVE-2025-38530 CVE-2025-38535 CVE-2025-38537 CVE-2025-38538 CVE-2025-38539
CVE-2025-38540 CVE-2025-38541 CVE-2025-38543 CVE-2025-38547 CVE-2025-38548
CVE-2025-38550 CVE-2025-38551 CVE-2025-38569 CVE-2025-38589 CVE-2025-38590
CVE-2025-38645 CVE-2025-39689 CVE-2025-39795 CVE-2025-39813 CVE-2025-39814
CVE-2025-39817 CVE-2025-39829 CVE-2025-39880 CVE-2025-39913 CVE-2025-39927
CVE-2025-40030 CVE-2025-40045 CVE-2025-40097 CVE-2025-40106 CVE-2025-40147
CVE-2025-40195 CVE-2025-40257 CVE-2025-40259 CVE-2025-40261 CVE-2025-40363
CVE-2025-68174 CVE-2025-68178 CVE-2025-68188 CVE-2025-68200 CVE-2025-68211
CVE-2025-68218 CVE-2025-68227 CVE-2025-68241 CVE-2025-68245 CVE-2025-68261
CVE-2025-68296 CVE-2025-68297 CVE-2025-68320 CVE-2025-68325 CVE-2025-68337
CVE-2025-68341 CVE-2025-68348 CVE-2025-68349 CVE-2025-68356 CVE-2025-68359
CVE-2025-68360 CVE-2025-68361 CVE-2025-68366 CVE-2025-68367 CVE-2025-68368
CVE-2025-68372 CVE-2025-68374 CVE-2025-68376 CVE-2025-68379 CVE-2025-68725
CVE-2025-68735 CVE-2025-68741 CVE-2025-68743 CVE-2025-68764 CVE-2025-68768
CVE-2025-68770 CVE-2025-68771 CVE-2025-68773 CVE-2025-68775 CVE-2025-68776
CVE-2025-68777 CVE-2025-68778 CVE-2025-68783 CVE-2025-68784 CVE-2025-68788
CVE-2025-68789 CVE-2025-68792 CVE-2025-68795 CVE-2025-68797 CVE-2025-68798
CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68802 CVE-2025-68803
CVE-2025-68804 CVE-2025-68808 CVE-2025-68811 CVE-2025-68813 CVE-2025-68814
CVE-2025-68815 CVE-2025-68816 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821
CVE-2025-68822 CVE-2025-71064 CVE-2025-71066 CVE-2025-71073 CVE-2025-71076
CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71080 CVE-2025-71081
CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085 CVE-2025-71086
CVE-2025-71087 CVE-2025-71088 CVE-2025-71089 CVE-2025-71091 CVE-2025-71093
CVE-2025-71094 CVE-2025-71095 CVE-2025-71097 CVE-2025-71098 CVE-2025-71099
CVE-2025-71100 CVE-2025-71101 CVE-2025-71108 CVE-2025-71111 CVE-2025-71112
CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119
CVE-2025-71120 CVE-2025-71123 CVE-2025-71126 CVE-2025-71130 CVE-2025-71131
CVE-2025-71132 CVE-2025-71133 CVE-2025-71135 CVE-2025-71136 CVE-2025-71137
CVE-2025-71138 CVE-2025-71141 CVE-2025-71142 CVE-2025-71143 CVE-2025-71145
CVE-2025-71147 CVE-2025-71148 CVE-2025-71149 CVE-2025-71154 CVE-2025-71156
CVE-2025-71157 CVE-2025-71162 CVE-2025-71163 CVE-2026-22976 CVE-2026-22977
CVE-2026-22978 CVE-2026-22981 CVE-2026-22982 CVE-2026-22984 CVE-2026-22985
CVE-2026-22986 CVE-2026-22988 CVE-2026-22989 CVE-2026-22990 CVE-2026-22991
CVE-2026-22992 CVE-2026-22993 CVE-2026-22996 CVE-2026-22997 CVE-2026-22999
CVE-2026-23000 CVE-2026-23001 CVE-2026-23002 CVE-2026-23005 CVE-2026-23006
CVE-2026-23011
-----------------------------------------------------------------
The container suse/sl-micro/6.2/rt-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 310
Released: Thu Feb 26 08:38:22 2026
Summary: Recommended update for openssl-3
Type: recommended
Severity: low
References:
This update for openssl-3 fixes the following issues:
- removed test patches because they are not needed.
