SUSE-SU-2025:0564-1: important: Security update for the Linux Kernel
SLE-SECURITY-UPDATES
null at suse.de
Mon Feb 17 16:31:39 UTC 2025
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2025:0564-1
Release Date: 2025-02-17T13:26:35Z
Rating: important
References:
* bsc#1215199
* bsc#1222803
* bsc#1224049
* bsc#1226980
* bsc#1227937
* bsc#1231088
* bsc#1232101
* bsc#1232161
* bsc#1233028
* bsc#1233221
* bsc#1233248
* bsc#1233522
* bsc#1233778
* bsc#1234070
* bsc#1234683
* bsc#1234693
* bsc#1234947
* bsc#1235001
* bsc#1235217
* bsc#1235230
* bsc#1235244
* bsc#1235390
* bsc#1235418
* bsc#1235430
* bsc#1235441
* bsc#1235485
* bsc#1235487
* bsc#1235489
* bsc#1235498
* bsc#1235545
* bsc#1235578
* bsc#1235582
* bsc#1235583
* bsc#1235612
* bsc#1235638
* bsc#1235656
* bsc#1235686
* bsc#1235865
* bsc#1235874
* bsc#1235914
* bsc#1235941
* bsc#1235948
* bsc#1236127
* bsc#1236160
* bsc#1236161
* bsc#1236163
* bsc#1236182
* bsc#1236192
* bsc#1236245
* bsc#1236247
* bsc#1236260
* bsc#1236262
* bsc#1236628
* bsc#1236680
* bsc#1236681
* bsc#1236682
* bsc#1236683
* bsc#1236684
* bsc#1236685
* bsc#1236688
* bsc#1236689
* bsc#1236694
* bsc#1236696
* bsc#1236698
* bsc#1236702
* bsc#1236703
* bsc#1236732
* bsc#1236733
* bsc#1236757
* bsc#1236758
* bsc#1236759
* bsc#1236760
* bsc#1236761
* jsc#PED-12094
* jsc#PED-7242
Cross-References:
* CVE-2024-40980
* CVE-2024-46858
* CVE-2024-49948
* CVE-2024-49978
* CVE-2024-50142
* CVE-2024-50251
* CVE-2024-50258
* CVE-2024-50304
* CVE-2024-53123
* CVE-2024-53187
* CVE-2024-53203
* CVE-2024-56592
* CVE-2024-56600
* CVE-2024-56601
* CVE-2024-56608
* CVE-2024-56610
* CVE-2024-56633
* CVE-2024-56650
* CVE-2024-56658
* CVE-2024-56665
* CVE-2024-56679
* CVE-2024-56693
* CVE-2024-56707
* CVE-2024-56715
* CVE-2024-56725
* CVE-2024-56726
* CVE-2024-56727
* CVE-2024-56728
* CVE-2024-56763
* CVE-2024-57802
* CVE-2024-57882
* CVE-2024-57884
* CVE-2024-57917
* CVE-2024-57931
* CVE-2024-57938
* CVE-2024-57946
* CVE-2025-21652
* CVE-2025-21653
* CVE-2025-21655
* CVE-2025-21663
* CVE-2025-21664
* CVE-2025-21665
* CVE-2025-21666
* CVE-2025-21667
* CVE-2025-21668
* CVE-2025-21669
* CVE-2025-21670
* CVE-2025-21673
* CVE-2025-21674
* CVE-2025-21675
* CVE-2025-21676
* CVE-2025-21678
* CVE-2025-21681
* CVE-2025-21682
CVSS scores:
* CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-49948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-49948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-49978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-49978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50142 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-50142 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-50142 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50251 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-50251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50251 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50258 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-50258 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50258 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-50304 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53123 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53187 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2024-53187 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2024-53187 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53203 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53203 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-53203 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56592 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56600 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56601 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56608 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56608 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56610 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56610 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56633 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56650 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-56658 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56665 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56679 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56693 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56693 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56693 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56707 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56715 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56715 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56725 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56725 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56725 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56726 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56726 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56727 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56728 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56763 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57802 ( SUSE ): 2.1
CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-57802 ( SUSE ): 4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-57802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57882 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57884 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57917 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57917 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57931 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57938 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57946 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-57946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21652 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21652 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21652 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21652 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-21653 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-21653 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-21655 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21655 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21663 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21664 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21664 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21665 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21666 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21667 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21668 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21668 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-21669 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21669 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21669 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21670 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21670 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21673 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21673 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-21673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21674 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21674 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21675 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21676 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21678 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21681 ( SUSE ): 8.2
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2025-21681 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-21682 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21682 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21682 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Confidential Computing Module 15-SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves 54 vulnerabilities, contains two features and has 19
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to
receive various security bugfixes.
