SUSE-IU-2026:3997-1: Security update of suse/sl-micro/6.1/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat May 30 07:59:20 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3997-1
Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.132 , suse/sl-micro/6.1/base-os-container:latest
Image Release : 5.132
Severity : important
Type : security
References : 1215199 1234634 1243603 1248754 1253122 1253754 1254518 1256863
1257631 1258518 1258718 1258826 1258849 1258850 1258854 1258855
1258856 1258857 1258961 1259186 1259199 1259222 1259484 1259485
1259535 1259799 1259806 1259857 1259868 1259869 1259873 1259878
1260010 1260012 1260018 1260468 1260483 1260484 1260485 1260489
1260501 1260504 1260505 1260507 1260522 1260523 1260526 1260528
1260529 1260530 1260531 1260532 1260533 1260536 1260537 1260538
1260541 1260546 1260549 1260551 1260552 1260553 1260555 1260561
1260566 1260572 1260581 1260728 1260729 1260731 1260800 1260811
1261020 1261287 1261295 1261348 1261503 1261504 1261581 1261582
1261584 1261601 1261602 1261618 1261628 1261632 1261636 1261638
1261641 1261644 1261645 1261648 1261679 1261685 1261686 1261687
1261692 1261694 1261700 1261703 1261707 1261710 1261713 1261719
1261750 1261751 1261752 1261768 1261778 1261779 1261781 1261789
1261796 1261797 1261896 1262020 1262053 1262054 1262055 1262061
1262063 1262074 1262078 1262086 1262087 1262099 1262100 1262101
1262179 1262181 1262602 1262616 1262665 1262671 1262673 1262725
1262731 1262734 1262746 1262752 1262758 1263001 1263012 1263064
1263065 1263085 1263093 1263095 1263104 1263131 1263140 1263141
1263149 1263165 1263170 1263176 1263556 1263582 1263592 1263593
1263595 1263596 1263600 1263668 1263723 1263797 1263815 1263882
1263901 1263931 1263933 1263995 1264014 1264059 1264082 1264087
1264097 1264183 1264427 1264469 1264482 1264634 1264651 1264661
1264674 1264801 1264848 1265085 1265090 1265116 1265119 1265126
1265144 1265308 1265421 1265449 1265456 1265626 1265846 1265960
CVE-2023-2058 CVE-2025-40219 CVE-2025-71183 CVE-2025-71238 CVE-2026-23168
CVE-2026-23209 CVE-2026-23236 CVE-2026-23237 CVE-2026-23239 CVE-2026-23240
CVE-2026-23245 CVE-2026-23246 CVE-2026-23253 CVE-2026-23260 CVE-2026-23264
CVE-2026-23266 CVE-2026-23268 CVE-2026-23269 CVE-2026-23271 CVE-2026-23273
CVE-2026-23276 CVE-2026-23279 CVE-2026-23290 CVE-2026-23291 CVE-2026-23298
CVE-2026-23300 CVE-2026-23306 CVE-2026-23307 CVE-2026-23308 CVE-2026-23312
CVE-2026-23313 CVE-2026-23315 CVE-2026-23318 CVE-2026-23321 CVE-2026-23324
CVE-2026-23325 CVE-2026-23336 CVE-2026-23339 CVE-2026-23340 CVE-2026-23346
CVE-2026-23351 CVE-2026-23357 CVE-2026-23362 CVE-2026-23363 CVE-2026-23365
CVE-2026-23367 CVE-2026-23368 CVE-2026-23370 CVE-2026-23372 CVE-2026-23373
CVE-2026-23374 CVE-2026-23378 CVE-2026-23382 CVE-2026-23391 CVE-2026-23392
CVE-2026-23393 CVE-2026-23396 CVE-2026-23397 CVE-2026-23399 CVE-2026-23403
CVE-2026-23404 CVE-2026-23405 CVE-2026-23406 CVE-2026-23407 CVE-2026-23408
CVE-2026-23409 CVE-2026-23410 CVE-2026-23411 CVE-2026-23420 CVE-2026-23426
CVE-2026-23434 CVE-2026-23440 CVE-2026-23441 CVE-2026-23442 CVE-2026-23443
CVE-2026-23446 CVE-2026-23447 CVE-2026-23448 CVE-2026-23449 CVE-2026-23450
CVE-2026-23452 CVE-2026-23455 CVE-2026-23456 CVE-2026-23457 CVE-2026-23458
CVE-2026-23460 CVE-2026-23461 CVE-2026-23462 CVE-2026-23463 CVE-2026-23465
CVE-2026-23468 CVE-2026-23472 CVE-2026-23473 CVE-2026-23474 CVE-2026-23475
CVE-2026-31389 CVE-2026-31393 CVE-2026-31400 CVE-2026-31402 CVE-2026-31403
CVE-2026-31404 CVE-2026-31405 CVE-2026-31407 CVE-2026-31408 CVE-2026-31411
CVE-2026-31412 CVE-2026-31415 CVE-2026-31416 CVE-2026-31417 CVE-2026-31420
CVE-2026-31421 CVE-2026-31422 CVE-2026-31423 CVE-2026-31424 CVE-2026-31425
CVE-2026-31426 CVE-2026-31427 CVE-2026-31428 CVE-2026-31436 CVE-2026-31449
CVE-2026-31470 CVE-2026-31488 CVE-2026-31494 CVE-2026-31496 CVE-2026-31504
CVE-2026-31505 CVE-2026-31507 CVE-2026-31512 CVE-2026-31515 CVE-2026-31519
CVE-2026-31525 CVE-2026-31528 CVE-2026-31533 CVE-2026-31550 CVE-2026-31565
CVE-2026-31570 CVE-2026-31586 CVE-2026-31588 CVE-2026-31602 CVE-2026-31607
CVE-2026-31622 CVE-2026-31649 CVE-2026-31656 CVE-2026-31662 CVE-2026-31668
CVE-2026-31669 CVE-2026-31675 CVE-2026-31679 CVE-2026-31681 CVE-2026-31682
CVE-2026-31684 CVE-2026-31685 CVE-2026-31694 CVE-2026-31700 CVE-2026-31738
CVE-2026-31787 CVE-2026-43009 CVE-2026-43025 CVE-2026-43027 CVE-2026-43037
CVE-2026-43038 CVE-2026-43044 CVE-2026-43050 CVE-2026-43060 CVE-2026-43088
CVE-2026-43110 CVE-2026-43120 CVE-2026-43126 CVE-2026-43190 CVE-2026-43214
CVE-2026-43265 CVE-2026-43329 CVE-2026-43330 CVE-2026-43334 CVE-2026-43365
CVE-2026-43366 CVE-2026-43419 CVE-2026-43437 CVE-2026-43441 CVE-2026-43494
CVE-2026-43503
-----------------------------------------------------------------
The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: kernel-435
Released: Fri May 29 19:53:27 2026
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1215199,1234634,1243603,1248754,1253122,1253754,1254518,1256863,1257631,1258518,1258718,1258826,1258849,1258850,1258854,1258855,1258856,1258857,1258961,1259186,1259199,1259222,1259484,1259485,1259535,1259799,1259806,1259857,1259868,1259869,1259873,1259878,1260010,1260012,1260018,1260468,1260483,1260484,1260485,1260489,1260501,1260504,1260505,1260507,1260522,1260523,1260526,1260528,1260529,1260530,1260531,1260532,1260533,1260536,1260537,1260538,1260541,1260546,1260549,1260551,1260552,1260553,1260555,1260561,1260566,1260572,1260581,1260728,1260729,1260731,1260800,1260811,1261020,1261287,1261295,1261348,1261503,1261504,1261581,1261582,1261584,1261601,1261602,1261618,1261628,1261632,1261636,1261638,1261641,1261644,1261645,1261648,1261679,1261685,1261686,1261687,1261692,1261694,1261700,1261703,1261707,1261710,1261713,1261719,1261750,1261751,1261752,1261768,1261778,1261779,1261781,1261789,1261796,1261797,1261896,1262020,1262053,1262054,1262055,1262061,1262063,1262074,1262078,1