-----------------------------------------------------------------
Advisory ID: 325
Released: Fri Feb 27 14:03:55 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1205462,1214285,1215199,1235905,1242505,1242974,1242986,1243452,1243507,1243662,1246184,1246282,1247030,1247292,1247712,1248166,1248175,1248178,1248179,1248185,1248188,1248196,1248206,1248208,1248209,1248211,1248212,1248213,1248214,1248216,1248217,1248222,1248227,1248228,1248229,1248232,1248234,1248240,1248360,1248366,1248384,1248626,1249307,1249609,1249895,1249998,1250032,1250082,1250388,1250705,1250738,1250748,1252712,1252773,1252784,1252891,1252900,1253049,1253078,1253079,1253087,1253344,1253500,1253739,1254244,1254308,1254447,1254839,1254842,1254845,1254977,1255102,1255128,1255157,1255164,1255172,1255216,1255232,1255241,1255245,1255266,1255268,1255269,1255319,1255327,1255346,1255403,1255417,1255459,1255482,1255506,1255526,1255527,1255529,1255530,1255536,1255537,1255542,1255544,1255547,1255569,1255593,1255622,1255694,1255695,1255703,1255708,1255811,1255930,1256579,1256582,1256584,1256586,1256591,1256592,1256593,1256594,1256597,1256605,1256607,1256608,1256609,1256610,1
256611,1256612,1256613,1256616,1256617,1256619,1256622,1256623,1256625,1256627,1256628,1256630,1256632,1256638,1256641,1256643,1256645,1256646,1256650,1256651,1256653,1256654,1256655,1256656,1256659,1256660,1256661,1256664,1256665,1256667,1256668,1256674,1256677,1256680,1256682,1256683,1256688,1256689,1256716,1256726,1256728,1256730,1256733,1256737,1256741,1256742,1256744,1256748,1256749,1256752,1256754,1256755,1256756,1256757,1256759,1256760,1256761,1256763,1256770,1256773,1256774,1256777,1256779,1256781,1256785,1256792,1256793,1256794,1256864,1256865,1256867,1256975,1257015,1257035,1257053,1257154,1257155,1257158,1257159,1257163,1257164,1257167,1257168,1257179,1257180,1257202,1257204,1257207,1257208,1257215,1257217,1257218,1257220,1257221,1257225,1257227,1257232,1257234,1257236,1257243,1257245,1257276,1257277,1257279,1257282,1257296,1257309,1257473,1257504,1257603,CVE-2024-54031,CVE-2025-37744,CVE-2025-37751,CVE-2025-37841,CVE-2025-37845,CVE-2025-37904,CVE-2025-37955,CVE-2025-3824
3,CVE-2025-38262,CVE-2025-38297,CVE-2025-38298,CVE-2025-38379,CVE-2025-38423,CVE-2025-38505,CVE-2025-38507,CVE-2025-38510,CVE-2025-38511,CVE-2025-38512,CVE-2025-38513,CVE-2025-38515,CVE-2025-38516,CVE-2025-38520,CVE-2025-38521,CVE-2025-38529,CVE-2025-38530,CVE-2025-38535,CVE-2025-38537,CVE-2025-38538,CVE-2025-38539,CVE-2025-38540,CVE-2025-38541,CVE-2025-38543,CVE-2025-38547,CVE-2025-38548,CVE-2025-38550,CVE-2025-38551,CVE-2025-38569,CVE-2025-38589,CVE-2025-38590,CVE-2025-38645,CVE-2025-39689,CVE-2025-39795,CVE-2025-39813,CVE-2025-39814,CVE-2025-39817,CVE-2025-39829,CVE-2025-39880,CVE-2025-39913,CVE-2025-39927,CVE-2025-40030,CVE-2025-40045,CVE-2025-40097,CVE-2025-40106,CVE-2025-40147,CVE-2025-40195,CVE-2025-40257,CVE-2025-40259,CVE-2025-40261,CVE-2025-40363,CVE-2025-68174,CVE-2025-68178,CVE-2025-68188,CVE-2025-68200,CVE-2025-68211,CVE-2025-68218,CVE-2025-68227,CVE-2025-68241,CVE-2025-68245,CVE-2025-68261,CVE-2025-68296,CVE-2025-68297,CVE-2025-68320,CVE-2025-68325,CVE-2025-68337,CVE-2