The following security bugs were fixed:
* CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock
(bsc#1227937).
* CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
* CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
(bsc#1232161).
* CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
frag_list (bsc#1232101).
* CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
sel.family is unset (bsc#1233028).
* CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
calling skb_checksum() (bsc#1233248).
* CVE-2024-50258: net: fix crash when config small
gso_max_size/gso_ipv4_max_size (bsc#1233221).
* CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
ip_tunnel_find() (bsc#1233522).
* CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
* CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
* CVE-2024-53203: usb: typec: fix potential array underflow in
ucsi_ccg_sync_control() (bsc#1235001).
* CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
(bsc#1235244).
* CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
inet6_create() (bsc#1235217).
* CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
inet_create() (bsc#1235230).
* CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
'dcn21_link_encoder_create' (bsc#1235487).
* CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
(bsc#1235390).
* CVE-2024-56633: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
(bsc#1235485).
* CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
(bsc#1235430).
* CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
(bsc#1235441).
* CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
perf_event_detach_bpf_prog (bsc#1235489).
* CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
otx2_common.c (bsc#1235498).
* CVE-2024-56693: brd: defer automatic disk creation until module
initialization succeeds (bsc#1235418).
* CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
otx2_dmac_flt.c (bsc#1235545).
* CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
(bsc#1235612).
* CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
otx2_dcbnl.c (bsc#1235578).
* CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
(bsc#1235582).
* CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
otx2_flows.c (bsc#1235583).
* CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
otx2_ethtool.c (bsc#1235656).
* CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
(bsc#1235638).
* CVE-2024-57802: netrom: check buffer length before accessing it
(bsc#1235941).
* CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
* CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
in throttle_direct_reclaim() (bsc#1235948).
* CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
(bsc#1236127).
* CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
* CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
sctp_association_init() (bsc#1236182).
* CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
(bsc#1236247).
* CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
(bsc#1236160).
* CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
(bsc#1236161).
* CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
RCU period (bsc#1236163).
* CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
tree (bsc#1236260).
* CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
function (bsc#1236262).
* CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits
(bsc#1236684).
* CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
(bsc#1236680).
* CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits
(bsc#1236681).
* CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition
(bsc#1236682).
* CVE-2025-21669: vsock/virtio: discard packets if the transport changes
(bsc#1236683).
* CVE-2025-21670: vsock/bpf: return early if transport is not assigned
(bsc#1236685).
* CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname
(bsc#1236689).
* CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
IPsec tunnel (bsc#1236688).
* CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
(bsc#1236694).
* CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
(bsc#1236696).
* CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
(bsc#1236698).
* CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with
carrier (bsc#1236702).
* CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
fix null-deref (bsc#1236703).
The following non-security bugs were fixed:
* ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
* ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
* ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read()
(git-fixes).
* ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
fixes).
* ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
laptop (git-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
* ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
* ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
(bsc#1235686).
* ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
* ALSA: seq: Make dependency on UMP clearer (git-fixes).
* ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-
fixes).
* ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
* ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
* ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
* ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
* ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
* ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
* ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
* ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
* ASoC: samsung: Add missing depends on I2C (git-fixes).
* ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
* ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
* ASoC: wm8994: Add depends on MFD core (stable-fixes).
* Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
(git-fixes).
* Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
* Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
* EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
* HID: core: Fix assumption that Resolution Multipliers must be in Logical
Collections (git-fixes).
