SUSE-CU-2026:567-1: Security update of bci/bci-sle15-kernel-module-devel
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Jan 31 08:14:35 UTC 2026
SUSE Container Update Advisory: bci/bci-sle15-kernel-module-devel
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:567-1
Container Tags : bci/bci-sle15-kernel-module-devel:15.7 , bci/bci-sle15-kernel-module-devel:15.7-56.1 , bci/bci-sle15-kernel-module-devel:latest
Container Release : 56.1
Severity : critical
Type : security
References : 1012628 1065729 1194869 1205462 1214285 1214635 1214847 1215146
1215211 1215344 1216062 1216436 1219165 1220419 1223731 1232223
1234163 1243112 1245193 1245449 1246328 1247500 1248886 1249256
1251224 1251752 1252046 1252342 1252686 1252776 1252808 1252824
1252861 1252919 1252973 1253155 1253262 1253342 1253365 1253386
1253400 1253402 1253408 1253413 1253442 1253458 1253463 1253623
1253647 1253674 1253739 1254119 1254126 1254235 1254244 1254363
1254373 1254378 1254477 1254518 1254520 1254599 1254606 1254611
1254613 1254615 1254616 1254621 1254623 1254626 1254648 1254649
1254653 1254655 1254657 1254660 1254661 1254663 1254666 1254669
1254677 1254678 1254688 1254690 1254691 1254693 1254695 1254698
1254701 1254704 1254705 1254707 1254712 1254715 1254717 1254723
1254724 1254732 1254733 1254737 1254739 1254742 1254743 1254749
1254750 1254753 1254754 1254758 1254761 1254762 1254765 1254782
1254791 1254793 1254794 1254795 1254796 1254797 1254798 1254813
1254815 1254824 1254825 1254827 1254828 1254829 1254830 1254832
1254840 1254843 1254846 1254847 1254849 1254850 1254851 1254854
1254856 1254858 1254860 1254864 1254869 1254894 1254918 1254957
1254959 1254983 1254996 1255005 1255009 1255025 1255026 1255030
1255033 1255034 1255035 1255039 1255041 1255042 1255046 1255057
1255062 1255064 1255065 1255068 1255071 1255072 1255075 1255077
1255081 1255082 1255083 1255085 1255087 1255092 1255094 1255095
1255097 1255100 1255101 1255116 1255121 1255122 1255124 1255131
1255134 1255135 1255136 1255142 1255145 1255146 1255149 1255152
1255154 1255155 1255163 1255167 1255169 1255171 1255175 1255179
1255181 1255182 1255187 1255190 1255193 1255196 1255197 1255199
1255202 1255203 1255206 1255209 1255218 1255220 1255221 1255224
1255227 1255230 1255233 1255234 1255242 1255245 1255246 1255247
1255251 1255252 1255253 1255256 1255259 1255262 1255272 1255273
1255274 1255276 1255279 1255280 1255281 1255297 1255316 1255318
1255325 1255329 1255346 1255349 1255351 1255357 1255380 1255395
1255415 1255428 1255433 1255434 1255463 1255480 1255483 1255489
1255493 1255495 1255505 1255507 1255538 1255540 1255545 1255549
1255550 1255553 1255557 1255558 1255563 1255564 1255567 1255570
1255578 1255579 1255580 1255583 1255591 1255601 1255603 1255605
1255611 1255614 1255616 1255617 1255618 1255621 1255628 1255629
1255630 1255632 1255636 1255688 1255691 1255702 1255704 1255706
1255707 1255709 1255722 1255723 1255724 1255758 1255759 1255760
1255763 1255769 1255770 1255772 1255774 1255775 1255776 1255780
1255785 1255786 1255789 1255790 1255792 1255793 1255795 1255798
1255800 1255801 1255806 1255807 1255809 1255810 1255812 1255814
1255820 1255838 1255842 1255843 1255872 1255875 1255879 1255883
1255884 1255886 1255888 1255890 1255891 1255892 1255899 1255902
1255907 1255911 1255915 1255918 1255921 1255924 1255925 1255931
1255932 1255934 1255943 1255944 1255949 1255951 1255952 1255955
1255957 1255961 1255963 1255964 1255967 1255974 1255978 1255984
1255988 1255990 1255992 1255993 1255994 1255996 1256033 1256034
1256045 1256050 1256058 1256071 1256074 1256081 1256082 1256083
1256084 1256085 1256090 1256093 1256094 1256095 1256096 1256099
1256100 1256104 1256105 1256106 1256107 1256117 1256119 1256121
1256145 1256153 1256178 1256197 1256231 1256233 1256234 1256238
1256263 1256267 1256268 1256271 1256273 1256274 1256279 1256285
1256291 1256292 1256300 1256301 1256302 1256335 1256348 1256351
1256354 1256358 1256361 1256364 1256366 1256367 1256368 1256369
1256370 1256371 1256373 1256375 1256379 1256387 1256394 1256395
1256396 1256528 1256830 1256834 1256834 1256835 1256835 1256836
1256836 1256837 1256837 1256838 1256838 1256839 1256839 1256840
1256840 1257049 CVE-2023-42752 CVE-2023-53743 CVE-2023-53750
CVE-2023-53752 CVE-2023-53759 CVE-2023-53762 CVE-2023-53766 CVE-2023-53768
CVE-2023-53777 CVE-2023-53778 CVE-2023-53782 CVE-2023-53784 CVE-2023-53785
CVE-2023-53787 CVE-2023-53791 CVE-2023-53792 CVE-2023-53793 CVE-2023-53794
CVE-2023-53795 CVE-2023-53797 CVE-2023-53799 CVE-2023-53807 CVE-2023-53808
CVE-2023-53813 CVE-2023-53815 CVE-2023-53819 CVE-2023-53821 CVE-2023-53823
CVE-2023-53825 CVE-2023-53828 CVE-2023-53831 CVE-2023-53834 CVE-2023-53836
CVE-2023-53839 CVE-2023-53841 CVE-2023-53842 CVE-2023-53843 CVE-2023-53844
CVE-2023-53846 CVE-2023-53847 CVE-2023-53848 CVE-2023-53850 CVE-2023-53851
CVE-2023-53852 CVE-2023-53855 CVE-2023-53856 CVE-2023-53857 CVE-2023-53858
CVE-2023-53860 CVE-2023-53861 CVE-2023-53863 CVE-2023-53864 CVE-2023-53865
CVE-2023-53989 CVE-2023-53992 CVE-2023-53994 CVE-2023-53995 CVE-2023-53996
CVE-2023-53997 CVE-2023-53998 CVE-2023-53999 CVE-2023-54000 CVE-2023-54001
CVE-2023-54005 CVE-2023-54006 CVE-2023-54008 CVE-2023-54014 CVE-2023-54016
CVE-2023-54017 CVE-2023-54019 CVE-2023-54022 CVE-2023-54023 CVE-2023-54025
CVE-2023-54026 CVE-2023-54027 CVE-2023-54030 CVE-2023-54031 CVE-2023-54032
CVE-2023-54035 CVE-2023-54037 CVE-2023-54038 CVE-2023-54042 CVE-2023-54045
CVE-2023-54048 CVE-2023-54049 CVE-2023-54051 CVE-2023-54052 CVE-2023-54060
CVE-2023-54064 CVE-2023-54066 CVE-2023-54067 CVE-2023-54069 CVE-2023-54070