262086,1262087,1262099,1262100,1262101,1262179,1262181,1262602,1262616,1262665,1262671,1262673,1262725,1262731,1262734,1262746,1262752,1262758,1263001,1263012,1263064,1263065,1263085,1263093,1263095,1263104,1263131,1263140,1263141,1263149,1263165,1263170,1263176,1263556,1263582,1263592,1263593,1263595,1263596,1263600,1263668,1263723,1263797,1263815,1263882,1263901,1263931,1263933,1263995,1264014,1264059,1264082,1264087,1264097,1264183,1264427,1264469,1264482,1264634,1264651,1264661,1264674,1264801,1264848,1265085,1265090,1265116,1265119,1265126,1265144,1265308,1265421,1265449,1265456,1265626,1265846,1265960,CVE-2023-2058,CVE-2025-40219,CVE-2025-71183,CVE-2025-71238,CVE-2026-23168,CVE-2026-23209,CVE-2026-23236,CVE-2026-23237,CVE-2026-23239,CVE-2026-23240,CVE-2026-23245,CVE-2026-23246,CVE-2026-23253,CVE-2026-23260,CVE-2026-23264,CVE-2026-23266,CVE-2026-23268,CVE-2026-23269,CVE-2026-23271,CVE-2026-23273,CVE-2026-23276,CVE-2026-23279,CVE-2026-23290,CVE-2026-23291,CVE-2026-23298,CVE-2026
-23300,CVE-2026-23306,CVE-2026-23307,CVE-2026-23308,CVE-2026-23312,CVE-2026-23313,CVE-2026-23315,CVE-2026-23318,CVE-2026-23321,CVE-2026-23324,CVE-2026-23325,CVE-2026-23336,CVE-2026-23339,CVE-2026-23340,CVE-2026-23346,CVE-2026-23351,CVE-2026-23357,CVE-2026-23362,CVE-2026-23363,CVE-2026-23365,CVE-2026-23367,CVE-2026-23368,CVE-2026-23370,CVE-2026-23372,CVE-2026-23373,CVE-2026-23374,CVE-2026-23378,CVE-2026-23382,CVE-2026-23391,CVE-2026-23392,CVE-2026-23393,CVE-2026-23396,CVE-2026-23397,CVE-2026-23399,CVE-2026-23403,CVE-2026-23404,CVE-2026-23405,CVE-2026-23406,CVE-2026-23407,CVE-2026-23408,CVE-2026-23409,CVE-2026-23410,CVE-2026-23411,CVE-2026-23420,CVE-2026-23426,CVE-2026-23434,CVE-2026-23440,CVE-2026-23441,CVE-2026-23442,CVE-2026-23443,CVE-2026-23446,CVE-2026-23447,CVE-2026-23448,CVE-2026-23449,CVE-2026-23450,CVE-2026-23452,CVE-2026-23455,CVE-2026-23456,CVE-2026-23457,CVE-2026-23458,CVE-2026-23460,CVE-2026-23461,CVE-2026-23462,CVE-2026-23463,CVE-2026-23465,CVE-2026-23468,CVE-2026-23472,
CVE-2026-23473,CVE-2026-23474,CVE-2026-23475,CVE-2026-31389,CVE-2026-31393,CVE-2026-31400,CVE-2026-31402,CVE-2026-31403,CVE-2026-31404,CVE-2026-31405,CVE-2026-31407,CVE-2026-31408,CVE-2026-31411,CVE-2026-31412,CVE-2026-31415,CVE-2026-31416,CVE-2026-31417,CVE-2026-31420,CVE-2026-31421,CVE-2026-31422,CVE-2026-31423,CVE-2026-31424,CVE-2026-31425,CVE-2026-31426,CVE-2026-31427,CVE-2026-31428,CVE-2026-31436,CVE-2026-31449,CVE-2026-31470,CVE-2026-31488,CVE-2026-31494,CVE-2026-31496,CVE-2026-31504,CVE-2026-31505,CVE-2026-31507,CVE-2026-31512,CVE-2026-31515,CVE-2026-31519,CVE-2026-31525,CVE-2026-31528,CVE-2026-31533,CVE-2026-31550,CVE-2026-31565,CVE-2026-31570,CVE-2026-31586,CVE-2026-31588,CVE-2026-31602,CVE-2026-31607,CVE-2026-31622,CVE-2026-31649,CVE-2026-31656,CVE-2026-31662,CVE-2026-31668,CVE-2026-31669,CVE-2026-31675,CVE-2026-31679,CVE-2026-31681,CVE-2026-31682,CVE-2026-31684,CVE-2026-31685,CVE-2026-31694,CVE-2026-31700,CVE-2026-31738,CVE-2026-31787,CVE-2026-43009,CVE-2026-43025,CVE-202
6-43027,CVE-2026-43037,CVE-2026-43038,CVE-2026-43044,CVE-2026-43050,CVE-2026-43060,CVE-2026-43088,CVE-2026-43110,CVE-2026-43120,CVE-2026-43126,CVE-2026-43190,CVE-2026-43214,CVE-2026-43265,CVE-2026-43329,CVE-2026-43330,CVE-2026-43334,CVE-2026-43365,CVE-2026-43366,CVE-2026-43419,CVE-2026-43437,CVE-2026-43441,CVE-2026-43494,CVE-2026-43503
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 (bsc#1243603).
- CVE-2025-71183: btrfs: always detect conflicting inodes when logging inode refs (bsc#1257631).
- CVE-2026-23168: flex_proportions: make fprop_new_period() hardirq safe (bsc#1258826).
- CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).
- CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484).
- CVE-2026-23245: net/sched: act_gate: snapshot parameters with RCU on replace (bsc#1259799).
- CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018).
- CVE-2026-23276: net: move dev_xmit_recursion() helpers to net/core/dev.h (bsc#1260012).
- CVE-2026-23300: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (bsc#1260538).
- CVE-2026-23306: scsi: pm8001: Fix use-after-free in pm8001_queue_command() (bsc#1260501).
- CVE-2026-23313: i40e: Fix preempt count leak in napi poll tracepoint (bsc#1260555).
- CVE-2026-23321: mptcp: pm: in-kernel: always mark signal+subflow endp as used (bsc#1260505).
- CVE-2026-23340: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (bsc#1260523).
- CVE-2026-23346: mm/ioremap: define generic_ioremap_prot() and generic_iounmap() (bsc#1260529).
- CVE-2026-23351: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (bsc#1260526).
- CVE-2026-23368: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (bsc#1260530).
- CVE-2026-23374: blktrace: fix __this_cpu_read/write in preemptible context (bsc#1260811).
- CVE-2026-23378: net/sched: act_ife: Fix metalist update behavior (bsc#1260546).
- CVE-2026-23391: netfilter: xt_CT: drop pending enqueued packets on template removal (bsc#1260566).
- CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error (bsc#1260531).
- CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).
- CVE-2026-23397: nfnetlink_osf: validate individual option lengths in fingerprints (bsc#1260728).
- CVE-2026-23399: nf_tables: nft_dynset: fix possible stateful expression memleak in error path (bsc#1261020).
- CVE-2026-23440: net/mlx5e: Fix race condition during IPSec ESN update (bsc#1261641).
- CVE-2026-23441: net/mlx5e: Prevent concurrent access to IPSec ASO context (bsc#1261768).
- CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths (bsc#1261581).
- CVE-2026-23449: net/sched: teql: Fix double-free in teql_master_xmit (bsc#1261779).
- CVE-2026-23450: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (bsc#1261584).
- CVE-2026-23455: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (bsc#1261687).
- CVE-2026-23456: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (bsc#1261703).
- CVE-2026-23457: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (bsc#1261686).
- CVE-2026-23458: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (bsc#1261781).
- CVE-2026-23461: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (bsc#1261707).
- CVE-2026-23462: Bluetooth: HIDP: Fix possible UAF (bsc#1261710).
- CVE-2026-23468: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (bsc#1261692).
- CVE-2026-23472: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN (bsc#1261636).
- CVE-2026-23473: io_uring/poll: fix multishot recv missing EOF on wakeup race (bsc#1261694).
