SUSE-SU-2025:20483-1: important: Security update for the Linux Kernel
SLE-SECURITY-UPDATES
null at suse.de
Mon Jul 21 20:31:57 UTC 2025
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2025:20483-1
Release Date: 2025-07-18T12:21:16Z
Rating: important
References:
* bsc#1210025
* bsc#1211226
* bsc#1215199
* bsc#1218184
* bsc#1223008
* bsc#1235490
* bsc#1236208
* bsc#1237312
* bsc#1237913
* bsc#1238859
* bsc#1238982
* bsc#1240577
* bsc#1240610
* bsc#1240686
* bsc#1240814
* bsc#1241166
* bsc#1241278
* bsc#1241414
* bsc#1241544
* bsc#1241572
* bsc#1241592
* bsc#1242504
* bsc#1242515
* bsc#1242521
* bsc#1242556
* bsc#1242725
* bsc#1242907
* bsc#1243051
* bsc#1243060
* bsc#1243342
* bsc#1243467
* bsc#1243480
* bsc#1243506
* bsc#1243523
* bsc#1243538
* bsc#1243544
* bsc#1243551
* bsc#1243620
* bsc#1243698
* bsc#1243774
* bsc#1243823
* bsc#1243827
* bsc#1243832
* bsc#1243847
* bsc#1244100
* bsc#1244145
* bsc#1244172
* bsc#1244176
* bsc#1244229
* bsc#1244234
* bsc#1244241
* bsc#1244274
* bsc#1244275
* bsc#1244277
* bsc#1244309
* bsc#1244313
* bsc#1244337
* bsc#1244626
* bsc#1244725
* bsc#1244727
* bsc#1244729
* bsc#1244731
* bsc#1244732
* bsc#1244736
* bsc#1244737
* bsc#1244738
* bsc#1244739
* bsc#1244743
* bsc#1244746
* bsc#1244759
* bsc#1244789
* bsc#1244862
* bsc#1244906
* bsc#1244938
* bsc#1244995
* bsc#1244996
* bsc#1244999
* bsc#1245001
* bsc#1245003
* bsc#1245004
* bsc#1245025
* bsc#1245042
* bsc#1245046
* bsc#1245078
* bsc#1245081
* bsc#1245082
* bsc#1245083
* bsc#1245155
* bsc#1245183
* bsc#1245193
* bsc#1245210
* bsc#1245217
* bsc#1245225
* bsc#1245226
* bsc#1245228
* bsc#1245431
* bsc#1245455
* jsc#PED-12551
Cross-References:
* CVE-2024-26831
* CVE-2024-56613
* CVE-2024-56699
* CVE-2024-57982
* CVE-2024-58053
* CVE-2025-21658
* CVE-2025-21720
* CVE-2025-21898
* CVE-2025-21899
* CVE-2025-21920
* CVE-2025-21959
* CVE-2025-22035
* CVE-2025-22083
* CVE-2025-22111
* CVE-2025-22120
* CVE-2025-37756
* CVE-2025-37757
* CVE-2025-37786
* CVE-2025-37811
* CVE-2025-37859
* CVE-2025-37884
* CVE-2025-37909
* CVE-2025-37921
* CVE-2025-37923
* CVE-2025-37927
* CVE-2025-37938
* CVE-2025-37945
* CVE-2025-37946
* CVE-2025-37961
* CVE-2025-37973
* CVE-2025-37992
* CVE-2025-37994
* CVE-2025-37995
* CVE-2025-37997
* CVE-2025-38000
* CVE-2025-38001
* CVE-2025-38003
* CVE-2025-38004
* CVE-2025-38005
* CVE-2025-38007
* CVE-2025-38009
* CVE-2025-38010
* CVE-2025-38011
* CVE-2025-38013
* CVE-2025-38014
* CVE-2025-38015
* CVE-2025-38018
* CVE-2025-38020
* CVE-2025-38022
* CVE-2025-38023
* CVE-2025-38024
* CVE-2025-38027
* CVE-2025-38031
* CVE-2025-38040
* CVE-2025-38043
* CVE-2025-38044
* CVE-2025-38045
* CVE-2025-38053
* CVE-2025-38057
* CVE-2025-38059
* CVE-2025-38060
* CVE-2025-38065
* CVE-2025-38068
* CVE-2025-38072
* CVE-2025-38077
* CVE-2025-38078
* CVE-2025-38079
* CVE-2025-38080
* CVE-2025-38081
* CVE-2025-38083
CVSS scores:
* CVE-2024-26831 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26831 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56613 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-56613 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-56613 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56699 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56699 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-57982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-57982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-58053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21658 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21898 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21899 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21920 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21920 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-21959 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-21959 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-21959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22035 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-22035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-22083 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22111 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22111 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22120 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37811 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-37811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37859 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-37859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-37884 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-37884 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37909 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-37909 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-37921 ( SUSE ): 0.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-37921 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
* CVE-2025-37923 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-37923 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-37927 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-37927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2025-37938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37992 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-37992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37994 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-37994 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-37995 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-37995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-37997 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-37997 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38000 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38001 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38003 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38003 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38004 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38004 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2025-38005 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38005 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38009 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-38009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-38010 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-38010 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-38011 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38013 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38013 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38014 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38014 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38015 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38018 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38020 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38022 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38022 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38023 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38024 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38027 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38027 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38031 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38031 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-38040 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38040 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38043 ( SUSE ): 0.