* HID: fix generic desktop D-Pad controls (git-fixes).
* HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
* HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
check (git-fixes).
* HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
* Input: atkbd - map F23 key to support default copilot shortcut (stable-
fixes).
* Input: bbnsm_pwrkey - add remove hook (git-fixes).
* Input: davinci-keyscan - remove leftover header (git-fixes).
* Input: xpad - add QH Electronics VID/PID (stable-fixes).
* Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
fixes).
* Input: xpad - add support for Nacon Pro Compact (stable-fixes).
* Input: xpad - add support for wooting two he (arm) (stable-fixes).
* Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
fixes).
* Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
* KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values
(jsc#PED-6143).
* KVM: x86/mmu: Add Suppress VE bit to EPT
shadow_mmio_mask/shadow_present_mask (jsc#PED-6143).
* KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE
(jsc#PED-6143).
* KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE
(jsc#PED-6143).
* KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (jsc#PED-6143).
* NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
* NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
* NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
* PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
fixes).
* PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
* PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
fixes).
* PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
(git-fixes).
* PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
* PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
fixes).
* PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
* PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
fixes).
* PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
fixes).
* PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
* PCI: microchip: Set inbound address translation for coherent or non-coherent
mode (git-fixes).
* PCI: rcar-ep: Fix incorrect variable used when calling
devm_request_mem_region() (git-fixes).
* PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
* RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
fixes)
* RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
* RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
fixes)
* RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
fixes)
* RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
* RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
* RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
* RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
* RDMA/srp: Fix error handling in srp_add_port (git-fixes)
* Remove "iommu/arm-smmu: Defer probe of clients after smmu device bound",
reverted by upstream.
* Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
fixes).
* Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
* Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
the crash caused by port being null" (stable-fixes).
* Revert "Disable ceph".
* USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
fixes).
* VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
* VMCI: fix reference to ioctl-number.rst (git-fixes).
* afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
* afs: Fix cleanup of immediately failed async calls (git-fixes).
* afs: Fix directory format encoding struct (git-fixes).
* afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
* arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
* arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
* arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
Update arm64 default configuration file
* arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
fixes)
* arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
* arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
* arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
* arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
* ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
fixes).
* bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
fixes).
* cpufreq: ACPI: Fix max-frequency computation (git-fixes).
* cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
* cpufreq: amd-pstate: remove global header file (git-fixes).
* cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
* cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-
fixes).
* cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
* cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
fixes).
* cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
back (git-fixes).
* cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
* cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
* cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
* cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
* cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
* cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
* cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
* cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
* cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
* cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is
not available (git-fixes).
* cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks
(git-fixes).
* cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
* cpupower: fix TSC MHz calculation (git-fixes).
* crypto: caam - use JobR's space to access page 0 regs (git-fixes).
* crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
* crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
* crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
* crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
(git-fixes).
* crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
fixes).
* crypto: qce - fix goto jump in error path (git-fixes).
* crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
* crypto: qce - unregister previously registered algos in error path (git-
fixes).
* devcoredump: cleanup some comments (git-fixes).
* dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
* docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
fixes).
* driver core: class: Fix wild pointer dereferences in API
class_dev_iter_next() (git-fixes).
* drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
* drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
* drm/amd/pm: Fix an error handling path in
vega10_enable_se_edc_force_stall_config() (git-fixes).
* drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
* drm/amdgpu: Fix potential NULL pointer dereference in
atomctrl_get_smc_sclk_range_table (git-fixes).
* drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
* drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
* drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
* drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
(git-fixes).
* drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
* drm/etnaviv: Fix page property being used for non writecombine buffers (git-
fixes).
* drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
* drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
* drm/i915/guc: Debug print LRC state entries only if the context is pinned
(git-fixes).
* drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
* drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
* drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
* drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
* drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
* drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
* drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
* drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
* drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
* drm/msm: Check return value of of_dma_configure() (git-fixes).
* drm/msm: do not clean up priv->kms prematurely (git-fixes).
* drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
* drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
* drm/rockchip: move output interface related definition to rockchip_drm_drv.h
(stable-fixes).
* drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
(git-fixes).
* drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
fixes).
* drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
* drm/rockchip: vop2: Fix the windows switch between different layers (git-
fixes).
* drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
* drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
* drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-
fixes).
* drm/tidss: Clear the interrupt status for interrupts being disabled (git-
fixes).
* drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
* drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
* drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
* fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
fixes).
* firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
* futex: Do not include process MM in futex key on no-MMU (git-fixes).
* genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
* genksyms: fix memory leak when the same symbol is added from source (git-
fixes).
* genksyms: fix memory leak when the same symbol is read from *.symref file
(git-fixes).
* gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
* gpio: mxc: remove dead code after switch to DT-only (git-fixes).
* gpio: pca953x: Improve interrupt support (git-fixes).
* gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
* gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
* hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
* hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
* ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
* iio: adc: ad_sigma_delta: Handle CS assertion as intended in
ad_sd_read_reg_raw() (git-fixes).
* iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
fixes).
* iio: light: as73211: fix channel handling in only-color triggered buffer
(git-fixes).
* intel_th: core: fix kernel-doc warnings (git-fixes).
* ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
* ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
fixes).
* kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
fixes).
* kheaders: Ignore silly-rename files (stable-fixes).
* ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
* ktest.pl: Check kernelrelease return in get_version (git-fixes).
* ktest.pl: Fix typo "accesing" (git-fixes).
* ktest.pl: Fix typo in comment (git-fixes).
* ktest.pl: Remove unused declarations in run_bisect_test function (git-
fixes).
* ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
fixes).
* landlock: Handle weird files (git-fixes).
* latencytop: use correct kernel-doc format for func params (git-fixes).
* leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
* leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
(git-fixes).
* lib/inflate.c: remove dead code (git-fixes).
* lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
* locking/lockdep: Avoid creating new name string literals in
lockdep_set_subclass() (git-fixes).
* locking/rwsem: Add __always_inline annotation to __down_write_common() and
inlined callers (git-fixes).
* mac802154: check local interfaces before deleting sdata list (stable-fixes).
* mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
* maple_tree: simplify split calculation (git-fixes).
* media: camif-core: Add check for clk_enable() (git-fixes).
* media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
* media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
* media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
* media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
af9035_i2c_master_xfer (git-fixes).
* media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
* media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
fixes).
* media: i2c: imx412: Add missing newline to prints (git-fixes).
* media: i2c: ov9282: Correct the exposure offset (git-fixes).
* media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
(git-fixes).
* media: imx296: Add standby delay during probe (git-fixes).
* media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
* media: marvell: Add check for clk_enable() (git-fixes).
* media: mc: fix endpoint iteration (git-fixes).
* media: mipi-csis: Add check for clk_enable() (git-fixes).
* media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
* media: ov08x40: Fix hblank out of range issue (git-fixes).
* media: ov5640: fix get_light_freq on auto (git-fixes).
* media: rc: iguanair: handle timeouts (git-fixes).
* media: rkisp1: Fix unused value issue (git-fixes).
* media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
* media: uvcvideo: Fix double free in error path (git-fixes).
* media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
* media: uvcvideo: Only save async fh if success (git-fixes).
* media: uvcvideo: Propagate buf->error to userspace (git-fixes).
* media: uvcvideo: Remove dangling pointers (git-fixes).
* media: uvcvideo: Remove redundant NULL assignment (git-fixes).
* media: uvcvideo: Support partial control reads (git-fixes).
* memory: tegra20-emc: fix an OF node reference bug in
tegra_emc_find_node_by_ram_code() (git-fixes).
* misc: fastrpc: Deregister device nodes properly in error scenarios (git-
fixes).
* misc: fastrpc: Fix copy buffer page size (git-fixes).
* misc: fastrpc: Fix registered buffer page address (git-fixes).
* misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
fixes).
* mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
(mm/compaction)).
* mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
* mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
* mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
* mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
* net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
* net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
* net: mana: Cleanup "mana" debugfs dir after cleanup of all children
(bsc#1236760).
* net: mana: Enable debugfs files for MANA device (bsc#1236758).
* net: netvsc: Update default VMBus channels (bsc#1236757).
* net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
(git-fixes).
* net: rose: fix timer races against user threads (git-fixes).
* net: usb: rtl8150: enable basic endpoint checking (git-fixes).
* netfilter: nf_tables: validate family when identifying table via handle
(bsc#1233778 ZDI-24-1454).
* nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
* nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
* nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
* nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
* nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
fixes).
* nvmet: propagate npwg topology (git-fixes).
* padata: add pd get/put refcnt helper (git-fixes).
* padata: avoid UAF for reorder_work (git-fixes).
* padata: fix UAF in padata_reorder (git-fixes).
* pinctrl: amd: Take suspend type into consideration which pins are non-wake
(git-fixes).
* pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
fails (git-fixes).
* pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
* power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
* powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
* pps: add an error check in parport_attach (git-fixes).
* pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
* printk: Add is_printk_legacy_deferred() (bsc#1236733).
* printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
* pwm: stm32-lp: Add check for clk_enable() (git-fixes).
* pwm: stm32: Add check for clk_enable() (git-fixes).
* r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
* rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
* rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
* rcu: Dump memory object info if callback function is invalid (git-fixes)
* rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
* rcuscale: Move rcu_scale_writer() (git-fixes)
* rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
* regulator: core: Add missing newline character (git-fixes).
* regulator: of: Implement the unwind path of of_regulator_match() (git-
fixes).
* remoteproc: core: Fix ida_free call while not allocated (git-fixes).
* rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
* rtc: zynqmp: Fix optional clock name property (git-fixes).
* samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
* sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
(bsc#1235865).
* sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
(bsc#1235865).
* scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
fixes).
* seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
* selftest: media_tests: fix trivial UAF typo (git-fixes).
* selftests/alsa: Fix circular dependency involving global-timer (stable-
fixes).
* selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-
fixes).
* selftests/landlock: Fix error message (git-fixes).
* selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
* selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
* selftests: harness: fix printing of mismatch values in __EXPECT() (git-
fixes).
* selftests: tc-testing: reduce rshift value (stable-fixes).
* selftests: timers: clocksource-switch: Adapt progress to kselftest framework
(git-fixes).
* selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
* serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
* serial: sc16is7xx: use device_property APIs when configuring irda mode
(stable-fixes).
* serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
in use (git-fixes).
* serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
* soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
* soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
* soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
* soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
* soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
* soc: qcom: socinfo: move SMEM item struct and defines to a header (git-
fixes).
* spi: zynq-qspi: Add check for clk_enable() (git-fixes).
* srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
* srcu: Only accelerate on enqueue time (git-fixes)
* staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
fixes).
* staging: media: max96712: fix kernel oops when removing module (git-fixes).
* tools: Sync if_xdp.h uapi tooling header (git-fixes).
* tty: xilinx_uartps: split sysrq handling (git-fixes).
* ubifs: skip dumping tnc tree when zroot is null (git-fixes).
* uio: Fix return value of poll (git-fixes).
* uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
fixes).
* usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
the error path of .probe() (git-fixes).
* usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
* usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
* usb: gadget: f_tcm: Do not free command immediately (git-fixes).
* usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
* usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
* usb: gadget: f_tcm: Translate error to sense (git-fixes).
* usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
* usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
* usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
(bsc#1235001)
* usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
(git-fixes).
* usbnet: ipheth: break up NCM header size computation (git-fixes).
* usbnet: ipheth: check that DPE points past NCM header (git-fixes).
* usbnet: ipheth: fix DPE OoB read (git-fixes).
* usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
* usbnet: ipheth: refactor NCM datagram loop (git-fixes).
* usbnet: ipheth: use static NDP16 location in URB (git-fixes).
* vfio/pci: Lock external INTx masking ops (bsc#1222803).