- CVE-2026-31400: sunrpc: fix cache_request leak in cache_release (bsc#1261645).
- CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (bsc#1261638).
- CVE-2026-31403: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd (bsc#1261796).
- CVE-2026-31404: xfs: avoid dereferencing log items after push callbacks (bsc#1261628).
- CVE-2026-31407: netfilter: conntrack: add missing netlink policy validations (bsc#1261632).
- CVE-2026-31411: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (bsc#1261752).
- CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099).
- CVE-2026-31416: netfilter: nfnetlink_log: account for netlink header size (bsc#1262100).
- CVE-2026-31420: bridge: mrp: reject zero test interval to avoid OOM panic (bsc#1262055).
- CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061).
- CVE-2026-31422: net/sched: cls_flow: fix NULL pointer dereference on shared blocks (bsc#1262054).
- CVE-2026-31423: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (bsc#1262063).
- CVE-2026-31424: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (bsc#1262053).
- CVE-2026-31425: rds: ib: reject FRMR registration before IB connection is established (bsc#1262074).
- CVE-2026-31427: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (bsc#1262086).
- CVE-2026-31428: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (bsc#1262087).
- CVE-2026-31436: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (bsc#1262602).
- CVE-2026-31449: ext4: validate p_idx bounds in ext4_ext_correct_indexes (bsc#1262616).
- CVE-2026-31470: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (bsc#1262665).
- CVE-2026-31488: drm/amd/display: Do not skip unrelated mode changes in DSC validation (bsc#1262746).
- CVE-2026-31494: net: cadence: macb: Synchronize stats calculations (bsc#1262671).
- CVE-2026-31496: netfilter: nf_conntrack_expect: skip expectations in other netns via proc (bsc#1262673).
- CVE-2026-31504: net: fix fanout UAF in packet_release() via NETDEV_UP race (bsc#1263085).
- CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263093).
- CVE-2026-31507: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (bsc#1263095).
- CVE-2026-31512: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv()
(bsc#1262734).
- CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752).
- CVE-2026-31519: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create (bsc#1263012).
- CVE-2026-31525: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN (bsc#1262725).
- CVE-2026-31528: perf: Make sure to use pmu_ctx->pmu for groups (bsc#1263001).
- CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262758).
- CVE-2026-31550: pmdomain: bcm: bcm2835-power: Increase ASB control timeout (bsc#1263104).
- CVE-2026-31565: RDMA/irdma: Fix deadlock during netdev reset with active connections (bsc#1263064).
- CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263065).
- CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263176).
- CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165).
- CVE-2026-31602: ALSA: ctxfi: Limit PTP to a single page (bsc#1263723).
- CVE-2026-31607: usbip: validate number_of_packets in usbip_pack_ret_submit() (bsc#1263600).
- CVE-2026-31622: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (bsc#1263797).
- CVE-2026-31649: net: stmmac: fix integer underflow in chain mode (bsc#1263582).
- CVE-2026-31656: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (bsc#1263170).
- CVE-2026-31662: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (bsc#1263131).
- CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140).
- CVE-2026-31669: mptcp: fix slab-use-after-free in __inet_lookup_established (bsc#1263141).
- CVE-2026-31675: net/sched: sch_netem: fix out-of-bounds access in packet corruption (bsc#1263556).
- CVE-2026-31679: openvswitch: validate MPLS set/set_masked payload length (bsc#1263592).
- CVE-2026-31681: netfilter: xt_multiport: validate range encoding in checkentry (bsc#1263593).
- CVE-2026-31682: bridge: br_nd_send: linearize skb before parsing ND options (bsc#1263595).
- CVE-2026-31684: net: sched: act_csum: validate nested VLAN headers (bsc#1263596).
- CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263668).
- CVE-2026-31694: fuse: reject oversized dirents in page cache (bsc#1263901).
- CVE-2026-31700: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (bsc#1263882).
- CVE-2026-31738: vxlan: validate ND option lengths in vxlan_na_create (bsc#1264059).
- CVE-2026-31787: xen/privcmd: fix double free via VMA splitting (bsc#1262181).
- CVE-2026-43009: bpf: Fix incorrect pruning due to atomic fetch precision tracking (bsc#1264014).
- CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1263931).
- CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1263933).
- CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995).
- CVE-2026-43038: ipv6: icmp: clear skb2->cb in ip6_err_gen_icmpv6_unreach() (bsc#1264097).
- CVE-2026-43044: crypto: caam - fix DMA corruption on long hmac keys (bsc#1264087).
- CVE-2026-43050: atm: lec: fix use-after-free in sock_def_readable() (bsc#1264082).
- CVE-2026-43060: netfilter: nft_ct: drop pending enqueued packets on removal (bsc#1264183).
- CVE-2026-43088: net: af_key: zero aligned sockaddr tail in PF_KEY exports (bsc#1264469).
- CVE-2026-43110: wifi: brcmfmac: validate bsscfg indices in IF events (bsc#1264482).
- CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr.
- CVE-2026-43126: ALSA: mixer: oss: Add card disconnect checkpoints (bsc#1264634).
- CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264848).
- CVE-2026-43214: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() (bsc#1264651).
- CVE-2026-43265: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() (bsc#1264427).
- CVE-2026-43329: netfilter: flowtable: strictly check for maximum number of actions (bsc#1265085).
- CVE-2026-43330: crypto: caam - fix overflow on long hmac keys (bsc#1264801).
- CVE-2026-43334: Bluetooth: SMP: force responder MITM requirements before building the pairing response (bsc#1265090).
- CVE-2026-43365: xfs: fix undersized l_iclog_roundoff values (bsc#1265119).
- CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265116).
- CVE-2026-43419: ceph: fix memory leaks in ceph_mdsc_build_path() (bsc#1264661).
- CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265126).
- CVE-2026-43441: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1264674).
- CVE-2026-43494: net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
- CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960).
The following non security issues were fixed:
- accel/qaic: Add overflow check to remap_pfn_range during mmap (git-fixes).
- ACPI: AGDI: fix missing newline in error message (git-fixes).
- ACPI: CPPC: Fix related_cpus inconsistency during CPU hotplug (git-fixes).
- ACPI: scan: Use acpi_dev_put() in object add error paths (git-fixes).
- ACPI: video: force native backlight on HP OMEN 16 (8A44) (stable-fixes).
- ALSA: 6fire: Fix input volume change detection (git-fixes).
- ALSA: 6fire: fix use-after-free on disconnect (git-fixes).
- ALSA: aoa: i2sbus: clear stale prepared state (git-fixes).
- ALSA: aoa: i2sbus: fix OF node lifetime handling (git-fixes).
- ALSA: aoa: Skip devices with no codecs in i2sbus_resume() (git-fixes).
- ALSA: aoa: Use guard() for mutex locks (stable-fixes).
- ALSA: asihpi: avoid write overflow check warning (stable-fixes).
- ALSA: caiaq: Don't abort when no input device is available (git-fixes).
- ALSA: caiaq: Fix control_put() result and cache rollback (git-fixes).
- ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (git-fixes).
- ALSA: caiaq: fix usb_dev refcount leak on probe failure (git-fixes).
- ALSA: caiaq: Handle probe errors properly (git-fixes).
- ALSA: caiaq: take a reference on the USB device in create_card() (git-fixes).
- ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (git-fixes).
- ALSA: core: Fix potential data race at fasync handling (git-fixes).
- ALSA: core: Serialize deferred fasync state checks (git-fixes).
- ALSA: core: Validate compress device numbers without dynamic minors (git-fixes).
- ALSA: ctxfi: Add fallback to default RSR for S/PDIF (git-fixes).
- ALSA: ctxfi: Fix missing SPDIFI1 index handling (stable-fixes).
- ALSA: ctxfi: Limit PTP to a single page (git-fixes).
- ALSA: firewire-tascam: Do not drop unread control events (git-fixes).
- ALSA: fireworks: bound device-supplied status before string array lookup (git-fixes).
- ALSA: hda/realtek - fixed speaker no sound update (git-fixes).