CVE-2023-54072 CVE-2023-54076 CVE-2023-54080 CVE-2023-54081 CVE-2023-54083
CVE-2023-54088 CVE-2023-54089 CVE-2023-54091 CVE-2023-54092 CVE-2023-54093
CVE-2023-54094 CVE-2023-54095 CVE-2023-54096 CVE-2023-54099 CVE-2023-54101
CVE-2023-54104 CVE-2023-54106 CVE-2023-54112 CVE-2023-54113 CVE-2023-54115
CVE-2023-54117 CVE-2023-54121 CVE-2023-54125 CVE-2023-54127 CVE-2023-54133
CVE-2023-54134 CVE-2023-54135 CVE-2023-54136 CVE-2023-54137 CVE-2023-54140
CVE-2023-54141 CVE-2023-54142 CVE-2023-54143 CVE-2023-54145 CVE-2023-54148
CVE-2023-54149 CVE-2023-54153 CVE-2023-54154 CVE-2023-54155 CVE-2023-54156
CVE-2023-54164 CVE-2023-54166 CVE-2023-54169 CVE-2023-54170 CVE-2023-54171
CVE-2023-54172 CVE-2023-54173 CVE-2023-54177 CVE-2023-54178 CVE-2023-54179
CVE-2023-54181 CVE-2023-54183 CVE-2023-54185 CVE-2023-54189 CVE-2023-54194
CVE-2023-54201 CVE-2023-54204 CVE-2023-54207 CVE-2023-54209 CVE-2023-54210
CVE-2023-54211 CVE-2023-54215 CVE-2023-54219 CVE-2023-54220 CVE-2023-54221
CVE-2023-54223 CVE-2023-54224 CVE-2023-54225 CVE-2023-54227 CVE-2023-54229
CVE-2023-54230 CVE-2023-54235 CVE-2023-54240 CVE-2023-54241 CVE-2023-54246
CVE-2023-54247 CVE-2023-54251 CVE-2023-54253 CVE-2023-54254 CVE-2023-54255
CVE-2023-54258 CVE-2023-54261 CVE-2023-54263 CVE-2023-54264 CVE-2023-54266
CVE-2023-54267 CVE-2023-54271 CVE-2023-54276 CVE-2023-54278 CVE-2023-54281
CVE-2023-54282 CVE-2023-54283 CVE-2023-54285 CVE-2023-54289 CVE-2023-54291
CVE-2023-54292 CVE-2023-54293 CVE-2023-54296 CVE-2023-54297 CVE-2023-54299
CVE-2023-54300 CVE-2023-54302 CVE-2023-54303 CVE-2023-54304 CVE-2023-54309
CVE-2023-54312 CVE-2023-54313 CVE-2023-54314 CVE-2023-54315 CVE-2023-54316
CVE-2023-54318 CVE-2023-54319 CVE-2023-54322 CVE-2023-54324 CVE-2023-54326
CVE-2024-26944 CVE-2025-14017 CVE-2025-14104 CVE-2025-15467 CVE-2025-38321
CVE-2025-38728 CVE-2025-39977 CVE-2025-40006 CVE-2025-40024 CVE-2025-40033
CVE-2025-40042 CVE-2025-40053 CVE-2025-40081 CVE-2025-40102 CVE-2025-40123
CVE-2025-40134 CVE-2025-40135 CVE-2025-40153 CVE-2025-40158 CVE-2025-40160
CVE-2025-40167 CVE-2025-40170 CVE-2025-40178 CVE-2025-40179 CVE-2025-40187
CVE-2025-40190 CVE-2025-40211 CVE-2025-40213 CVE-2025-40215 CVE-2025-40219
CVE-2025-40220 CVE-2025-40223 CVE-2025-40225 CVE-2025-40231 CVE-2025-40233
CVE-2025-40240 CVE-2025-40242 CVE-2025-40244 CVE-2025-40248 CVE-2025-40250
CVE-2025-40251 CVE-2025-40252 CVE-2025-40256 CVE-2025-40258 CVE-2025-40262
CVE-2025-40263 CVE-2025-40268 CVE-2025-40269 CVE-2025-40271 CVE-2025-40272
CVE-2025-40273 CVE-2025-40274 CVE-2025-40275 CVE-2025-40276 CVE-2025-40277
CVE-2025-40278 CVE-2025-40279 CVE-2025-40280 CVE-2025-40282 CVE-2025-40283
CVE-2025-40284 CVE-2025-40287 CVE-2025-40288 CVE-2025-40289 CVE-2025-40292
CVE-2025-40293 CVE-2025-40294 CVE-2025-40297 CVE-2025-40301 CVE-2025-40302
CVE-2025-40304 CVE-2025-40306 CVE-2025-40307 CVE-2025-40308 CVE-2025-40309
CVE-2025-40310 CVE-2025-40311 CVE-2025-40312 CVE-2025-40314 CVE-2025-40315
CVE-2025-40316 CVE-2025-40317 CVE-2025-40318 CVE-2025-40319 CVE-2025-40320
CVE-2025-40321 CVE-2025-40322 CVE-2025-40323 CVE-2025-40324 CVE-2025-40329
CVE-2025-40330 CVE-2025-40331 CVE-2025-40332 CVE-2025-40337 CVE-2025-40338
CVE-2025-40339 CVE-2025-40340 CVE-2025-40342 CVE-2025-40343 CVE-2025-40345
CVE-2025-40346 CVE-2025-40347 CVE-2025-40349 CVE-2025-40351 CVE-2025-40354
CVE-2025-40357 CVE-2025-40359 CVE-2025-40360 CVE-2025-68160 CVE-2025-68160
CVE-2025-68168 CVE-2025-68170 CVE-2025-68172 CVE-2025-68176 CVE-2025-68180
CVE-2025-68181 CVE-2025-68183 CVE-2025-68184 CVE-2025-68185 CVE-2025-68190
CVE-2025-68192 CVE-2025-68194 CVE-2025-68195 CVE-2025-68197 CVE-2025-68201
CVE-2025-68204 CVE-2025-68206 CVE-2025-68207 CVE-2025-68208 CVE-2025-68209
CVE-2025-68217 CVE-2025-68218 CVE-2025-68222 CVE-2025-68223 CVE-2025-68230
CVE-2025-68233 CVE-2025-68235 CVE-2025-68237 CVE-2025-68238 CVE-2025-68239
CVE-2025-68244 CVE-2025-68249 CVE-2025-68252 CVE-2025-68255 CVE-2025-68257
CVE-2025-68258 CVE-2025-68259 CVE-2025-68264 CVE-2025-68286 CVE-2025-68287
CVE-2025-68289 CVE-2025-68290 CVE-2025-68298 CVE-2025-68302 CVE-2025-68303
CVE-2025-68305 CVE-2025-68306 CVE-2025-68307 CVE-2025-68308 CVE-2025-68312
CVE-2025-68313 CVE-2025-68328 CVE-2025-68330 CVE-2025-68331 CVE-2025-68332
CVE-2025-68335 CVE-2025-68339 CVE-2025-68340 CVE-2025-68345 CVE-2025-68346
CVE-2025-68347 CVE-2025-68351 CVE-2025-68354 CVE-2025-68362 CVE-2025-68378
CVE-2025-68380 CVE-2025-68724 CVE-2025-68732 CVE-2025-68734 CVE-2025-68740
CVE-2025-68742 CVE-2025-68744 CVE-2025-68746 CVE-2025-68747 CVE-2025-68749
CVE-2025-68750 CVE-2025-68753 CVE-2025-68757 CVE-2025-68758 CVE-2025-68759
CVE-2025-68765 CVE-2025-68766 CVE-2025-69418 CVE-2025-69418 CVE-2025-69419
CVE-2025-69419 CVE-2025-69420 CVE-2025-69420 CVE-2025-69421 CVE-2025-69421
CVE-2026-0988 CVE-2026-22795 CVE-2026-22795 CVE-2026-22796 CVE-2026-22796
-----------------------------------------------------------------
The container bci/bci-sle15-kernel-module-devel was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:221-1
Released: Thu Jan 22 13:15:35 2026
Summary: Security update for curl
Type: security
Severity: moderate
References: 1256105,CVE-2025-14017
This update for curl fixes the following issues:
- CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:230-1
Released: Thu Jan 22 13:22:31 2026
Summary: Security update for util-linux
Type: security
Severity: moderate
References: 1254666,CVE-2025-14104
This update for util-linux fixes the following issues:
- CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).
- lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:242-1
Released: Thu Jan 22 14:57:13 2026
Summary: Recommended update for git
Type: recommended
Severity: moderate
References: 1251224
This update for git fixes the following issue:
- Revert incorrect AppArmor profile change, in SLE 15 the binaries remain
in /usr/lib/git (bsc#1251224)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:286-1
Released: Sat Jan 24 00:35:35 2026
Summary: Security update for glib2
Type: security
Severity: low
References: 1257049,CVE-2026-0988
This update for glib2 fixes the following issues:
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:309-1
Released: Wed Jan 28 10:36:32 2026
Summary: Security update for openssl-3
Type: security
Severity: critical
References: 1256830,1256834,1256835,1256836,1256837,1256838,1256839,1256840,CVE-2025-15467,CVE-2025-68160,CVE-2025-69418,CVE-2025-69419,CVE-2025-69420,CVE-2025-69421,CVE-2026-22795,CVE-2026-22796
This update for openssl-3 fixes the following issues:
- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:315-1
Released: Wed Jan 28 15:34:15 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1012628,1065729,1194869,1205462,1214285,1214635,1214847,1215146,1215211,1215344,1216062,1216436,1219165,1220419,1223731,1232223,1234163,1243112,1245193,1245449,1246328,1247500,1248886,1249256,1251752,1252046,1252342,1252686,1252776,1252808,1252824,1252861,1252919,1252973,1253155,1253262,1253342,1253365,1253386,1253400,1253402,1253408,1253413,1253442,1253458,1253463,1253623,1253647,1253674,1253739,1254119,1254126,1254235,1254244,1254363,1254373,1254378,1254477,1254518,1254520,1254599,1254606,1254611,1254613,1254615,1254616,1254621,1254623,1254626,1254648,1254649,1254653,1254655,1254657,1254660,1254661,1254663,1254669,1254677,1254678,1254688,1254690,1254691,1254693,1254695,1254698,1254701,1254704,1254705,1254707,1254712,1254715,1254717,1254723,1254724,1254732,1254733,1254737,1254739,1254742,1254743,1254749,1254750,1254753,1254754,1254758,1254761,1254762,1254765,1254782,1254791,1254793,1254794,1254795,1254796,1254797,1254798,1254813,1254815,1254824,1254825,1254827,1254828,1
254829,1254830,1254832,1254840,1254843,1254846,1254847,1254849,1254850,1254851,1254854,1254856,1254858,1254860,1254864,1254869,1254894,1254918,1254957,1254959,1254983,1254996,1255005,1255009,1255025,1255026,1255030,1255033,1255034,1255035,1255039,1255041,1255042,1255046,1255057,1255062,1255064,1255065,1255068,1255071,1255072,1255075,1255077,1255081,1255082,1255083,1255085,1255087,1255092,1255094,1255095,1255097,1255100,1255101,1255116,1255121,1255122,1255124,1255131,1255134,1255135,1255136,1255142,1255145,1255146,1255149,1255152,1255154,1255155,1255163,1255167,1255169,1255171,1255175,1255179,1255181,1255182,1255187,1255190,1255193,1255196,1255197,1255199,1255202,1255203,1255206,1255209,1255218,1255220,1255221,1255224,1255227,1255230,1255233,1255234,1255242,1255245,1255246,1255247,1255251,1255252,1255253,1255256,1255259,1255262,1255272,1255273,1255274,1255276,1255279,1255280,1255281,1255297,1255316,1255318,1255325,1255329,1255346,1255349,1255351,1255357,1255380,1255395,1255415,125542
8,1255433,1255434,1255463,1255480,1255483,1255489,1255493,1255495,1255505,1255507,1255538,1255540,1255545,1255549,1255550,1255553,1255557,1255558,1255563,1255564,1255567,1255570,1255578,1255579,1255580,1255583,1255591,1255601,1255603,1255605,1255611,1255614,1255616,1255617,1255618,1255621,1255628,1255629,1255630,1255632,1255636,1255688,1255691,1255702,1255704,1255706,1255707,1255709,1255722,1255723,1255724,1255758,1255759,1255760,1255763,1255769,1255770,1255772,1255774,1255775,1255776,1255780,1255785,1255786,1255789,1255790,1255792,1255793,1255795,1255798,1255800,1255801,1255806,1255807,1255809,1255810,1255812,1255814,1255820,1255838,1255842,1255843,1255872,1255875,1255879,1255883,1255884,1255886,1255888,1255890,1255891,1255892,1255899,1255902,1255907,1255911,1255915,1255918,1255921,1255924,1255925,1255931,1255932,1255934,1255943,1255944,1255949,1255951,1255952,1255955,1255957,1255961,1255963,1255964,1255967,1255974,1255978,1255984,1255988,1255990,1255992,1255993,1255994,1255996,125
6033,1256034,1256045,1256050,1256058,1256071,1256074,1256081,1256082,1256083,1256084,1256085,1256090,1256093,1256094,1256095,1256096,1256099,1256100,1256104,1256106,1256107,1256117,1256119,1256121,1256145,1256153,1256178,1256197,1256231,1256233,1256234,1256238,1256263,1256267,1256268,1256271,1256273,1256274,1256279,1256285,1256291,1256292,1256300,1256301,1256302,1256335,1256348,1256351,1256354,1256358,1256361,1256364,1256366,1256367,1256368,1256369,1256370,1256371,1256373,1256375,1256379,1256387,1256394,1256395,1256396,1256528,CVE-2023-42752,CVE-2023-53743,CVE-2023-53750,CVE-2023-53752,CVE-2023-53759,CVE-2023-53762,CVE-2023-53766,CVE-2023-53768,CVE-2023-53777,CVE-2023-53778,CVE-2023-53782,CVE-2023-53784,CVE-2023-53785,CVE-2023-53787,CVE-2023-53791,CVE-2023-53792,CVE-2023-53793,CVE-2023-53794,CVE-2023-53795,CVE-2023-53797,CVE-2023-53799,CVE-2023-53807,CVE-2023-53808,CVE-2023-53813,CVE-2023-53815,CVE-2023-53819,CVE-2023-53821,CVE-2023-53823,CVE-2023-53825,CVE-2023-53828,CVE-2023-53831