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-38043 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2025-38044 ( SUSE ): 0.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-38044 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2025-38045 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-38045 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-38053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38057 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38059 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38059 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38060 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38060 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38065 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38065 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38068 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38072 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38077 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38078 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38079 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38080 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38081 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* SUSE Linux Micro 6.1
An update that solves 70 vulnerabilities, contains one feature and has 27 fixes
can now be installed.
## Description:
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive
various security bugfixes.
The following security bugs were fixed:
* CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup
(bsc#1237913).
* CVE-2024-58053: rxrpc: Fix handling of received connection abort
(bsc#1238982).
* CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload
mode (bsc#1238859).
* CVE-2025-21898: ftrace: Avoid potential division by zero in
function_stat_show() (bsc#1240610).
* CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list
(bsc#1240577).
* CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
* CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct
nf_conncount_tuple in insert_tree() (bsc#1240814).
* CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags
during tracer switching (bsc#1241544).
* CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and
SIOCBRDELIF (bsc#1241572).
* CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
* CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
* CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
* CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling
(bsc#1242907).
* CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker
(bsc#1243051).
* CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex
(bsc#1243060).
* CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled
(bsc#1243467).
* CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry
(bsc#1243480).
* CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer()
(bsc#1243551).
* CVE-2025-37927: iommu/amd: Fix potential buffer overflow in
parse_ivrs_acpihid (bsc#1243620).
* CVE-2025-37938: tracing: Verify event formats that have "%*p.."
(bsc#1243544).
* CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine
for phylink-controlled PHY (bsc#1243538).
* CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4
(bsc#1243523).
* CVE-2025-37992: net_sched: Flush gso_skb list too during ->change()
(bsc#1243698).
* CVE-2025-37995: module: ensure that kobject_put() is safe for module type
kobjects (bsc#1243827).
* CVE-2025-37997: netfilter: ipset: fix region locking in hash types
(bsc#1243832).
* CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in
hfsc_enqueue() (bsc#1244277).
* CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to
eltree twice (bsc#1244234).
* CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock
(bsc#1244729).
* CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed
(bsc#1244999).
* CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check
(bsc#1244746).
* CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
* CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry !=
NULL (bsc#1245155).
* CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init()
(bsc#1244743).
The following non-security bugs were fixed:
* ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
* ACPI: battery: negate current when discharging (stable-fixes).
* ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
* ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
* ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
* ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
* ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
* ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
* ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
* ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
* ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-
fixes).
* ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
* ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
* ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-
fixes).
* ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
* ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
* ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
* ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-
fixes).
* ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
* ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
(git-fixes).
* ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound
card (stable-fixes).
* ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
* ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry
(stable-fixes).
* ALSA: usb-audio: Skip setting clock selector for single connections (stable-
fixes).
* ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
* ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
* ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file
(stable-fixes).
* ALSA: usb-audio: mixer: Remove temporary string use in
parse_clock_source_unit (stable-fixes).
* ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
* ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
* ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
* Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
* Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
* Bluetooth: MGMT: Fix sparse errors (git-fixes).
* Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
* Bluetooth: Remove pending ACL connection attempts (stable-fixes).
* Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-
fixes).
* Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
* Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
* Bluetooth: hci_event: Fix not using key encryption size when its known (git-
fixes).
* Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
* Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
* Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-
fixes).
* HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
* HID: wacom: fix kobject reference count leak (git-fixes).
* HID: wacom: fix memory leak on kobject creation failure (git-fixes).
* HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
* Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
* KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
* NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
* PCI/DPC: Log Error Source ID only when valid (git-fixes).
* PCI/DPC: Use defines with DPC reason fields (git-fixes).
* PCI/MSI: Size device MSI domain with the maximum number of vectors (git-
fixes).
* PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
* PCI: apple: Set only available ports up (git-fixes).
* PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up()
(git-fixes).
* PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
* PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-
fixes).
* PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-
fixes).
* RDMA/core: Fix best page size finding when it can cross SG entries (git-
fixes)
* RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
* Revert "ALSA: usb-audio: Skip setting clock selector for single connections"
(stable-fixes).
* Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
* Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
* USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-
fixes).
* arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
* ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode
(stable-fixes).
* ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
* ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
* bnxt: properly flush XDP redirect lists (git-fixes).
* bpf: Force uprobe bpf program to always return 0 (git-fixes).
* btrfs: fix fsync of files with no hard links not persisting deletion (git-
fixes).
* btrfs: fix invalid data space release when truncating block in NOCOW mode
(git-fixes).
* btrfs: fix qgroup reservation leak on failure to allocate ordered extent
(git-fixes).
* btrfs: fix wrong start offset for delalloc space release during mmap write
(git-fixes).
* btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
* btrfs: simplify condition for logging new dentries at
btrfs_log_inode_parent() (git-fixes).
* bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
* calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
* can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
* ceph: Fix incorrect flush end position calculation (git-fixes).
* ceph: allocate sparse_ext map only for sparse reads (git-fixes).
* ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
* cgroup/cpuset: Fix race between newly created partition and dying one
(bsc#1241166).
* clocksource: Fix brown-bag boolean thinko in (git-fixes)
* clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
* devlink: Fix referring to hw_addr attribute during state validation (git-
fixes).
* devlink: fix port dump cmd type (git-fixes).
* drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
* drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
* drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
* drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
* drm/i915: fix build error some more (git-fixes).
* drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
* drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
* drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
* drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
* e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-
fixes).
* fbcon: Make sure modelist not set on unregistered console (stable-fixes).
* fgraph: Still initialize idle shadow stacks when starting (git-fixes).
* firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-
fixes).
* gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
* gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
* gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-
fixes).
* hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
* hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace
(git-fixes).
* hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
* hwmon: (occ) fix unaligned accesses (git-fixes).
* hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
* hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
* i2c: designware: Invoke runtime suspend on quick slave re-registration
(stable-fixes).
* i2c: npcm: Add clock toggle recovery (stable-fixes).
* i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
* i2c: tiny-usb: disable zero-length read messages (git-fixes).
* i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
* i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
* ice: Fix LACP bonds without SRIOV environment (git-fixes).
* ice: create new Tx scheduler nodes for new queues only (git-fixes).
* ice: fix Tx scheduler error handling in XDP callback (git-fixes).
* ice: fix rebuilding the Tx scheduler tree for large queue counts (git-
fixes).
* ice: fix vf->num_mac count with port representors (git-fixes).
* ima: Suspend PCR extends and log appends when rebooting (bsc#1210025
ltc#196650).
* iommu: Skip PASID validation for devices without PASID capability
(bsc#1244100)
* iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
* isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
* kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size
(git-fixes).
* kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-
fixes).
* kabi: restore layout of struct cgroup_subsys (bsc#1241166).
* kabi: restore layout of struct mem_control (jsc#PED-12551).
* kabi: restore layout of struct page_counter (jsc#PED-12551).
* loop: add file_start_write() and file_end_write() (git-fixes).
* md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-
fixes).
* mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
* mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
* mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
* mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
* mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg
(jsc#PED-12551).
* mmc: Add quirk to disable DDR50 tuning (stable-fixes).
* net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-
fixes).
* net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
* net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
* net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-
fixes).
* net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
* net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
* net/mlx5: Fix return value when searching for existing flow group (git-
fixes).
* net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
(git-fixes).
* net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
* net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
* net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
* net: ice: Perform accurate aRFS flow match (git-fixes).
* net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
* net: mana: Record doorbell physical address in PF mode (bsc#1244229).
* net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend()
(bsc#1243538)
* net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
* net_sched: prio: fix a race in prio_tune() (git-fixes).
* net_sched: red: fix a race in __red_change() (git-fixes).
* net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
* net_sched: sch_sfq: reject invalid perturb period (git-fixes).