- ALSA: hda/realtek: Add HP ENVY Laptop 13-ba0xxx quirk (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Flow Z13-KJP GZ302EAC (stable-fixes).
- ALSA: hda/realtek: add quirk for Framework F111:000F (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14IAH10 (stable-fixes).
- ALSA: hda/realtek: fix code style (ERROR: else should follow close brace '}') (git-fixes).
- ALSA: misc: Use guard() for spin locks (stable-fixes).
- ALSA: scarlett2: Add missing sentinel initializer field (git-fixes).
- ALSA: seq: Notify client and port info changes (stable-fixes).
- ALSA: seq_oss: return full count for successful SEQ_FULLSIZE writes (stable-fixes).
- ALSA: usb-audio: apply quirk for MOONDROP JU Jiu (stable-fixes).
- ALSA: usb-audio: Avoid false E-MU sample-rate notifications (git-fixes).
- ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Evaluate packsize caps at the right place (git-fixes).
- ALSA: usb-audio: Fix Audio Advantage Micro II SPDIF switch (git-fixes).
- ALSA: usb-audio: Fix potential leak of pd at parsing UAC3 streams (git-fixes).
- ALSA: usb-audio: Fix quirk flags for NeuralDSP Quad Cortex (stable-fixes).
- ALSA: usb-audio: Fix UAC3 cluster descriptor size check (git-fixes).
- ALSA: usb-audio: midi2: Restart output URBs on resume (git-fixes).
- ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (git-fixes).
- ASoC: amd: yc: Add DMI entry for HP Laptop 15-fc0xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK BM1403CDA (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Thin A15 B7VF (stable-fixes).
- ASoC: amd: yc: Add HP OMEN Gaming Laptop 16-ap0xxx product line in quirk table (stable-fixes).
- ASoC: codecs: ab8500: Fix casting of private data (git-fixes).
- ASoC: cs35l56: Destroy workqueue in probe error path (git-fixes).
- ASoC: cs35l56: Don't use devres to unregister component (git-fixes).
- ASoC: fsl_easrc: Change the type for iec958 channel status controls (git-fixes).
- ASoC: fsl_easrc: Check the variable range in fsl_easrc_iec958_put_bits() (git-fixes).
- ASoC: fsl_easrc: fix comment typo (git-fixes).
- ASoC: fsl_easrc: Fix value type in fsl_easrc_iec958_get_bits() (git-fixes).
- ASoC: fsl_micfil: Add access property for 'VAD Detected' (git-fixes).
- ASoC: fsl_micfil: Fix event generation in hwvad_put_enable() (git-fixes).
- ASoC: fsl_micfil: Fix event generation in hwvad_put_init_mode() (git-fixes).
- ASoC: fsl_micfil: Fix event generation in micfil_put_dc_remover_state() (git-fixes).
- ASoC: fsl_micfil: Fix event generation in micfil_quality_set() (git-fixes).
- ASoC: fsl_xcvr: Fix event generation for cached controls (git-fixes).
- ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_arc_mode_put() (git-fixes).
- ASoC: fsl_xcvr: Fix event generation in fsl_xcvr_mode_put() (git-fixes).
- ASoC: Intel: bytcr_wm5102: Fix MCLK leak on platform_clock_control error (git-fixes).
- ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens (git-fixes).
- ASoC: qcom: q6apm: move component registration to unmanaged version (git-fixes).
- ASoC: qcom: q6apm: remove child devices when apm is removed (git-fixes).
- ASoC: qcom: qdsp6: topology: check widget type before accessing data (git-fixes).
- ASoC: soc-core: call missing INIT_LIST_HEAD() for card_aux_list (stable-fixes).
- ASoC: SOF: compress: return the configured codec from get_params (git-fixes).
- ASoC: SOF: Don't allow pointer operations on unconfigured streams (git-fixes).
- ASoC: SOF: Intel: hda: Place check before dereference (git-fixes).
- ASoC: SOF: topology: reject invalid vendor array size in token parser (stable-fixes).
- ASoC: sti: Return errors from regmap_field_alloc() (git-fixes).
- ASoC: sti: use managed regmap_field allocations (git-fixes).
- ASoC: stm32_sai: fix incorrect BCLK polarity for DSP_A/B, LEFT_J (stable-fixes).
- ata: ahci: force 32-bit DMA for JMicron JMB582/JMB585 (stable-fixes).
- batman-adv: bla: only purge non-released claims (git-fixes).
- batman-adv: bla: prevent use-after-free when deleting claims (git-fixes).
- batman-adv: bla: put backbone reference on failed claim hash insert (git-fixes).
- batman-adv: fix integer overflow on buff_pos (git-fixes).
- batman-adv: hold claim backbone gateways by reference (git-fixes).
- batman-adv: reject new tp_meter sessions during teardown (git-fixes).
- batman-adv: reject oversized global TT response buffers (git-fixes).
- batman-adv: stop caching unowned originator pointers in BAT IV (git-fixes).
- Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (git-fixes).
- Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (git-fixes).
- Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt (git-fixes).
- Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (git-fixes).
- Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error (git-fixes).
- Bluetooth: HIDP: serialise l2cap_unregister_user via hidp_session_sem (git-fixes).
- Bluetooth: ISO: Fix data-race on dst in iso_sock_connect() (git-fixes).
- Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (git-fixes).
- Bluetooth: l2cap: fix MPS check in l2cap_ecred_reconf_req (git-fixes).
- Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (git-fixes).
- Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() (git-fixes).
- Bluetooth: L2CAP: Fix printing wrong information if SDU length exceeds MTU (git-fixes).
- Bluetooth: RFCOMM: pull credit byte with skb_pull_data() (git-fixes).
- Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec (git-fixes).
- Bluetooth: SCO: fix sleeping under spinlock in sco_conn_ready (git-fixes).
- Bluetooth: SCO: hold sk properly in sco_conn_ready (git-fixes).
- Bluetooth: virtio_bt: clamp rx length before skb_put (git-fixes).
- Bluetooth: virtio_bt: validate rx pkt_type header length (git-fixes).
- btrfs: do not skip logging new dentries when logging a new name (git-fixes).
- btrfs: reject root items with drop_progress and zero drop_level (git-fixes).
- btrfs: replace BUG() with error handling in __btrfs_balance() (git-fixes).
- can: mcp251x: add error handling for power enable in open and resume (stable-fixes).
- can: raw: fix ro->uniq use-after-free in raw_rcv() (git-fixes).
- can: ucan: fix devres lifetime (git-fixes).
- cdc-acm: new quirk for EPSON HMD (stable-fixes).
- check-for-config-changes: Exclude CC_MS_EXTENSIONS.
- check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}.
- checkpatch: add support for Assisted-by tag (stable-fixes).
- comedi: dt2815: add hardware detection to prevent crash (stable-fixes).
- crypto: algif_aead - Fix minimum RX size check for decryption (git-fixes).
- crypto: arm64/aes - Fix 32-bit aes_mac_update() arg treated as 64-bit (git-fixes).
- crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup (git-fixes).
- crypto: atmel-ecc - Release client on allocation failure (git-fixes).
- crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path (git-fixes).
- crypto: atmel-tdes - fix DMA sync direction (git-fixes).
- crypto: authencesn - reject short ahash digests during instance creation (git-fixes).
- crypto: ccp - copy IV using skcipher ivsize (git-fixes).
- crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (git-fixes).
- crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (git-fixes).
- crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (git-fixes).
- crypto: ccree - fix a memory leak in cc_mac_digest() (git-fixes).
- crypto: hisilicon - Fix dma_unmap_single() direction (git-fixes).
- crypto: jitterentropy - replace long-held spinlock with mutex (git-fixes).
- crypto: pcrypt - Fix handling of MAY_BACKLOG requests (git-fixes).
- crypto: qat - fix type mismatch in RAS sysfs show functions (git-fixes).
- crypto: qat - use swab32 macro (git-fixes).
- crypto: sa2ul - Fix AEAD fallback algorithm names (git-fixes).
- crypto: simd - reject compat registrations without __ prefixes (git-fixes).
- crypto: talitos - fix SEC1 32k ahash request limitation (git-fixes).