,CVE-2023-53834,CVE-2023-53836,CVE-2023-53839,CVE-2023-53841,CVE-2023-53842,CVE-2023-53843,CVE-2023-53844,CVE-2023-53846,CVE-2023-53847,CVE-2023-53848,CVE-2023-53850,CVE-2023-53851,CVE-2023-53852,CVE-2023-53855,CVE-2023-53856,CVE-2023-53857,CVE-2023-53858,CVE-2023-53860,CVE-2023-53861,CVE-2023-53863,CVE-2023-53864,CVE-2023-53865,CVE-2023-53989,CVE-2023-53992,CVE-2023-53994,CVE-2023-53995,CVE-2023-53996,CVE-2023-53997,CVE-2023-53998,CVE-2023-53999,CVE-2023-54000,CVE-2023-54001,CVE-2023-54005,CVE-2023-54006,CVE-2023-54008,CVE-2023-54014,CVE-2023-54016,CVE-2023-54017,CVE-2023-54019,CVE-2023-54022,CVE-2023-54023,CVE-2023-54025,CVE-2023-54026,CVE-2023-54027,CVE-2023-54030,CVE-2023-54031,CVE-2023-54032,CVE-2023-54035,CVE-2023-54037,CVE-2023-54038,CVE-2023-54042,CVE-2023-54045,CVE-2023-54048,CVE-2023-54049,CVE-2023-54051,CVE-2023-54052,CVE-2023-54060,CVE-2023-54064,CVE-2023-54066,CVE-2023-54067,CVE-2023-54069,CVE-2023-54070,CVE-2023-54072,CVE-2023-54076,CVE-2023-54080,CVE-2023-54081,CVE-20
23-54083,CVE-2023-54088,CVE-2023-54089,CVE-2023-54091,CVE-2023-54092,CVE-2023-54093,CVE-2023-54094,CVE-2023-54095,CVE-2023-54096,CVE-2023-54099,CVE-2023-54101,CVE-2023-54104,CVE-2023-54106,CVE-2023-54112,CVE-2023-54113,CVE-2023-54115,CVE-2023-54117,CVE-2023-54121,CVE-2023-54125,CVE-2023-54127,CVE-2023-54133,CVE-2023-54134,CVE-2023-54135,CVE-2023-54136,CVE-2023-54137,CVE-2023-54140,CVE-2023-54141,CVE-2023-54142,CVE-2023-54143,CVE-2023-54145,CVE-2023-54148,CVE-2023-54149,CVE-2023-54153,CVE-2023-54154,CVE-2023-54155,CVE-2023-54156,CVE-2023-54164,CVE-2023-54166,CVE-2023-54169,CVE-2023-54170,CVE-2023-54171,CVE-2023-54172,CVE-2023-54173,CVE-2023-54177,CVE-2023-54178,CVE-2023-54179,CVE-2023-54181,CVE-2023-54183,CVE-2023-54185,CVE-2023-54189,CVE-2023-54194,CVE-2023-54201,CVE-2023-54204,CVE-2023-54207,CVE-2023-54209,CVE-2023-54210,CVE-2023-54211,CVE-2023-54215,CVE-2023-54219,CVE-2023-54220,CVE-2023-54221,CVE-2023-54223,CVE-2023-54224,CVE-2023-54225,CVE-2023-54227,CVE-2023-54229,CVE-2023-5423
0,CVE-2023-54235,CVE-2023-54240,CVE-2023-54241,CVE-2023-54246,CVE-2023-54247,CVE-2023-54251,CVE-2023-54253,CVE-2023-54254,CVE-2023-54255,CVE-2023-54258,CVE-2023-54261,CVE-2023-54263,CVE-2023-54264,CVE-2023-54266,CVE-2023-54267,CVE-2023-54271,CVE-2023-54276,CVE-2023-54278,CVE-2023-54281,CVE-2023-54282,CVE-2023-54283,CVE-2023-54285,CVE-2023-54289,CVE-2023-54291,CVE-2023-54292,CVE-2023-54293,CVE-2023-54296,CVE-2023-54297,CVE-2023-54299,CVE-2023-54300,CVE-2023-54302,CVE-2023-54303,CVE-2023-54304,CVE-2023-54309,CVE-2023-54312,CVE-2023-54313,CVE-2023-54314,CVE-2023-54315,CVE-2023-54316,CVE-2023-54318,CVE-2023-54319,CVE-2023-54322,CVE-2023-54324,CVE-2023-54326,CVE-2024-26944,CVE-2025-38321,CVE-2025-38728,CVE-2025-39977,CVE-2025-40006,CVE-2025-40024,CVE-2025-40033,CVE-2025-40042,CVE-2025-40053,CVE-2025-40081,CVE-2025-40102,CVE-2025-40123,CVE-2025-40134,CVE-2025-40135,CVE-2025-40153,CVE-2025-40158,CVE-2025-40160,CVE-2025-40167,CVE-2025-40170,CVE-2025-40178,CVE-2025-40179,CVE-2025-40187,CVE-2
025-40190,CVE-2025-40211,CVE-2025-40213,CVE-2025-40215,CVE-2025-40219,CVE-2025-40220,CVE-2025-40223,CVE-2025-40225,CVE-2025-40231,CVE-2025-40233,CVE-2025-40240,CVE-2025-40242,CVE-2025-40244,CVE-2025-40248,CVE-2025-40250,CVE-2025-40251,CVE-2025-40252,CVE-2025-40256,CVE-2025-40258,CVE-2025-40262,CVE-2025-40263,CVE-2025-40268,CVE-2025-40269,CVE-2025-40271,CVE-2025-40272,CVE-2025-40273,CVE-2025-40274,CVE-2025-40275,CVE-2025-40276,CVE-2025-40277,CVE-2025-40278,CVE-2025-40279,CVE-2025-40280,CVE-2025-40282,CVE-2025-40283,CVE-2025-40284,CVE-2025-40287,CVE-2025-40288,CVE-2025-40289,CVE-2025-40292,CVE-2025-40293,CVE-2025-40294,CVE-2025-40297,CVE-2025-40301,CVE-2025-40302,CVE-2025-40304,CVE-2025-40306,CVE-2025-40307,CVE-2025-40308,CVE-2025-40309,CVE-2025-40310,CVE-2025-40311,CVE-2025-40312,CVE-2025-40314,CVE-2025-40315,CVE-2025-40316,CVE-2025-40317,CVE-2025-40318,CVE-2025-40319,CVE-2025-40320,CVE-2025-40321,CVE-2025-40322,CVE-2025-40323,CVE-2025-40324,CVE-2025-40329,CVE-2025-40330,CVE-2025-403
31,CVE-2025-40332,CVE-2025-40337,CVE-2025-40338,CVE-2025-40339,CVE-2025-40340,CVE-2025-40342,CVE-2025-40343,CVE-2025-40345,CVE-2025-40346,CVE-2025-40347,CVE-2025-40349,CVE-2025-40351,CVE-2025-40354,CVE-2025-40357,CVE-2025-40359,CVE-2025-40360,CVE-2025-68168,CVE-2025-68170,CVE-2025-68172,CVE-2025-68176,CVE-2025-68180,CVE-2025-68181,CVE-2025-68183,CVE-2025-68184,CVE-2025-68185,CVE-2025-68190,CVE-2025-68192,CVE-2025-68194,CVE-2025-68195,CVE-2025-68197,CVE-2025-68201,CVE-2025-68204,CVE-2025-68206,CVE-2025-68207,CVE-2025-68208,CVE-2025-68209,CVE-2025-68217,CVE-2025-68218,CVE-2025-68222,CVE-2025-68223,CVE-2025-68230,CVE-2025-68233,CVE-2025-68235,CVE-2025-68237,CVE-2025-68238,CVE-2025-68239,CVE-2025-68244,CVE-2025-68249,CVE-2025-68252,CVE-2025-68255,CVE-2025-68257,CVE-2025-68258,CVE-2025-68259,CVE-2025-68264,CVE-2025-68286,CVE-2025-68287,CVE-2025-68289,CVE-2025-68290,CVE-2025-68298,CVE-2025-68302,CVE-2025-68303,CVE-2025-68305,CVE-2025-68306,CVE-2025-68307,CVE-2025-68308,CVE-2025-68312,CVE-
2025-68313,CVE-2025-68328,CVE-2025-68330,CVE-2025-68331,CVE-2025-68332,CVE-2025-68335,CVE-2025-68339,CVE-2025-68340,CVE-2025-68345,CVE-2025-68346,CVE-2025-68347,CVE-2025-68351,CVE-2025-68354,CVE-2025-68362,CVE-2025-68378,CVE-2025-68380,CVE-2025-68724,CVE-2025-68732,CVE-2025-68734,CVE-2025-68740,CVE-2025-68742,CVE-2025-68744,CVE-2025-68746,CVE-2025-68747,CVE-2025-68749,CVE-2025-68750,CVE-2025-68753,CVE-2025-68757,CVE-2025-68758,CVE-2025-68759,CVE-2025-68765,CVE-2025-68766
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40187: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (bsc#1253647).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40287: exfat: fix improper check of dentry.stream.valid_size (bsc#1255030).
- CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40330: bnxt_en: Shutdown FW DMA in bnxt_shutdown() (bsc#1254616).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40357: net/smc: fix general protection fault in __smc_diag_dump (bsc#1255097).
- CVE-2025-68197: bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (bsc#1255242).
- CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).
The following non security issues were fixed:
- ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes).
- ACPI: PCC: Fix race condition by removing static qualifier (git-fixes).
- ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes).
- ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes).
- ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes).
- ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes).
- ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes).
- ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes).
- ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes).
- ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes).
- ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes).
- ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes).
- ALSA: uapi: Fix typo in asound.h comment (git-fixes).
- ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes).
- ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes).
- ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
- ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes).
- ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes).
- ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes).
- ASoC: ak4458: Disable regulator when error happens (git-fixes).
- ASoC: ak4458: remove the reset operation in probe and remove (git-fixes).
- ASoC: ak5558: Disable regulator when error happens (git-fixes).
- ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes).
- ASoC: codecs: lpass-tx-macro: fix SM6115 support (git-fixes).
- ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes).
- ASoC: fsl_xcvr: clear the channel status control memory (git-fixes).
- ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes).
- ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes).
- ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes).
- ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: stm32: sai: fix OF node leak on probe (git-fixes).
- ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes).
- ASoC: stm32: sai: fix device leak on probe (git-fixes).
- ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes).
- Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes).
- Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (git-fixes).
- Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes).
- Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes).
- Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref (git-fixes).
- Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface (git-fixes).
- Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes).
- Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes).
- Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes).
- Documentation: hid-alps: Fix packet format section headings (git-fixes).
- Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes).
- HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes).
- HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes).
- HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes).
- HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes).
- HID: logitech-dj: Remove duplicate error logging (git-fixes).
- HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes).
- HID: quirks: work around VID/PID conflict for appledisplay (git-fixes).
- Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes).
- Input: cros_ec_keyb - fix an invalid memory access (stable-fixes).
- Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes).
- Input: goodix - add support for ACPI ID GDX9110 (stable-fixes).
- Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes).
- KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes).
- KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes).
- KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255463).
- PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes).
- PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes).
- PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes).
- PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes).
- PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes).
- Revert 'drm/amd/display: Fix pbn to kbps Conversion' (stable-fixes).
- Revert 'drm/amd/display: Move setup_stream_attribute' (stable-fixes).
- Revert 'drm/amd: Skip power ungate during suspend for VPE' (git-fixes).
- Revert 'mtd: rawnand: marvell: fix layouts' (git-fixes).
- Revert 'net: r8169: Disable multicast filter for RTL8168H and RTL8107E' (jsc#PED-14353).
- Revert 'r8169: don't try to disable interrupts if NAPI is, scheduled already' (jsc#PED-14353).
- USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes).
- USB: lpc32xx_udc: Fix error handling in probe (git-fixes).
- USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes).
- USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes).
- USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: option: add Foxconn T99W760 (stable-fixes).
- USB: serial: option: add Quectel RG255C (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes).
- USB: serial: option: add UNISOC UIS7720 (stable-fixes).
- USB: serial: option: add support for Rolling RW101R-GL (stable-fixes).
- USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes).
- USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes).
- accel/ivpu: Fix DCT active percent format (git-fixes).
- accel/ivpu: Fix race condition when unbinding BOs (git-fixes).
- arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes).
- arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes).
- atm/fore200e: Fix possible data race in fore200e_open() (git-fixes).
- atm: Fix dma_free_coherent() size (git-fixes).
- atm: idt77252: Add missing `dma_map_error()` (stable-fixes).
- backlight: led-bl: Add devlink to supplier LEDs (git-fixes).
- backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes).
- bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433).
- bpf: Reject bpf_timer for PREEMPT_RT (git-fixes).
- broadcom: b44: prevent uninitialized value usage (git-fixes).
- btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe() (git-fixes).
- can: gs_usb: gs_can_open(): fix error handling (git-fixes).
- can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes).
- can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes).
- can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes).
- can: sja1000: fix max irq loop handling (git-fixes).
- can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes).
- cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434).
- char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes).
- cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
- clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes).
- clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes).
- clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes).
- clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes).
- clk: samsung: exynos-clkout: Assign .num before accessing .hws (git-fixes).
- comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes).
- comedi: check device's attached status in compat ioctls (git-fixes).
- comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes).
- comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes).
- cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (git-fixes).
- cpufreq: nforce2: fix reference count leak in nforce2 (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes).
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes).
- crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes).
- crypto: hisilicon/qm - restore original qos values (git-fixes).
- crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes).
- crypto: qat - fix duplicate restarting msg during AER error (git-fixes).
- crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes).
- crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes).
- dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes).
- dm-verity: fix unreliable memory allocation (git-fixes).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386).
- drivers/usb/dwc3: fix PCI parent check (git-fixes).
- drm/amd/amdgpu: reserve vm invalidation engine for uni_mes (stable-fixes).
- drm/amd/display: Check NULL before accessing (stable-fixes).
- drm/amd/display: Clear the CUR_ENABLE register on DCN20 on DPP5 (stable-fixes).
- drm/amd/display: Don't change brightness for disabled connectors (stable-fixes).
- drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes).
- drm/amd/display: Fix pbn to kbps Conversion (stable-fixes).
- drm/amd/display: Fix scratch registers offsets for DCN35 (stable-fixes).
- drm/amd/display: Fix scratch registers offsets for DCN351 (stable-fixes).
- drm/amd/display: Increase DPCD read retries (stable-fixes).
- drm/amd/display: Insert dccg log for easy debug (stable-fixes).
- drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes).
- drm/amd/display: Prevent Gating DTBCLK before It Is Properly Latched (git-fixes).
- drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes).
- drm/amd/display: avoid reset DTBCLK at clock init (stable-fixes).
- drm/amd/display: disable DPP RCG before DPP CLK enable (stable-fixes).
- drm/amd: Skip power ungate during suspend for VPE (stable-fixes).
- drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling (stable-fixes).
- drm/amdgpu/gmc12: add amdgpu_vm_handle_fault() handling (stable-fixes).
- drm/amdgpu: Forward VMID reservation errors (git-fixes).
- drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes).
- drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes).
- drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes).
- drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (stable-fixes).
- drm/amdkfd: Export the cwsr_size and ctl_stack_size to userspace (stable-fixes).
- drm/amdkfd: Fix GPU mappings for APU after prefetch (stable-fixes).
- drm/amdkfd: Trap handler support for expert scheduling mode (stable-fixes).
- drm/amdkfd: Use huge page size to check split svm range alignment (git-fixes).
- drm/amdkfd: bump minimum vgpr size for gfx1151 (stable-fixes).
- drm/displayid: add quirk to ignore DisplayID checksum errors (stable-fixes).
- drm/displayid: pass iter to drm_find_displayid_extension() (stable-fixes).
- drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident (stable-fixes).
- drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes).
- drm/i915/dp: Initialize the source OUI write timestamp always (stable-fixes).
- drm/i915/dp_mst: Disable Panel Replay (git-fixes).
- drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes).
- drm/i915: Fix format string truncation warning (git-fixes).
- drm/imagination: Disallow exporting of PM/FW protected objects (git-fixes).
- drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource() (git-fixes).
- drm/me/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes).
- drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes).
- drm/mediatek: Fix probe device leaks (git-fixes).
- drm/mediatek: Fix probe memory leak (git-fixes).
- drm/mediatek: Fix probe resource leaks (git-fixes).
- drm/mediatek: ovl_adaptor: Fix probe device leaks (git-fixes).
- drm/mgag200: Fix big-endian support (git-fixes).
- drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes).
- drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes).
- drm/msm/a6xx: Fix the gemnoc workaround (git-fixes).
- drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes).
- drm/msm/a6xx: Improve MX rail fallback in RPMH vote init (git-fixes).
- drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes).
- drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes).
- drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype (git-fixes).
- drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb (git-fixes).
- drm/nouveau: refactor deprecated strcpy (git-fixes).