025-68341,CVE-2025-68348,CVE-2025-68349,CVE-2025-68356,CVE-2025-68359,CVE-2025-68360,CVE-2025-68361,CVE-2025-68366,CVE-2025-68367,CVE-2025-68368,CVE-2025-68372,CVE-2025-68374,CVE-2025-68376,CVE-2025-68379,CVE-2025-68725,CVE-2025-68735,CVE-2025-68741,CVE-2025-68743,CVE-2025-68764,CVE-2025-68768,CVE-2025-68770,CVE-2025-68771,CVE-2025-68773,CVE-2025-68775,CVE-2025-68776,CVE-2025-68777,CVE-2025-68778,CVE-2025-68783,CVE-2025-68784,CVE-2025-68788,CVE-2025-68789,CVE-2025-68792,CVE-2025-68795,CVE-2025-68797,CVE-2025-68798,CVE-2025-68799,CVE-2025-68800,CVE-2025-68801,CVE-2025-68802,CVE-2025-68803,CVE-2025-68804,CVE-2025-68808,CVE-2025-68811,CVE-2025-68813,CVE-2025-68814,CVE-2025-68815,CVE-2025-68816,CVE-2025-68819,CVE-2025-68820,CVE-2025-68821,CVE-2025-68822,CVE-2025-71064,CVE-2025-71066,CVE-2025-71073,CVE-2025-71076,CVE-2025-71077,CVE-2025-71078,CVE-2025-71079,CVE-2025-71080,CVE-2025-71081,CVE-2025-71082,CVE-2025-71083,CVE-2025-71084,CVE-2025-71085,CVE-2025-71086,CVE-2025-71087,CVE-2025-710
88,CVE-2025-71089,CVE-2025-71091,CVE-2025-71093,CVE-2025-71094,CVE-2025-71095,CVE-2025-71097,CVE-2025-71098,CVE-2025-71099,CVE-2025-71100,CVE-2025-71101,CVE-2025-71108,CVE-2025-71111,CVE-2025-71112,CVE-2025-71113,CVE-2025-71114,CVE-2025-71116,CVE-2025-71118,CVE-2025-71119,CVE-2025-71120,CVE-2025-71123,CVE-2025-71126,CVE-2025-71130,CVE-2025-71131,CVE-2025-71132,CVE-2025-71133,CVE-2025-71135,CVE-2025-71136,CVE-2025-71137,CVE-2025-71138,CVE-2025-71141,CVE-2025-71142,CVE-2025-71143,CVE-2025-71145,CVE-2025-71147,CVE-2025-71148,CVE-2025-71149,CVE-2025-71154,CVE-2025-71156,CVE-2025-71157,CVE-2025-71162,CVE-2025-71163,CVE-2026-22976,CVE-2026-22977,CVE-2026-22978,CVE-2026-22981,CVE-2026-22982,CVE-2026-22984,CVE-2026-22985,CVE-2026-22986,CVE-2026-22988,CVE-2026-22989,CVE-2026-22990,CVE-2026-22991,CVE-2026-22992,CVE-2026-22993,CVE-2026-22996,CVE-2026-22997,CVE-2026-22999,CVE-2026-23000,CVE-2026-23001,CVE-2026-23002,CVE-2026-23005,CVE-2026-23006,CVE-2026-23011
The SUSE Linux Enterprise 16.0 and SL MIxro 6.2 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-40147: blk-throttle: fix access race during throttle policy activation (bsc#1253344).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68211: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item (bsc#1255319).
- CVE-2025-68218: nvme-multipath: fix lockdep WARN due to partition scan work (bsc#1255245).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68341: veth: reduce XDP no_direct return section to fix race (bsc#1255506).