* virtio-mem: check if the config changed before fake offlining memory (git-
fixes).
* virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
fixes).
* virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
Mode (SBM) (git-fixes).
* virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
* vsock/virtio: cancel close work in the destructor (git-fixes)
* vsock: Keep the binding until socket destruction (git-fixes)
* vsock: reset socket state when de-assigning the transport (git-fixes)
* wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
(git-fixes).
* wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
* wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
* wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
* wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
* wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
* wifi: mac80211: Fix common size calculation for ML element (git-fixes).
* wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
* wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
* wifi: mac80211: prohibit deactivating all links (git-fixes).
* wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
* wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
(git-fixes).
* wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
* wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
(git-fixes).
* wifi: mt76: mt7915: firmware restart on devices with a second pcie link
(git-fixes).
* wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-
fixes).
* wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
fixes).
* wifi: mt76: mt7915: fix register mapping (git-fixes).
* wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
* wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
(git-fixes).
* wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
* wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
* wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
* wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
* wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
* wifi: mt76: mt7996: fix ldpc setting (git-fixes).
* wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
fixes).
* wifi: mt76: mt7996: fix register mapping (git-fixes).
* wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
fixes).
* wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
fixes).
* wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
* wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
* wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
* wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
fixes).
* wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
fixes).
* wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
* wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
(git-fixes).
* wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
* wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
(git-fixes).
* wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
* wifi: rtlwifi: wait for firmware loading before releasing memory (git-
fixes).
* wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
* wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
* wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
* workqueue: Add rcu lock check at the end of work item execution
(bsc#1236732).
* xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
* xfs: Propagate errors from xfs_reflink_cancel_cow_range in
xfs_dax_write_iomap_end (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* Confidential Computing Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-564=1
## Package List:
* Confidential Computing Module 15-SP6 (nosrc x86_64)
* kernel-coco-6.4.0-15061.15.coco15sp6.1
* kernel-coco_debug-6.4.0-15061.15.coco15sp6.1
* Confidential Computing Module 15-SP6 (x86_64)
* kernel-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