- drm/nouveau: restrict the flush page to a 32-bit address (git-fixes).
- drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes).
- drm/panel: visionox-rm69299: Don't clear all mode flags (git-fixes).
- drm/panthor: Avoid adding of kernel BOs to extobj list (git-fixes).
- drm/panthor: Fix UAF on kernel BO VA nodes (git-fixes).
- drm/panthor: Fix group_free_queue() for partially initialized queues (git-fixes).
- drm/panthor: Fix potential memleak of vma structure (git-fixes).
- drm/panthor: Fix race with suspend during unplug (git-fixes).
- drm/panthor: Flush shmem writes before mapping buffers CPU-uncached (git-fixes).
- drm/panthor: Handle errors returned by drm_sched_entity_init() (git-fixes).
- drm/pl111: Fix error handling in pl111_amba_probe (git-fixes).
- drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties() (git-fixes).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- drm/sched: Fix race in drm_sched_entity_select_rq() (git-fixes).
- drm/tilcdc: Fix removal actions in case of failed probe (git-fixes).
- drm/tilcdc: request and mapp iomem with devres (stable-fixes).
- drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes).
- drm/vgem-fence: Fix potential deadlock on release (git-fixes).
- drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes).
- drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table (git-fixes).
- drm/xe/oa: Disallow 0 OA property values (git-fixes).
- drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() (git-fixes).
- drm/xe/oa: Limit num_syncs to prevent oversized allocations (git-fixes).
- drm/xe: Adjust long-running workload timeslices to reasonable values (git-fixes).
- drm/xe: Drop preempt-fences when destroying imported dma-bufs (git-fixes).
- drm/xe: Fix conversion from clock ticks to milliseconds (git-fixes).
- drm/xe: Limit num_syncs to prevent oversized allocations (git-fixes).
- drm/xe: Prevent BIT() overflow when handling invalid prefetch region (git-fixes).
- drm/xe: Restore engine registers before restarting schedulers after GT reset (git-fixes).
- drm/xe: Use usleep_range for accurate long-running workload timeslicing (git-fixes).
- drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler() (git-fixes).
- drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes).
- drm: sti: fix device leaks at component probe (git-fixes).
- efi/libstub: Avoid physical address 0x0 when doing random allocation (stable-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes).
- efi: stmm: Fix incorrect buffer allocation method (git-fixes).
- efi: stmm: fix kernel-doc 'bad line' warnings (git-fixes).
- exfat: add a check for invalid data size (git-fixes).
- exfat: using hweight instead of internal logic (git-fixes).
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
- fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes).
- fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes).
- fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes).
- fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes).
- firewire: nosy: Fix dma_free_coherent() size (git-fixes).
- firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes).
- firmware: imx: scu-irq: fix OF node leak in (git-fixes).
- firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes).
- firmware: stratix10-svc: fix bug in saving controller data (git-fixes).
- firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes).
- fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
- ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct() (git-fixes).
- genalloc.h: fix htmldocs warning (git-fixes).
- gpio: rockchip: mark the GPIO controller as sleeping (git-fixes).
- gpu: host1x: Fix race in syncpt alloc/free (git-fixes).
- hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes).
- hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes).
- hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes).
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes).
- i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes).
- i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes).
- i2c: i2c.h: fix a bad kernel-doc line (git-fixes).
- i3c: fix refcount inconsistency in i3c_master_register (git-fixes).
- i3c: master: Inherit DMA masks and parameters from parent device (stable-fixes).
- i3c: master: svc: Prevent incomplete IBI transaction (git-fixes).
- idr: fix idr_alloc() returning an ID out of range (git-fixes).
- iio: accel: bmc150: Fix irq assumption regression (stable-fixes).
- iio: accel: fix ADXL355 startup race condition (git-fixes).
- iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes).
- iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes).
- iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes).
- iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes).
- iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes).
- iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes).
- iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes).
- ima: Handle error code returned by ima_filter_rule_match() (git-fixes).
- intel_th: Fix error handling in intel_th_output_open (git-fixes).
- ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes).
- ipmi: Fix handling of messages with provided receive message pointer (git-fixes).
- ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes).
- ipmi: Rework user message limit handling (git-fixes).
- irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes).
- kconfig/mconf: Initialize the default locale at startup (stable-fixes).
- kconfig/nconf: Initialize the default locale at startup (stable-fixes).
- leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes).
- leds: leds-lp50xx: Enable chip before any communication (git-fixes).
- leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes).
- leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes).
- lib/vsprintf: Check pointer before dereferencing in time_and_date() (git-fixes).
- mailbox: mailbox-test: Fix debugfs_create_dir error checking (git-fixes).
- media: TDA1997x: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() (git-fixes).
- media: amphion: Add a frame flush mode for decoder (stable-fixes).
- media: amphion: Cancel message work before releasing the VPU core (git-fixes).
- media: amphion: Make some vpu_v4l2 functions static (stable-fixes).
- media: amphion: Remove vpu_vb_is_codecconfig (git-fixes).
- media: atomisp: Prefix firmware paths with 'intel/ipu/' (bsc#1252973).
- media: atomisp: Remove firmware_name module parameter (bsc#1252973).
- media: cec: Fix debugfs leak on bus_register() failure (git-fixes).
- media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() (git-fixes).
- media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: i2c: adv7842: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: imx-mipi-csis: Drop extra clock enable at probe() (git-fixes).
- media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes).
- media: nxp: imx8-isi: Mark all crossbar sink pads as MUST_CONNECT (stable-fixes).
- media: ov5640: fix vblank unchange issue when work at dvp mode (git-fixes).
- media: pci: ivtv: Don't create fake v4l2_fh (stable-fixes).
- media: pvrusb2: Fix incorrect variable used in trace message (git-fixes).
- media: qcom: camss: Fix genpd cleanup (git-fixes).
- media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes).
- media: qcom: camss: cleanup media device allocated resource on error path (git-fixes).
- media: qcom: venus: fix incorrect return value (stable-fixes).
- media: radio-isa: use dev_name to fill in bus_info (stable-fixes).
- media: rc: st_rc: Fix reset control resource leak (git-fixes).
- media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled (git-fixes).
- media: s5p-mfc: Fix potential deadlock on condlock (stable-fixes).
- media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4033 (stable-fixes).
- media: v4l2-mem2mem: Fix outdated documentation (git-fixes).
- media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes).
- media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes).
- media: verisilicon: Store chroma and motion vectors offset (stable-fixes).
- media: verisilicon: g2: Use common helpers to compute chroma and mv offsets (stable-fixes).
- media: videobuf2: Fix device reference leak in vb2_dc_alloc error path (git-fixes).
- media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes).
- media: vpif_capture: fix section mismatch (git-fixes).
- media: vpif_display: fix section mismatch (git-fixes).
- mei: gsc: add dependency on Xe driver (git-fixes).
- mei: me: add wildcat lake P DID (stable-fixes).
- mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes).
- mfd: da9055: Fix missing regmap_del_irq_chip() in error path (git-fixes).
- mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes).
- mfd: mt6358-irq: Fix missing irq_domain_remove() in error path (git-fixes).
- mfd: mt6397-irq: Fix missing irq_domain_remove() in error path (git-fixes).
- mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes).
- mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes).
- most: usb: fix double free on late probe failure (git-fixes).
- mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() (git-fixes).
- mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes).
- mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes).
- mtd: nand: relax ECC parameter validation check (git-fixes).
- mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes).
- mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors (git-fixes).
- net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes).
- net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write (git-fixes).
- net: phy: adin1100: Fix software power-down ready condition (git-fixes).
- net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes).
- net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes).
- net: r8169: Disable multicast filter for RTL8168H and RTL8107E (jsc#PED-14353).
- net: rose: fix invalid array index in rose_kill_by_device() (git-fixes).
- net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes).