- crypto: testmgr - Hide ENOENT errors (stable-fixes).
- crypto: testmgr - Hide ENOENT errors better (git-fixes).
- devres: fix missing node debug info in devm_krealloc() (git-fixes).
- dm init: ensure device probing has finished in dm-mod.waitfor= (git-fixes).
- dmaengine: dw-axi-dmac: Remove unnecessary return statement from void function (git-fixes).
- dmaengine: mxs-dma: Fix missing return value from of_dma_controller_register() (git-fixes).
- drm/amd/display: Add NULL check for integrated_info in clk_mgr_construct (git-fixes).
- drm/amd/display: Allow DCE link encoder without AUX registers (git-fixes).
- drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths (git-fixes).
- drm/amd/display: Disable 10-bit truncation and dithering on DCE 6.x (git-fixes).
- drm/amd/display: Read EDID from VBIOS embedded panel info (git-fixes).
- drm/amd/pm/ci: Clear EnabledForActivity field for memory levels (git-fixes).
- drm/amd/pm/ci: Disable MCLK DPM on problematic CI ASICs (git-fixes).
- drm/amd/pm/ci: Fill DW8 fields from SMC (git-fixes).
- drm/amd/pm/ci: Fix powertune defaults for Hawaii 0x67B0 (git-fixes).
- drm/amd/pm/ci: Use highest MCLK on CI when MCLK DPM is disabled (git-fixes).
- drm/amd/pm/smu7: Add SCLK cap for quirky Hawaii board (git-fixes).
- drm/amd/pm/smu7: Fix SMU7 voltage dependency on display clock (git-fixes).
- drm/amdgpu/gfx6: Support harvested SI chips with disabled TCCs (v2) (git-fixes).
- drm/amdgpu/gfx9: drop unnecessary 64-bit fence flag check in KIQ (stable-fixes).
- drm/amdgpu/gfx10: look at the right prop for gfx queue priority (git-fixes).
- drm/amdgpu/gmc: Fix AMDGPU_GART_PLACEMENT_LOW to not overlap with VRAM (git-fixes).
- drm/amdgpu/jpeg: set no_user_fence for JPEG v2.0 ring (git-fixes).
- drm/amdgpu/jpeg: set no_user_fence for JPEG v2.5 ring (git-fixes).
- drm/amdgpu/jpeg: set no_user_fence for JPEG v3.0 ring (git-fixes).
- drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0 ring (git-fixes).
- drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.3 ring (git-fixes).
- drm/amdgpu/jpeg: set no_user_fence for JPEG v4.0.5 ring (git-fixes).
- drm/amdgpu/pm: add missing revision check for CI (git-fixes).
- drm/amdgpu/pm: align Hawaii mclk workaround with radeon (git-fixes).
- drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission (git-fixes).
- drm/amdgpu/vce: Prevent partial address patches (stable-fixes).
- drm/amdgpu/vcn3: Avoid overflow on msg bound check (git-fixes).
- drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg (stable-fixes).
- drm/amdgpu/vcn4: Avoid overflow on msg bound check (git-fixes).
- drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg (stable-fixes).
- drm/amdgpu/vcn4: Prevent OOB reads when parsing IB (stable-fixes).
- drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings (git-fixes).
- drm/amdgpu/vcn: set no_user_fence for VCN v2.5 enc/dec rings (git-fixes).
- drm/amdgpu/vcn: set no_user_fence for VCN v3.0 enc/dec rings (git-fixes).
- drm/amdgpu/vcn: set no_user_fence for VCN v4.0 enc ring (git-fixes).
- drm/amdgpu/vcn: set no_user_fence for VCN v4.0.3 enc ring (git-fixes).
- drm/amdgpu/vcn: set no_user_fence for VCN v4.0.5 enc ring (git-fixes).
- drm/amdgpu: Add bounds checking to ib_{get,set}_value (stable-fixes).
- drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG (git-fixes).
- drm/amdgpu: fix zero-size GDS range init on RDNA4 (stable-fixes).
- drm/amdgpu: zero-initialize GART table on allocation (stable-fixes).
- drm/amdkfd: Add upper bound check for num_of_nodes (stable-fixes).
- drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (stable-fixes).
- drm/amdkfd: validate SVM ioctl nattr against buffer size (stable-fixes).
- drm/arcpgu: fix device node leak (git-fixes).
- drm/bridge: cadence: cdns-mhdp8546-core: Add mode_valid hook to drm_bridge_funcs (git-fixes).
- drm/bridge: cadence: cdns-mhdp8546-core: Handle HDCP state in bridge atomic check (git-fixes).
- drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable() (git-fixes).
- drm/etnaviv: Fix armed job not being pushed to the DRM scheduler (git-fixes).
- drm/fb-helper: Fix clipping when damage area spans a single scanline (git-fixes).
- drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (git-fixes).
- drm/gma500/oaktrail_hdmi: fix i2c adapter leak on setup (git-fixes).
- drm/gma500/oaktrail_lvds: fix hang on init failure (git-fixes).
- drm/gma500/oaktrail_lvds: fix i2c adapter leaks on init (git-fixes).
- drm/i915/dp: Fix VSC dynamic range signaling for RGB formats (git-fixes).
- drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (git-fixes).
- drm/i915/wm: Verify the correct plane DDB entry (git-fixes).
- drm/i915: skip __i915_request_skip() for already signaled requests (git-fixes).
- drm/komeda: fix integer overflow in AFBC framebuffer size check (git-fixes).
- drm/msm/a6xx: Fix dumping A650+ debugbus blocks (git-fixes).
- drm/msm/a6xx: Fix HLSQ register dumping (git-fixes).
- drm/msm/a6xx: Use barriers while updating HFI Q headers (git-fixes).
- drm/msm/dpu: fix mismatch between power and frequency (git-fixes).
- drm/msm/dsi: add the missing parameter description (git-fixes).
- drm/msm/dsi: fix bits_per_pclk (git-fixes).
- drm/msm/dsi: fix hdisplay calculation for CMD mode panel (git-fixes).
- drm/msm/dsi: rename MSM8998 DSI version from V2_2_0 to V2_0_0 (git-fixes).
- drm/msm/shrinker: Fix can_block() logic (git-fixes).
- drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (git-fixes).
- drm/panel: sharp-ls043t1le01: make use of prepare_prev_first (git-fixes).
- drm/panel: simple: Correct G190EAN01 prepare timing (git-fixes).
- drm/panfrost: Fix wait_bo ioctl leaking positive return from dma_resv_wait_timeout() (git-fixes).
- drm/radeon: add missing revision check for CI (git-fixes).
- drm/sun4i: backend: fix error pointer dereference (git-fixes).
- drm/sun4i: Fix resource leaks (git-fixes).
- drm/vc4: Fix a memory leak in hang state error path (git-fixes).
- drm/vc4: Fix memory leak of BO array in hang state (git-fixes).
- drm/vc4: platform_get_irq_byname() returns an int (stable-fixes).
- drm/vc4: Protect madv read in vc4_gem_object_mmap() with madv_lock (git-fixes).
- drm/vc4: Release runtime PM reference after binding V3D (git-fixes).
- drm/vram: remove DRM_VRAM_MM_FILE_OPERATIONS from docs (git-fixes).
- dt-bindings: net: Fix Tegra234 MGBE PTP clock (git-fixes).
- efi/capsule-loader: fix incorrect sizeof in phys array reallocation (git-fixes).
- efi: pstore: Drop efivar lock when efi_pstore_open() returns with an error (git-fixes).
- ext4: fix fsync(2) for nojournal mode (git-fixes).
- ext4: make recently_deleted() properly work with lazy itable initialization (git-fixes).
- ext4: reject mount if bigalloc with s_first_data_block != 0 (git-fixes).
- extcon: ptn5150: handle pending IRQ events during system resume (git-fixes).
- fbdev: matroxfb: Mark variable with __maybe_unused to avoid W=1 build break (git-fixes).
- fbdev: offb: fix PCI device reference leak on probe failure (git-fixes).
- fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (stable-fixes).
- fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free (stable-fixes).
- fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO (git-fixes).
- firmware: dmi: Correct an indexing error in dmi.h (git-fixes).
- gpio: tegra: fix irq_release_resources calling enable instead of disable (git-fixes).
- gtp: disable BH before calling udp_tunnel_xmit_skb() (git-fixes).
- HID: alps: fix NULL pointer dereference in alps_raw_event() (git-fixes).
- HID: asus: do not abort probe when not necessary (git-fixes).
- HID: asus: make asus_resume adhere to linux kernel coding standards (git-fixes).
- HID: core: clamp report_size in s32ton() to avoid undefined shift (stable-fixes).
- HID: multitouch: Check to ensure report responses match the request (stable-fixes).
- HID: playstation: Clamp num_touch_reports (git-fixes).
- HID: quirks: add HID_QUIRK_ALWAYS_POLL for 8BitDo Pro 3 (stable-fixes).
- HID: roccat: fix use-after-free in roccat_report_event (stable-fixes).
- HID: usbhid: fix deadlock in hid_post_reset() (git-fixes).
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (stable-fixes).
- hv_sock: fix ARM64 support (git-fixes).
- hwmon: (ads7871) Fix endianness bug in 16-bit register reads (git-fixes).
- hwmon: (corsair-psu) Close HID device on probe errors (git-fixes).
- hwmon: (lm63) Add locking to avoid TOCTOU (git-fixes).
- hwmon: (ltc2992) Clamp threshold writes to hardware range (git-fixes).
- hwmon: (ltc2992) Fix u32 overflow in power read path (git-fixes).
- i2c: s3c24xx: check the size of the SMBUS message before using it (stable-fixes).
- i2c: smbus: reject oversized block transfers in the common path (git-fixes).
- i2c: stm32f7: reinit_completion() per transfer not per msg (git-fixes).
- i2c: stub: Reject I2C block transfers with invalid length (git-fixes).
- i3c: master: Fix error codes at send_ccc_cmd (git-fixes).
- i3c: mipi-i3c-hci: fix IBI payload length calculation for final status (git-fixes).
- ibmveth: Disable GSO for packets with small MSS (bsc#1265144).
- ice: set max queues in alloc_etherdev_mqs() (git-fixes).
- iio: adc: ad7768-1: fix one-shot mode data acquisition (git-fixes).
- iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() (git-fixes).
- iio: adc: ti-ads7950: use iio_push_to_buffers_with_ts_unaligned() (git-fixes).
- Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: uinput - fix circular locking dependency with ff-core (git-fixes).
- Input: uinput - take event lock when submitting FF request 'event' (stable-fixes).
- Input: xpad - add support for BETOP BTP-KP50B/C controller's wireless mode (stable-fixes).
- Input: xpad - add support for Razer Wolverine V3 Pro (stable-fixes).
- ipmi: Add limits to event and receive message requests (git-fixes).
- ipmi: Check event message buffer response for bad data (git-fixes).
- ipmi: ssif_bmc: change log level to dbg in irq callback (git-fixes).
- ipmi: ssif_bmc: fix message desynchronization after truncated response (git-fixes).
- ipmi: ssif_bmc: fix missing check for copy_to_user() partial failure (git-fixes).
- irqchip/irq-pic32-evic: Address warning related to wrong printf() formatter (git-fixes).
- kdump, documentation: describe craskernel CMA reservation (jsc#PED-7249).
- KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (git-fixes).
- KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN (git-fixes).
- KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN (git-fixes).
- KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (bsc#1253122).
- KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls (git-fixes).
- KVM: x86: check for nEPT/nNPT in slow flush hypercalls (git-fixes).
- KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (git-fixes).
- KVM: x86: hyper-v: Validate all GVAs during PV TLB flush (git-fixes).
- KVM: x86: Ignore cpuid faulting in SMM (git-fixes).
- leds: lgm-sso: Remove duplicate assignments for priv->mmap (git-fixes).
- lib/hexdump: print_hex_dump_bytes() calls print_hex_dump_debug() (git-fixes).
- media: amphion: Fix race between m2m job_abort and device_run (git-fixes).
- media: as102: fix to not free memory after the device is registered in as102_usb_probe() (git-fixes).
- media: dib8000: avoid division by 0 in dib8000_set_dds() (git-fixes).
- media: em28xx: fix use-after-free in em28xx_v4l2_open() (git-fixes).
- media: hackrf: fix to not free memory after the device is registered in hackrf_probe() (git-fixes).
- media: i2c: imx219: Check return value of devm_gpiod_get_optional() in imx219_probe() (git-fixes).
- media: i2c: imx412: Assert reset GPIO during probe (git-fixes).
- media: i2c: ov08d10: fix image vertical start setting (git-fixes).
- media: i2c: ov8856: free control handler on error in ov8856_init_controls() (git-fixes).
- media: mtk-jpeg: fix use-after-free in release path due to uncancelled work (git-fixes).
- media: omap3isp: drop the use count of v4l2 pipeline (git-fixes).
- media: pci: zoran: fix potential memory leak in zoran_probe() (git-fixes).
- media: rc: streamzap: Error handling in probe (git-fixes).
- media: rc: xbox_remote: heed DMA restrictions (git-fixes).
- media: saa7164: add ioremap return checks and cleanups (git-fixes).
- media: staging: imx: configure src_mux in csi_start (git-fixes).
- media: staging: imx: request mbus_config in csi_start (git-fixes).
- media: uvcvideo: Enable VB2_DMABUF for metadata stream (git-fixes).
- media: videobuf2: Set vma_flags in vb2_dma_sg_mmap (git-fixes).
- media: vidtv: fix nfeeds state corruption on start_streaming failure (git-fixes).
- media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections (git-fixes).
- media: vidtv: fix pass-by-value structs causing MSAN warnings (git-fixes).
- memory: tegra30-emc: Fix dll_change check (git-fixes).
- memory: tegra124-emc: Fix dll_change check (git-fixes).
- mfd: mc13xxx-core: Fix memory leak in mc13xxx_add_subdevice_pdata() (git-fixes).
- mkspec: Add signature to source list only when it exists.
- mmc: sdhci-of-dwcmshc: Disable clock before DLL configuration (git-fixes).
- mmc: vub300: fix NULL-deref on disconnect (git-fixes).
- modpost: Amend ppc64 save/restfpr symnames for -Os build (bsc#1215199).
- mtd: docg3: Convert to platform remove callback returning void (stable-fixes).
- mtd: docg3: fix use-after-free in docg3_release() (git-fixes).
- mtd: parsers: ofpart: call of_node_get() for dedicated subpartitions (git-fixes).
- mtd: parsers: ofpart: call of_node_put() only in ofpart_fail path (git-fixes).
- mtd: physmap_of_gemini: Fix disabled pinctrl state check (git-fixes).
- mtd: rawnand: sunxi: fix sunxi_nfc_hw_ecc_read_extra_oob (git-fixes).
- mtd: spi-nor: core: correct the op.dummy.nbytes when check read operations (git-fixes).
- mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` (stable-fixes).
- mtd: spi-nor: sst: Fix SST write failure (git-fixes).
- mtd: spi-nor: sst: Fix write enable before AAI sequence (git-fixes).
- mtd: spi-nor: swp: check SR_TB flag when getting tb_mask (git-fixes).
- net/rds: reset op_nents when zerocopy page pin fails (bsc#1265626).
- net/sched: cls_fw: fix NULL dereference of 'old' filters before change() (git-fixes).
- net/sched: fix pedit partial COW leading to page cache corruption (bsc#1265421).
- net: gro: don't merge zcopy skbs (git-fixes).
- net: mana: Add MAC address to vPort logs and clarify error messages (git-fixes).
- net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes).
- net: mana: Don't overwrite port probe error with add_adev result (git-fixes).
- net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846).
- net: mana: Fix EQ leak in mana_remove on NULL port (git-fixes).
- net: mana: Fix RX skb truesize accounting (bsc#1248754).
- net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes).
- net: mana: Guard mana_remove against double invocation (git-fixes).