* kernel-coco_debug-debugsource-6.4.0-15061.15.coco15sp6.1
* kernel-coco_debug-devel-6.4.0-15061.15.coco15sp6.1
* reiserfs-kmp-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
* kernel-coco-vdso-debuginfo-6.4.0-15061.15.coco15sp6.1
* kernel-coco-devel-6.4.0-15061.15.coco15sp6.1
* reiserfs-kmp-coco-6.4.0-15061.15.coco15sp6.1
* kernel-syms-coco-6.4.0-15061.15.coco15sp6.1
* kernel-coco_debug-devel-debuginfo-6.4.0-15061.15.coco15sp6.1
* kernel-coco-debugsource-6.4.0-15061.15.coco15sp6.1
* kernel-coco_debug-debuginfo-6.4.0-15061.15.coco15sp6.1
* Confidential Computing Module 15-SP6 (noarch)
* kernel-devel-coco-6.4.0-15061.15.coco15sp6.1
* kernel-source-coco-6.4.0-15061.15.coco15sp6.1
## References:
* https://www.suse.com/security/cve/CVE-2024-40980.html
* https://www.suse.com/security/cve/CVE-2024-46858.html
* https://www.suse.com/security/cve/CVE-2024-49948.html
* https://www.suse.com/security/cve/CVE-2024-49978.html
* https://www.suse.com/security/cve/CVE-2024-50142.html
* https://www.suse.com/security/cve/CVE-2024-50251.html
* https://www.suse.com/security/cve/CVE-2024-50258.html
* https://www.suse.com/security/cve/CVE-2024-50304.html
* https://www.suse.com/security/cve/CVE-2024-53123.html
* https://www.suse.com/security/cve/CVE-2024-53187.html
* https://www.suse.com/security/cve/CVE-2024-53203.html
* https://www.suse.com/security/cve/CVE-2024-56592.html
* https://www.suse.com/security/cve/CVE-2024-56600.html
* https://www.suse.com/security/cve/CVE-2024-56601.html
* https://www.suse.com/security/cve/CVE-2024-56608.html
* https://www.suse.com/security/cve/CVE-2024-56610.html
* https://www.suse.com/security/cve/CVE-2024-56633.html
* https://www.suse.com/security/cve/CVE-2024-56650.html
* https://www.suse.com/security/cve/CVE-2024-56658.html
* https://www.suse.com/security/cve/CVE-2024-56665.html
* https://www.suse.com/security/cve/CVE-2024-56679.html
* https://www.suse.com/security/cve/CVE-2024-56693.html
* https://www.suse.com/security/cve/CVE-2024-56707.html
* https://www.suse.com/security/cve/CVE-2024-56715.html
* https://www.suse.com/security/cve/CVE-2024-56725.html
* https://www.suse.com/security/cve/CVE-2024-56726.html
* https://www.suse.com/security/cve/CVE-2024-56727.html
* https://www.suse.com/security/cve/CVE-2024-56728.html
* https://www.suse.com/security/cve/CVE-2024-56763.html
* https://www.suse.com/security/cve/CVE-2024-57802.html
* https://www.suse.com/security/cve/CVE-2024-57882.html
* https://www.suse.com/security/cve/CVE-2024-57884.html
* https://www.suse.com/security/cve/CVE-2024-57917.html
* https://www.suse.com/security/cve/CVE-2024-57931.html
* https://www.suse.com/security/cve/CVE-2024-57938.html
* https://www.suse.com/security/cve/CVE-2024-57946.html
* https://www.suse.com/security/cve/CVE-2025-21652.html
* https://www.suse.com/security/cve/CVE-2025-21653.html
* https://www.suse.com/security/cve/CVE-2025-21655.html
* https://www.suse.com/security/cve/CVE-2025-21663.html
* https://www.suse.com/security/cve/CVE-2025-21664.html
* https://www.suse.com/security/cve/CVE-2025-21665.html
* https://www.suse.com/security/cve/CVE-2025-21666.html
* https://www.suse.com/security/cve/CVE-2025-21667.html
* https://www.suse.com/security/cve/CVE-2025-21668.html
* https://www.suse.com/security/cve/CVE-2025-21669.html
* https://www.suse.com/security/cve/CVE-2025-21670.html
* https://www.suse.com/security/cve/CVE-2025-21673.html
* https://www.suse.com/security/cve/CVE-2025-21674.html
* https://www.suse.com/security/cve/CVE-2025-21675.html
* https://www.suse.com/security/cve/CVE-2025-21676.html
* https://www.suse.com/security/cve/CVE-2025-21678.html
* https://www.suse.com/security/cve/CVE-2025-21681.html
* https://www.suse.com/security/cve/CVE-2025-21682.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215199
* https://bugzilla.suse.com/show_bug.cgi?id=1222803
* https://bugzilla.suse.com/show_bug.cgi?id=1224049