- net: usb: rtl8150: fix memory leak on usb_submit_urb() failure (git-fixes).
- net: usb: sr9700: fix incorrect command used to write single register (git-fixes).
- net: wwan: iosm: Fix memory leak in ipc_mux_deinit() (git-fixes).
- netdevsim: print human readable IP address (bsc#1255071).
- nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (git-fixes).
- nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223).
- nfsd: fix return error codes for nfsd_map_name_to_id (bsc#1232223).
- nvme: Use non zero KATO for persistent discovery connections (git-fixes).
- orangefs: fix xattr related buffer overflow.. (git-fixes).
- perf list: Add IBM z17 event descriptions (jsc#PED-13611).
- perf/x86/intel: Fix KASAN global-out-of-bounds warning (git-fixes).
- phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() (git-fixes).
- pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes).
- pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes).
- pinctrl: single: Fix PIN_CONFIG_BIAS_DISABLE handling (stable-fixes).
- pinctrl: single: Fix incorrect type for error return variable (git-fixes).
- pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes).
- platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes).
- platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes).
- platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes).
- platform/x86: acer-wmi: Ignore backlight event (stable-fixes).
- platform/x86: asus-wmi: use brightness_set_blocking() for kbd led (git-fixes).
- platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing (git-fixes).
- platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes).
- platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes).
- platform/x86: intel: chtwc_int33fe: don't dereference swnode args (git-fixes).
- platform/x86: intel: punit_ipc: fix memory corruption (git-fixes).
- platform/x86: msi-laptop: add missing sysfs_remove_group() (git-fixes).
- power: supply: apm_power: only unset own apm_get_power_status (git-fixes).
- power: supply: cw2015: Check devm_delayed_work_autocancel() return code (git-fixes).
- power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: wm831x: Check wm831x_set_bits() return value (git-fixes).
- powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187).
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029).
- powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496).
- pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes).
- r8169: Fix spelling mistake: 'tx_underun' -> 'tx_underrun' (jsc#PED-14353).
- r8169: Use PCI_IRQ_INTX instead of PCI_IRQ_LEGACY (jsc#PED-14353).
- r8169: add MODULE_FIRMWARE entry for RTL8126A (jsc#PED-14353).
- r8169: add PHY c45 ops for MDIO_MMD_VENDOR2 registers (jsc#PED-14353).
- r8169: add generic rtl_set_eee_txidle_timer function (jsc#PED-14353).
- r8169: add missing MODULE_FIRMWARE entry for RTL8126A rev.b (jsc#PED-14353).
- r8169: add support for Intel Killer E5000 (jsc#PED-14353).
- r8169: add support for RTL8125BP rev.b (jsc#PED-14353).
- r8169: add support for RTL8125D (jsc#PED-14353).
- r8169: add support for RTL8125D rev.b (jsc#PED-14353).
- r8169: add support for RTL8126A rev.b (jsc#PED-14353).
- r8169: add support for RTL8168M (jsc#PED-14353).
- r8169: add support for returning tx_lpi_timer in ethtool get_eee (jsc#PED-14353).
- r8169: add support for the temperature sensor being available from RTL8125B (jsc#PED-14353).
- r8169: adjust version numbering for RTL8126 (jsc#PED-14353).
- r8169: align RTL8125 EEE config with vendor driver (jsc#PED-14353).
- r8169: align RTL8125/RTL8126 PHY config with vendor driver (jsc#PED-14353).
- r8169: align RTL8126 EEE config with vendor driver (jsc#PED-14353).
- r8169: align WAKE_PHY handling with r8125/r8126 vendor drivers (jsc#PED-14353).
- r8169: avoid duplicated messages if loading firmware fails and switch to warn level (jsc#PED-14353).
- r8169: avoid unsolicited interrupts (jsc#PED-14353).
- r8169: check for PCI read error in probe (jsc#PED-14353).
- r8169: disable ALDPS per default for RTL8125 (jsc#PED-14353).
- r8169: disable RTL8126 ZRX-DC timeout (jsc#PED-14353).
- r8169: disable interrupt source RxOverflow (jsc#PED-14353).
- r8169: don't apply UDP padding quirk on RTL8126A (jsc#PED-14353).
- r8169: don't increment tx_dropped in case of NETDEV_TX_BUSY (jsc#PED-14353).
- r8169: don't scan PHY addresses > 0 (jsc#PED-14353).
- r8169: don't take RTNL lock in rtl_task() (jsc#PED-14353).
- r8169: enable EEE at 2.5G per default on RTL8125B (jsc#PED-14353).
- r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (jsc#PED-14353).
- r8169: fix RTL8117 Wake-on-Lan in DASH mode (git-fixes).
- r8169: fix inconsistent indenting in rtl8169_get_eth_mac_stats (jsc#PED-14353).
- r8169: implement additional ethtool stats ops (jsc#PED-14353).
- r8169: improve RTL8411b phy-down fixup (jsc#PED-14353).
- r8169: improve __rtl8169_set_wol (jsc#PED-14353).
- r8169: improve handling task scheduling (jsc#PED-14353).
- r8169: improve initialization of RSS registers on RTL8125/RTL8126 (jsc#PED-14353).
- r8169: improve rtl_set_d3_pll_down (jsc#PED-14353).
- r8169: increase max jumbo packet size on RTL8125/RTL8126 (jsc#PED-14353).
- r8169: remove detection of chip version 11 (early RTL8168b) (jsc#PED-14353).
- r8169: remove leftover locks after reverted change (jsc#PED-14353).
- r8169: remove multicast filter limit (jsc#PED-14353).
- r8169: remove not needed check in rtl_fw_write_firmware (jsc#PED-14353).
- r8169: remove original workaround for RTL8125 broken rx issue (jsc#PED-14353).
- r8169: remove redundant hwmon support (jsc#PED-14353).
- r8169: remove rtl_dash_loop_wait_high/low (jsc#PED-14353).
- r8169: remove support for chip version 11 (jsc#PED-14353).
- r8169: remove unused flag RTL_FLAG_TASK_RESET_NO_QUEUE_WAKE (jsc#PED-14353).
- r8169: set EEE speed down ratio to 1 (stable-fixes).
- r8169: simplify EEE handling (jsc#PED-14353).
- r8169: simplify code by using core-provided pcpu stats allocation (jsc#PED-14353).
- r8169: support setting the EEE tx idle timer on RTL8168h (jsc#PED-14353).
- r8169: use dev_err_probe in all appropriate places in rtl_init_one() (jsc#PED-14353).
- r8169: use helper r8169_mod_reg8_cond to simplify rtl_jumbo_config (jsc#PED-14353).
- regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (git-fixes).
- regulator: core: disable supply if enabling main regulator fails (git-fixes).
- reset: fix BIT macro reference (stable-fixes).
- rpmsg: glink: fix rpmsg device leak (git-fixes).
- rtc: gamecube: Check the return value of ioremap() (git-fixes).
- scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
- scsi: mpi3mr: Fix I/O failures during controller reset (bsc#1251752 jsc#PED-14280).
- scsi: mpi3mr: Fix controller init failure on fault during queue creation (bsc#1251752 jsc#PED-14280).
- scsi: mpi3mr: Fix device loss during enclosure reboot due to zero link speed (bsc#1251752 jsc#PED-14280).
- scsi: mpi3mr: Fix premature TM timeouts on virtual drives (bsc#1251752 jsc#PED-14280).
- scsi: mpi3mr: Update MPI headers to revision 37 (bsc#1251752 jsc#PED-14280).
- scsi: mpi3mr: Update driver version to 8.14.0.5.50 (bsc#1251752 jsc#PED-14280).
- scsi: mpi3mr: Update driver version to 8.15.0.5.50 (bsc#1251752 jsc#PED-14280).
- selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes).
- selftests/net: calibrate txtimestamp (bsc#1255085).