- net: mana: hardening: Validate adapter_mtu from MANA_QUERY_DEV_CONFIG (git-fixes).
- net: mana: hardening: Validate doorbell ID from GDMA_REGISTER_DEVICE response (git-fixes).
- net: mana: Init gf_stats_work before potential error paths in probe (git-fixes).
- net: mana: Init link_change_work before potential error paths in probe (git-fixes).
- net: mana: remove double CQ cleanup in mana_create_rxq error path (git-fixes).
- net: mana: Set default number of queues to 16 (bsc#1261648).
- net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes).
- net: mana: Use at least SZ_4K in doorbell ID range check (git-fixes).
- net: mana: Use pci_name() for debugfs directory naming (git-fixes).
- net: phy: dp83869: fix setting CLK_O_SEL field (git-fixes).
- net: stmmac: Fix PTP ref clock for Tegra234 (git-fixes).
- net: usb: asix: ax88772: re-add usbnet_link_change() in phylink callbacks (git-fixes).
- net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() (git-fixes).
- net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit() (git-fixes).
- net: usb: rtl8150: free skb on usb_submit_urb() failure in xmit (git-fixes).
- net: wan: fsl_ucc_hdlc: fix ucc_hdlc_remove (git-fixes).
- net: wan: fsl_ucc_hdlc: fix uhdlc_memclean (git-fixes).
- net: wan: fsl_ucc_hdlc: free tx_skbuff in uhdlc_memclean (git-fixes).
- NFC: digital: Bounds check NFC-A cascade depth in SDD response handler (git-fixes).
- nfc: llcp: add missing return after LLCP_CLOSED checks (git-fixes).
- nfc: pn533: allocate rx skb before consuming bytes (git-fixes).
- nfc: s3fwrn5: allocate rx skb before consuming bytes (git-fixes).
- NFC: trf7970a: Ignore antenna noise when checking for RF field (git-fixes).
- nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers (git-fixes).
- ocfs2: fix possible deadlock between unlink and dio_end_io_write (bsc#1258718).
- ocfs2: split transactions in dio completion to avoid credit exhaustion (bsc#1258718).
- PCI/AER: Clear only error bits in PCIe Device Status (git-fixes).
- PCI/AER: Stop ruling out unbound devices as error source (git-fixes).
- PCI: dwc: Apply ECRC workaround to DesignWare 5.00a as well (git-fixes).
- PCI: Enable AtomicOps only if Root Port supports them (git-fixes).
- PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown (git-fixes).
- PCI: hv: Set default NUMA node to 0 for devices without affinity info (git-fixes).
- PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found (git-fixes).
- PCI: tegra194: Allow system suspend when the Endpoint link is not up (git-fixes).
- PCI: tegra194: Disable direct speed change for Endpoint mode (git-fixes).
- PCI: tegra194: Disable LTSSM after transition to Detect on surprise link down (git-fixes).
- PCI: tegra194: Disable PERST# IRQ only in Endpoint mode (git-fixes).
- PCI: tegra194: Fix polling delay for L2 state (git-fixes).
- PCI: tegra194: Increase LTSSM poll time on surprise link down (git-fixes).
- PCI: tegra194: Set LTR message request before PCIe link up in Endpoint mode (git-fixes).
- PCI: tegra194: Use devm_gpiod_get_optional() to parse 'nvidia,refclk-select' (git-fixes).
- PCI: tegra194: Use DWC IP core version (git-fixes).
- pinctrl: abx500: Fix type of 'argument' variable (git-fixes).
- pinctrl: Fix spelling problem (git-fixes).
- pinctrl: intel: Fix the revision for new features (1kOhm PD, HW debouncer) (stable-fixes).
- pinctrl: pic32: change all cases of bare 'unsigned' to 'unsigned int' (git-fixes).
- pinctrl: pic32: use consistent spacing around '+' (git-fixes).
- pinctrl: pinctrl-pic32: Fix resource leak (git-fixes).
- platform/chrome: chromeos_tbmc: Drop wakeup source on remove (git-fixes).
- platform/surface: surfacepro3_button: Drop wakeup source on remove (git-fixes).
- platform/x86/amd: pmc: Add Thinkpad L14 Gen3 to quirk_s2idle_bug (stable-fixes).
- platform/x86: dell-wmi-sysman: bound enumeration string aggregation (git-fixes).
- platform/x86: dell_rbu: avoid uninit value usage in packet_size_write() (git-fixes).
- platform/x86: hp-wmi: Ignore backlight and FnLock events (stable-fixes).
- platform/x86: panasonic-laptop: Fix OPTD notifier registration and cleanup (git-fixes).
- power: supply: axp288_charger: Do not cancel work before initializing it (git-fixes).
- power: supply: max17042: avoid overflow when determining health (git-fixes).
- powerpc/crash: fix backup region offset update to elfcorehdr (bsc#1259535).
- RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Validate rx_hash_key_len (git-fixes).
- RDMA/mana_ib: cleanup the usage of mana_gd_send_request() (git-fixes).
- RDMA/mana_ib: Disable RX steering on RSS QP destroy (git-fixes).
- RDMA/mana_ib: Support memory windows (git-fixes).
- regulator: act8945a: fix OF node reference imbalance (git-fixes).
- regulator: bd9571mwv: fix OF node reference imbalance (git-fixes).
- regulator: max77650: fix OF node reference imbalance (git-fixes).
- regulator: mt6357: fix OF node reference imbalance (git-fixes).
- remoteproc: xlnx: Only access buffer information if IPI is buffered (git-fixes).
- Revert 'ALSA: usb: Increase volume range that triggers a warning' (git-fixes).
- rtc: abx80x: Disable alarm feature if no interrupt attached (git-fixes).
- rtc: ntxec: fix OF node reference imbalance (git-fixes).
- sched/balancing: Switch the 'DEFINE_SPINLOCK(balancing)' spinlock into an 'atomic_t sched_balance_running' flag
(bsc#1253754).
- sched/fair: Change likelyhood of nohz.nr_cpus (bsc#1234634 bsc#1258961).
- sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1253754).
- sched/fair: Move checking for nohz cpus after time check (bsc#1234634 bsc#1258961).
- sched/fair: Remove nohz.nr_cpus and use weight of cpumask instead (bsc#1234634 bsc#1258961).
- sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1253754).
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (git-fixes).
- scsi: target: iscsi: validate CHAP_R length before base64 decode (bsc#1265449).
- soc/tegra: cbb: Set ERD on resume for err interrupt (git-fixes).
- soc: qcom: aoss: compare against normalized cooling state (git-fixes).
- soc: qcom: llcc: fix v1 SB syndrome register offset (git-fixes).
- sound: ua101: fix division by zero at probe (git-fixes).
- soundwire: bus: demote UNATTACHED state warnings to dev_dbg() (git-fixes).
- soundwire: cadence: Clear message complete before signaling waiting thread (git-fixes).
- spi: at91-usart: fix controller deregistration (git-fixes).
- spi: atmel: fix controller deregistration (git-fixes).
- spi: cadence: fix controller deregistration (git-fixes).
- spi: fix controller cleanup() documentation (git-fixes).
- spi: fix misleading controller deregistration kernel-doc (git-fixes).
- spi: fix misleading controller registration kernel-doc (git-fixes).
- spi: fsl-qspi: Use reinit_completion() for repeated operations (git-fixes).
- spi: hisi-kunpeng: prevent infinite while() loop in hisi_spi_flush_fifo (git-fixes).
- spi: imx: fix runtime pm leak on probe deferral (git-fixes).
- spi: imx: fix use-after-free on unbind (git-fixes).
- spi: microchip-core-qspi: fix controller deregistration (git-fixes).
- spi: microchip-core-qspi: Use helper function devm_clk_get_enabled() (stable-fixes).
- spi: mpc52xx: fix use-after-free on unbind (git-fixes).
- spi: mtk-nor: fix controller deregistration (git-fixes).
- spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback (git-fixes).
- spi: omap2-mcspi: fix controller deregistration (git-fixes).
- spi: orion: fix clock imbalance on registration failure (git-fixes).