- CVE-2025-68348: block: fix memory leak in __blkdev_issue_zero_pages (bsc#1255694).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68356: gfs2: Prevent recursive memory reclaim (bsc#1255593).
- CVE-2025-68359: btrfs: fix double free of qgroup record after failure to add delayed ref head (bsc#1255542).
- CVE-2025-68360: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks (bsc#1255536).
- CVE-2025-68361: erofs: limit the level of fs stacking for file-backed mounts (bsc#1255526).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68368: md: init bioset in mddev_init (bsc#1255527).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68376: coresight: ETR: Fix ETR buffer use-after-free issue (bsc#1255529).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68735: drm/panthor: Prevent potential UAF in group creation (bsc#1255811).
- CVE-2025-68741: scsi: qla2xxx: Fix improper freeing of purex item (bsc#1255703).
- CVE-2025-68743: mshv: Fix create memory region overlap check (bsc#1255708).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68784: xfs: fix a UAF problem in xattr repair (bsc#1256793).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68792: tpm2-sessions: Fix out of range indexing in name_size (bsc#1256656).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68799: caif: fix integer underflow in cffrml_receive() (bsc#1256643).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: NFSD: NFSv4 file creation neglects setting ACL (bsc#1256770).
- CVE-2025-68811: svcrdma: use rc_pageoff for memcpy byte offset (bsc#1256677).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-68821: fuse: fix readahead reclaim deadlock (bsc#1256667).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71126: mptcp: avoid deadlock on fallback while reinjecting (bsc#1256755).
- CVE-2025-71132: smc91x: fix broken irq-context in PREEMPT_RT (bsc#1256737).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix 'UBSAN: shift-out-of-bounds error' (bsc#1256760).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).
- CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22981: idpf: detach and close netdevs while handling a reset (bsc#1257225).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22986: gpiolib: fix race condition for gdev->srcu (bsc#1257276).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
The following non security issues were fixed:
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- Add bugnumber to an existing hv_netvsc change (bsc#1257473).
- Fix locking issue introduced by a CVE backport (bsc#1256975 bsc#1254977).
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- arm64: Update config files. Disable DEVPORT (bsc#1256792)
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- btrfs: pass fs_info to btrfs_delete_ref_head() (git-fixes).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- bus: fsl-mc: Constify fsl_mc_device_match() (jsc#PED-10906 git-fixes).
- drm/imagination: Wait for FW trace update command completion (git-fixes).
- drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- libbpf: Fix -Wdiscarded-qualifiers under C23 (bsc#1257309).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
- net: mana: Fix incorrect speed reported by debugfs (bsc#1255232).
- net: mana: Support HW link state events (bsc#1253049).
- nfsd: adjust WARN_ON_ONCE in revoke_delegation (bsc#1257015).
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- sched/fair: Disable scheduler feature NEXT_BUDDY (bsc#1255459).
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256864).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256864).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).
- slimbus: core: Constify slim_eaddr_equal() (jsc#PED-10906 git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- tsm-mr: Add TVM Measurement Register support (bsc#1257504).
- tsm-mr: Add tsm-mr sample code (bsc#1257504).
- virt: tdx-guest: Expose TDX MRs as sysfs attributes (bsc#1257504).
- virt: tdx-guest: Refactor and streamline TDREPORT generation (bsc#1257504).
- virt: tdx-guest: Transition to scoped_cond_guard for mutex operations (bsc#1257504).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- x86/tdx: Add tdx_mcall_extend_rtmr() interface (bsc#1257504).
- x86/tdx: tdx_mcall_get_report0: Return -EBUSY on TDCALL_OPERAND_BUSY error (bsc#1257504).
The following package changes have been done:
- libopenssl3-3.5.0-160000.6.1 updated
- kernel-rt-6.12.0-160000.26.1 updated
- container:suse-sl-micro-6.2-baremetal-os-container-latest-fb676a8bfd716f90a18917bd70b4f29006ae6c7bb35a137b068d67a840a579d1-0 updated
More information about the sle-container-updates
mailing list