- selftests/net: convert fcnal-test.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert fib-onlink-tests.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert fib_nexthop_multiprefix to run it in unique namespace (bsc#1254235).
- selftests/net: convert fib_nexthop_nongw.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert fib_nexthops.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert fib_rule_tests.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert fib_tests.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert srv6_end_dt46_l3vpn_test.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert srv6_end_dt4_l3vpn_test.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert srv6_end_dt6_l3vpn_test.sh to run it in unique namespace (bsc#1254235).
- selftests/net: convert test_vxlan_vnifiltering.sh to run it in unique namespace (bsc#1255349).
- selftests/net: convert vrf_route_leaking.sh to run it in unique namespace (bsc#1255349).
- selftests/net: synchronize udpgro tests' tx and rx connection (bsc#1254235).
- selftests: Introduce Makefile variable to list shared bash scripts (bsc#1254235).
- selftests: bonding: Add net/forwarding/lib.sh to TEST_INCLUDES (bsc#1254235).
- selftests: dsa: Replace test symlinks by wrapper script (bsc#1254235).
- selftests: net: Remove executable bits from library scripts (bsc#1254235).
- selftests: net: explicitly wait for listener ready (bsc#1254235).
- selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346).
- selftests: net: include forwarding lib (bsc#1254235).
- selftests: net: included needed helper in the install targets (bsc#1254235).
- selftests: net: more strict check in net_helper (bsc#1254235).
- selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349).
- selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349).
- selftests: net: veth: test the ability to independently manipulate GRO and XDP (bsc#1255101).
- selftests: team: Add shared library scripts to TEST_INCLUDES (bsc#1254235).
- selftests: vrf_route_leaking: remove ipv6_ping_frag from default testing (bsc#1255349).
- serial: add support of CPCI cards (stable-fixes).
- serial: amba-pl011: prefer dma_mapping_error() over explicit address checking (git-fixes).
- serial: core: Fix serial device initialization (git-fixes).
- serial: core: Restore sysfs fwnode information (git-fixes).
- serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes).
- slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves (git-fixes).
- smc91x: fix broken irq-context in PREEMPT_RT (git-fixes).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- soc: amlogic: canvas: fix device leak on lookup (git-fixes).
- soc: qcom: ocmem: fix device leak on lookup (git-fixes).
- soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes).
- spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors (git-fixes).
- spi: bcm63xx: drop wrong casts in probe() (git-fixes).
- spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes).
- spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes).
- spi: imx: keep dma request disabled before dma transfer setup (stable-fixes).
- spi: tegra210-qspi: Remove cache operations (git-fixes).
- spi: tegra210-quad: Add support for internal DMA (git-fixes).
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155).
- spi: tegra210-quad: Fix timeout handling (bsc#1253155).
- spi: tegra210-quad: Fix timeout handling (git-fixes).
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155).
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes).
- spi: xilinx: increase number of retries before declaring stall (stable-fixes).
- staging: fbtft: core: fix potential memory leak in fbtft_probe_common() (git-fixes).
- staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes).
- staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser (stable-fixes).
- thunderbolt: Add support for Intel Wildcat Lake (stable-fixes).
- tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477).
- tracing: Fix access to trace_event_file (bsc#1254373).
- uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe (git-fixes).
- usb: cdns3: Fix double resource release in cdns3_pci_probe (git-fixes).
- usb: chaoskey: fix locking for O_NONBLOCK (git-fixes).
- usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes).
- usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes).
- usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes).
- usb: dwc2: fix hang during suspend if set as peripheral (git-fixes).
- usb: dwc3: Abort suspend on soft disconnect failure (git-fixes).
- usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (git-fixes).
- usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes).
- usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe (git-fixes).
- usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes).
- usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
- usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes).
- usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes).
- usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors (git-fixes).
- usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes).
- usb: ohci-nxp: Use helper function devm_clk_get_enabled() (stable-fixes).
- usb: ohci-nxp: fix device leak on probe failure (git-fixes).
- usb: phy: Initialize struct usb_phy list_head (git-fixes).
- usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes).
- usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE (git-fixes).
- usb: raw-gadget: do not limit transfer length (git-fixes).
- usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc() (git-fixes).
- usb: storage: Fix memory leak in USB bulk transport (git-fixes).
- usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes).
- usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes).
- usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes).
- usb: udc: Add trace event for usb_gadget_set_state (stable-fixes).
- usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes).
- usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
- usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes).
- usbip: Fix locking bug in RT-enabled kernels (stable-fixes).
- via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes).
- virtio_console: fix order of fields cols and rows (stable-fixes).
- watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes).
- wifi: ath10k: Add missing include of export.h (stable-fixes).
- wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes).
- wifi: ath10k: move recovery check logic into a new work (git-fixes).
- wifi: ath11k: fix peer HE MCS assignment (git-fixes).
- wifi: ath11k: restore register window after global reset (git-fixes).
- wifi: ath12k: fix potential memory leak in ath12k_wow_arp_ns_offload() (git-fixes).
- wifi: avoid kernel-infoleak from struct iw_point (git-fixes).
- wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes).
- wifi: cfg80211: sme: store capped length in __cfg80211_connect_result() (git-fixes).
- wifi: cfg80211: stop radar detection in cfg80211_leave() (stable-fixes).
- wifi: cfg80211: use cfg80211_leave() in iftype change (stable-fixes).
- wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() (git-fixes).
- wifi: ieee80211: correct FILS status codes (git-fixes).
- wifi: mac80211: do not use old MBSSID elements (git-fixes).
- wifi: mac80211: fix CMAC functions not handling errors (git-fixes).
- wifi: mac80211: restore non-chanctx injection behaviour (git-fixes).
- wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes).
- wifi: mt76: mt7925: fix CLC command timeout when suspend/resume (stable-fixes).
- wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend (stable-fixes).
- wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load (stable-fixes).
- wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes).
- wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() (git-fixes).
- wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (git-fixes).
- wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() (git-fixes).
- wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes).
- wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes).
- x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Select which microcode patch to load (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
- xhci: dbgtty: fix device unregister (git-fixes).
- xhci: fix stale flag preventig URBs after link state error is cleared (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:331-1
Released: Wed Jan 28 18:12:49 2026
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1256834,1256835,1256836,1256837,1256838,1256839,1256840,CVE-2025-68160,CVE-2025-69418,CVE-2025-69419,CVE-2025-69420,CVE-2025-69421,CVE-2026-22795,CVE-2026-22796
This update for openssl-1_1 fixes the following issues:
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
The following package changes have been done:
- libuuid1-2.40.4-150700.4.3.1 updated
- libsmartcols1-2.40.4-150700.4.3.1 updated
- libopenssl3-3.2.3-150700.5.24.1 updated
- libblkid1-2.40.4-150700.4.3.1 updated
- libopenssl-3-fips-provider-3.2.3-150700.5.24.1 updated
- libfdisk1-2.40.4-150700.4.3.1 updated
- libglib-2_0-0-2.78.6-150600.4.28.1 updated
- libmount1-2.40.4-150700.4.3.1 updated
- libcurl4-8.14.1-150700.7.11.1 updated
- util-linux-2.40.4-150700.4.3.1 updated
- openssl-3-3.2.3-150700.5.24.1 updated
- kernel-macros-6.4.0-150700.53.28.1 updated
- libopenssl1_1-1.1.1w-150700.11.11.1 updated
- kernel-devel-6.4.0-150700.53.28.1 updated
- git-core-2.51.0-150600.3.15.1 updated
- kernel-default-devel-6.4.0-150700.53.28.1 updated
- kernel-syms-6.4.0-150700.53.28.1 updated
- container:registry.suse.com-bci-bci-base-15.7-f9184822761ad484aca07587791f6b9d7abdb9a0b5cb88d5017f8891d8d8b001-0 updated
More information about the sle-container-updates
mailing list