- spi: orion: fix runtime pm leak on unbind (git-fixes).
- spi: rockchip: fix controller deregistration (git-fixes).
- spi: rspi: fix controller deregistration (git-fixes).
- spi: sh-hspi: fix controller deregistration (git-fixes).
- spi: spi-ti-qspi: Convert to platform remove callback returning void (stable-fixes).
- spi: sprd: fix controller deregistration (git-fixes).
- spi: sun4i: fix controller deregistration (git-fixes).
- spi: sun4i: switch to use modern name (stable-fixes).
- spi: syncuacer: fix controller deregistration (git-fixes).
- spi: synquacer: switch to use modern name (stable-fixes).
- spi: uniphier: fix controller deregistration (git-fixes).
- spi: uniphier: Simplify clock handling with devm_clk_get_enabled() (stable-fixes).
- spi: uniphier: switch to use modern name (stable-fixes).
- spi: zynq-qspi: switch to use modern name (stable-fixes).
- spi: zynqmp-gqspi: fix controller deregistration (git-fixes).
- staging: media: atomisp: Disallow all private IOCTLs (git-fixes).
- staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() (git-fixes).
- staging: sm750fb: fix division by zero in ps_to_hz() (git-fixes).
- staging: vme_user: added bound check to geoid (stable-fixes).
- staging: vme_user: fix root device leak on init failure (git-fixes).
- thermal/drivers/spear: Fix error condition for reading st,thermal-flags (git-fixes).
- thermal/drivers/sprd: Fix raw temperature clamping in sprd_thm_rawdata_to_temp (git-fixes).
- thermal/drivers/sprd: Fix temperature clamping in sprd_thm_temp_to_rawdata (git-fixes).
- tpm: avoid -Wunused-but-set-variable (git-fixes).
- tpm: tpm_tis: add error logging for data transfer (git-fixes).
- tpm: tpm_tis: stop transmit if retries are exhausted (git-fixes).
- tty: tty_io: update timestamps on all device nodes (bsc#1262020).
- USB: cdc-acm: Add quirks for Yoga Book 9 14IAH10 INGENIC touchscreen (stable-fixes).
- usb: chipidea: core: allow ci_irq_handler() handle both ID and VBUS change (git-fixes).
- usb: chipidea: otg: not wait vbus drop if use role_switch (git-fixes).
- USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (stable-fixes).
- usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (stable-fixes).
- usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() (git-fixes).
- usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() (stable-fixes).
- usb: gadget: f_uac1_legacy: validate control request size (stable-fixes).
- usb: gadget: renesas_usb3: validate endpoint index in standard request handlers (git-fixes).
- USB: omap_udc: DMA: Don't enable burst 4 mode (git-fixes).
- usb: port: add delay after usb_hub_set_port_power() (git-fixes).
- usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (stable-fixes).
- USB: serial: io_edgeport: add support for Blackbox IC135A (stable-fixes).
- USB: serial: option: add MeiG Smart SRM825WN (stable-fixes).
- USB: serial: option: add support for Rolling Wireless RW135R-GL (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990A MBIM composition (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910Cx compositions (stable-fixes).
- usb: storage: Expand range of matched versions for VL817 quirks entry (stable-fixes).
- usb: ulpi: fix memory leak on ulpi_register() error paths (git-fixes).
- usb: usblp: fix heap leak in IEEE 1284 device ID via short response (stable-fixes).
- usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl (stable-fixes).
- usb: xhci: Make usb_host_endpoint.hcpriv survive endpoint_disable() (git-fixes).
- usbip: validate number_of_packets in usbip_pack_ret_submit() (git-fixes).
- virt: tdx-guest: Fix handling of host controlled 'quote' buffer length (git-fixes).
- virt: tdx-guest: Return error for GetQuote failures (git-fixes).
- wifi: ath5k: do not access array OOB (git-fixes).
- wifi: ath9k: Fix typo (git-fixes).
- wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes).
- wifi: ath11k: skip status ring entry processing (stable-fixes).
- wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes).
- wifi: b43: enforce bounds check on firmware key index in b43_rx() (git-fixes).
- wifi: b43legacy: enforce bounds check on firmware key index in RX path (git-fixes).
- wifi: brcmfmac: Fix error pointer dereference (git-fixes).
- wifi: brcmfmac: validate bsscfg indices in IF events (stable-fixes).
- wifi: brcmsmac: Fix dma_free_coherent() size (git-fixes).
- wifi: cw1200: Revert 'Fix locking in error paths' (git-fixes).
- wifi: libertas: notify firmware load wait on disconnect (git-fixes).
- wifi: mac80211: check ieee80211_rx_data_set_link return in pubsta MLO path (git-fixes).
- wifi: mac80211: drop stray 'static' from fast-RX rx_result (git-fixes).
- wifi: mac80211: remove station if connection prep fails (git-fixes).
- wifi: mt76: mt792x: describe USB WFSYS reset with a descriptor (stable-fixes).
- wifi: mt76: mt792x: fix mt7925u USB WFSYS reset handling (git-fixes).
- wifi: mt76: mt7615: fix use_cts_prot support (git-fixes).
- wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work() (git-fixes).
- wifi: mt76: mt7915: fix use_cts_prot support (git-fixes).
- wifi: mt76: mt7921: fix a potential clc buffer length underflow (git-fixes).
- wifi: mt76: mt7921: fix ROC abort flow interruption in mt7921_roc_work (git-fixes).
- wifi: mt76: mt7921: Reset ampdu_state state in case of failure in mt76_connac2_tx_check_aggr() (git-fixes).
- wifi: mt76: mt7925: fix incorrect length field in txpower command (git-fixes).
- wifi: mt76: mt7996: fix FCS error flag check in RX descriptor (git-fixes).
- wifi: mt76: mt7996: fix struct mt7996_mcu_uni_event (git-fixes).
- wifi: mwifiex: Fix memory leak in mwifiex_11n_aggregate_pkt() (git-fixes).
- wifi: nl80211: fix NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST usage (git-fixes).
- wifi: nl80211: require admin perm on SET_PMK / DEL_PMK (git-fixes).
- wifi: rsi: fix kthread lifetime race between self-exit and external-stop (git-fixes).
- wifi: rt2x00usb: fix devres lifetime (git-fixes).
- wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet (git-fixes).
- wifi: rtw88: check for PCI upstream bridge existence (git-fixes).
- wifi: rtw88: fix device leak on probe failure (git-fixes).
- wifi: rtw89: phy: fix uninitialized variable access in rtw89_phy_cfo_set_crystal_cap() (git-fixes).
- wifi: wl1251: validate packet IDs before indexing tx_frames (stable-fixes).
- workqueue: Break up enum definitions and give names to the types (bsc#1260522).
- workqueue: Clean up enum work_bits and related constants (bsc#1260522).
- workqueue: Factor out work_grab_pending() from __cancel_work_sync() (bsc#1260522).
- workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() (bsc#1260522).
- workqueue: Implement disable/enable for (delayed) work items (bsc#1260522).
- workqueue: Introduce work_cancel_flags (bsc#1260522).
- workqueue: Make @flags handling consistent across set_work_data() and friends (bsc#1260522).
- workqueue: Preserve OFFQ bits in cancel[_sync] paths (bsc#1260522).
- workqueue: Rename __cancel_work_timer() to __cancel_timer_sync() (bsc#1260522).
- workqueue: Reorganize flush and cancel[_sync] functions (bsc#1260522).
- x86/boot/64: Clear most of CR4 in startup_64(), except PAE, MCE and LA57 (git-fixes).
- x86/boot/sev: Avoid shared GHCB page for early memory acceptance (git-fixes).
- x86/boot: Don't add the EFI stub to targets, again (git-fixes).
- x86/boot: Fix page table access in 5-level to 4-level paging transition (git-fixes).
- X.509: Fix out-of-bounds access when parsing extensions (git-fixes).
- Xarray: do not return sibling entries from xas_find_marked() (bsc#1263815).
The following package changes have been done:
- kernel-default-6.4.0-46.1 updated
More information about the sle-container-updates
mailing list