* https://bugzilla.suse.com/show_bug.cgi?id=1226980
* https://bugzilla.suse.com/show_bug.cgi?id=1227937
* https://bugzilla.suse.com/show_bug.cgi?id=1231088
* https://bugzilla.suse.com/show_bug.cgi?id=1232101
* https://bugzilla.suse.com/show_bug.cgi?id=1232161
* https://bugzilla.suse.com/show_bug.cgi?id=1233028
* https://bugzilla.suse.com/show_bug.cgi?id=1233221
* https://bugzilla.suse.com/show_bug.cgi?id=1233248
* https://bugzilla.suse.com/show_bug.cgi?id=1233522
* https://bugzilla.suse.com/show_bug.cgi?id=1233778
* https://bugzilla.suse.com/show_bug.cgi?id=1234070
* https://bugzilla.suse.com/show_bug.cgi?id=1234683
* https://bugzilla.suse.com/show_bug.cgi?id=1234693
* https://bugzilla.suse.com/show_bug.cgi?id=1234947
* https://bugzilla.suse.com/show_bug.cgi?id=1235001
* https://bugzilla.suse.com/show_bug.cgi?id=1235217
* https://bugzilla.suse.com/show_bug.cgi?id=1235230
* https://bugzilla.suse.com/show_bug.cgi?id=1235244
* https://bugzilla.suse.com/show_bug.cgi?id=1235390
* https://bugzilla.suse.com/show_bug.cgi?id=1235418
* https://bugzilla.suse.com/show_bug.cgi?id=1235430
* https://bugzilla.suse.com/show_bug.cgi?id=1235441
* https://bugzilla.suse.com/show_bug.cgi?id=1235485
* https://bugzilla.suse.com/show_bug.cgi?id=1235487
* https://bugzilla.suse.com/show_bug.cgi?id=1235489
* https://bugzilla.suse.com/show_bug.cgi?id=1235498
* https://bugzilla.suse.com/show_bug.cgi?id=1235545
* https://bugzilla.suse.com/show_bug.cgi?id=1235578
* https://bugzilla.suse.com/show_bug.cgi?id=1235582
* https://bugzilla.suse.com/show_bug.cgi?id=1235583
* https://bugzilla.suse.com/show_bug.cgi?id=1235612
* https://bugzilla.suse.com/show_bug.cgi?id=1235638
* https://bugzilla.suse.com/show_bug.cgi?id=1235656
* https://bugzilla.suse.com/show_bug.cgi?id=1235686
* https://bugzilla.suse.com/show_bug.cgi?id=1235865
* https://bugzilla.suse.com/show_bug.cgi?id=1235874
* https://bugzilla.suse.com/show_bug.cgi?id=1235914
* https://bugzilla.suse.com/show_bug.cgi?id=1235941
* https://bugzilla.suse.com/show_bug.cgi?id=1235948
* https://bugzilla.suse.com/show_bug.cgi?id=1236127
* https://bugzilla.suse.com/show_bug.cgi?id=1236160
* https://bugzilla.suse.com/show_bug.cgi?id=1236161
* https://bugzilla.suse.com/show_bug.cgi?id=1236163
* https://bugzilla.suse.com/show_bug.cgi?id=1236182
* https://bugzilla.suse.com/show_bug.cgi?id=1236192
* https://bugzilla.suse.com/show_bug.cgi?id=1236245
* https://bugzilla.suse.com/show_bug.cgi?id=1236247
* https://bugzilla.suse.com/show_bug.cgi?id=1236260
* https://bugzilla.suse.com/show_bug.cgi?id=1236262
* https://bugzilla.suse.com/show_bug.cgi?id=1236628
* https://bugzilla.suse.com/show_bug.cgi?id=1236680
* https://bugzilla.suse.com/show_bug.cgi?id=1236681
* https://bugzilla.suse.com/show_bug.cgi?id=1236682
* https://bugzilla.suse.com/show_bug.cgi?id=1236683
* https://bugzilla.suse.com/show_bug.cgi?id=1236684
* https://bugzilla.suse.com/show_bug.cgi?id=1236685
* https://bugzilla.suse.com/show_bug.cgi?id=1236688
* https://bugzilla.suse.com/show_bug.cgi?id=1236689
* https://bugzilla.suse.com/show_bug.cgi?id=1236694
* https://bugzilla.suse.com/show_bug.cgi?id=1236696
* https://bugzilla.suse.com/show_bug.cgi?id=1236698
* https://bugzilla.suse.com/show_bug.cgi?id=1236702
* https://bugzilla.suse.com/show_bug.cgi?id=1236703
* https://bugzilla.suse.com/show_bug.cgi?id=1236732
* https://bugzilla.suse.com/show_bug.cgi?id=1236733
* https://bugzilla.suse.com/show_bug.cgi?id=1236757
* https://bugzilla.suse.com/show_bug.cgi?id=1236758
* https://bugzilla.suse.com/show_bug.cgi?id=1236759
* https://bugzilla.suse.com/show_bug.cgi?id=1236760
* https://bugzilla.suse.com/show_bug.cgi?id=1236761
* https://jira.suse.com/browse/PED-12094
* https://jira.suse.com/browse/PED-7242
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250217/0ff2f262/attachment.htm>
More information about the sle-security-updates
mailing list