* net_sched: tbf: fix a race in tbf_change() (git-fixes).
* netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
* netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
* nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-
fixes).
* ntp: Clamp maxerror and esterror to operating range (git-fixes)
* ntp: Remove invalid cast in time offset math (git-fixes)
* ntp: Safeguard against time_constant overflow (git-fixes)
* nvme-fc: do not reference lsrsp after failure (bsc#1245193).
* nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-
fixes).
* nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
* nvme-pci: add quirks for device 126f:1001 (git-fixes).
* nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
* nvme: fix command limits status code (git-fixes).
* nvme: fix implicit bool to flags conversion (git-fixes).
* nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
* nvmet-fc: take tgtport refs for portentry (bsc#1245193).
* nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
* nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
* nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
* nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
* nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
* nvmet-fcloop: prevent double port deletion (bsc#1245193).
* nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
* nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
* nvmet-fcloop: remove nport from list on last user (bsc#1245193).
* nvmet-fcloop: track ref counts for nports (bsc#1245193).
* nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
* pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-
fixes).
* pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
(stable-fixes).
* pinctrl: armada-37xx: propagate error from
armada_37xx_pmx_gpio_set_direction() (stable-fixes).
* pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
(stable-fixes).
* pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
* pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
* pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
* platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
* platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL
(git-fixes).
* platform/x86: dell_rbu: Fix list usage (git-fixes).
* platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
* platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
* power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
* power: supply: collie: Fix wakeup source leaks on device unbind (stable-
fixes).
* powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
(bsc#1215199).
* powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap
(bsc#1244309 ltc#213790).
* powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309
ltc#213790).
* ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
* r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
* regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt()
(git-fixes).
* rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
* rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
* rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
* s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
* s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
* scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
* scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
* scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
* scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
* scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-
fixes).
* scsi: mpi3mr: Add level check to control event logging (git-fixes).
* scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
* scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-
fixes).
* scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-
fixes).
* scsi: st: ERASE does not change tape location (git-fixes).
* scsi: st: Restore some drive settings after reset (git-fixes).
* scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
* scsi: storvsc: Do not report the host packet status as the hv status (git-
fixes).
* scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
* serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
* serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
* serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
* software node: Correct a OOB check in software_node_get_reference_args()
(stable-fixes).
* staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-
fixes).
* struct usci: hide additional member (git-fixes).
* sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-
fixes).
* thunderbolt: Do not double dequeue a configuration request (stable-fixes).
* timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
* timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
* timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
* timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
* trace/trace_event_perf: remove duplicate samples on the first tracepoint
event (git-fixes).
* tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-
fixes).
* tracing: Add __print_dynamic_array() helper (bsc#1243544).
* tracing: Add __string_len() example (bsc#1243544).
* tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-
fixes).
* tracing: Fix compilation warning on arm32 (bsc#1243551).
* tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
* truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
* ucsi_debugfs_entry: hide signedness change (git-fixes).
* uprobes: Use kzalloc to allocate xol area (git-fixes).
* usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
* usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
* usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-
fixes).
* usb: typec: ucsi: Only enable supported notifications (git-fixes).
* usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-
fixes).
* usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
* usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
* usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
* usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
* vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
* vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
* vmxnet3: update MTU after device quiesce (bsc#1244626).
* watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
* watchdog: fix watchdog may detect false positive of softlockup (stable-
fixes).
* watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
* watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
* wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
* wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-
fixes).
* wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
* wifi: ath11k: do not use static variables in
ath11k_debugfs_fw_stats_process() (git-fixes).
* wifi: ath11k: do not wait when there is no vdev started (git-fixes).
* wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
* wifi: ath11k: move some firmware stats related functions outside of debugfs
(git-fixes).
* wifi: ath11k: update channel list in worker when wait flag is set
(bsc#1243847).
* wifi: ath11k: validate ath11k_crypto_mode on top of
ath11k_core_qmi_firmware_ready (git-fixes).
* wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160
MHz (stable-fixes).
* wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-
fixes).
* wifi: ath12k: fix failed to set mhi state error during reboot with hardware
grouping (stable-fixes).
* wifi: ath12k: fix incorrect CE addresses (stable-fixes).
* wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-
fixes).
* wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-
fixes).
* wifi: carl9170: do not ping device which has failed to load firmware (git-
fixes).
* wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
* wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
* wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
* wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-
fixes).
* wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
* wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
(stable-fixes).
* wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
* wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
* wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-
fixes).
* wifi: rtw89: leave idle mode when setting WEP encryption for AP mode
(stable-fixes).
* x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
* x86/microcode/AMD: Add get_patch_level() (git-fixes).
* x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration
(git-fixes).
* x86/microcode/AMD: Merge early_apply_microcode() into its single callsite
(git-fixes).
* x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section()
signature (git-fixes).
* x86/microcode: Consolidate the loader enablement checking (git-fixes).
* x86/mm/init: Handle the special case of device private pages in add_pages(),
to not increase max_pfn and trigger dma_addressing_limited() bounce buffers
(git-fixes).
* x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
* xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
* xen/x86: fix initial memory balloon target (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Micro 6.1
zypper in -t patch SUSE-SLE-Micro-6.1-kernel-52=1
## Package List:
* SUSE Linux Micro 6.1 (noarch)
* kernel-devel-rt-6.4.0-34.1
* kernel-source-rt-6.4.0-34.1
* SUSE Linux Micro 6.1 (aarch64 nosrc x86_64)
* kernel-rt-6.4.0-34.1
* SUSE Linux Micro 6.1 (aarch64 x86_64)
* kernel-rt-debuginfo-6.4.0-34.1
* kernel-rt-devel-6.4.0-34.1
* kernel-rt-debugsource-6.4.0-34.1
* SUSE Linux Micro 6.1 (x86_64)
* kernel-rt-devel-debuginfo-6.4.0-34.1
* kernel-rt-livepatch-6.4.0-34.1
## References:
* https://www.suse.com/security/cve/CVE-2024-26831.html
* https://www.suse.com/security/cve/CVE-2024-56613.html
* https://www.suse.com/security/cve/CVE-2024-56699.html
* https://www.suse.com/security/cve/CVE-2024-57982.html
* https://www.suse.com/security/cve/CVE-2024-58053.html
* https://www.suse.com/security/cve/CVE-2025-21658.html
* https://www.suse.com/security/cve/CVE-2025-21720.html
* https://www.suse.com/security/cve/CVE-2025-21898.html
* https://www.suse.com/security/cve/CVE-2025-21899.html
* https://www.suse.com/security/cve/CVE-2025-21920.html
* https://www.suse.com/security/cve/CVE-2025-21959.html
* https://www.suse.com/security/cve/CVE-2025-22035.html
* https://www.suse.com/security/cve/CVE-2025-22083.html
* https://www.suse.com/security/cve/CVE-2025-22111.html
* https://www.suse.com/security/cve/CVE-2025-22120.html
* https://www.suse.com/security/cve/CVE-2025-37756.html
* https://www.suse.com/security/cve/CVE-2025-37757.html
* https://www.suse.com/security/cve/CVE-2025-37786.html
* https://www.suse.com/security/cve/CVE-2025-37811.html
* https://www.suse.com/security/cve/CVE-2025-37859.html
* https://www.suse.com/security/cve/CVE-2025-37884.html
* https://www.suse.com/security/cve/CVE-2025-37909.html
* https://www.suse.com/security/cve/CVE-2025-37921.html
* https://www.suse.com/security/cve/CVE-2025-37923.html
* https://www.suse.com/security/cve/CVE-2025-37927.html
* https://www.suse.com/security/cve/CVE-2025-37938.html
* https://www.suse.com/security/cve/CVE-2025-37945.html
* https://www.suse.com/security/cve/CVE-2025-37946.html
* https://www.suse.com/security/cve/CVE-2025-37961.html
* https://www.suse.com/security/cve/CVE-2025-37973.html
* https://www.suse.com/security/cve/CVE-2025-37992.html
* https://www.suse.com/security/cve/CVE-2025-37994.html
* https://www.suse.com/security/cve/CVE-2025-37995.html
* https://www.suse.com/security/cve/CVE-2025-37997.html
* https://www.suse.com/security/cve/CVE-2025-38000.html
* https://www.suse.com/security/cve/CVE-2025-38001.html
* https://www.suse.com/security/cve/CVE-2025-38003.html
* https://www.suse.com/security/cve/CVE-2025-38004.html
* https://www.suse.com/security/cve/CVE-2025-38005.html
* https://www.suse.com/security/cve/CVE-2025-38007.html
* https://www.suse.com/security/cve/CVE-2025-38009.html
* https://www.suse.com/security/cve/CVE-2025-38010.html
* https://www.suse.com/security/cve/CVE-2025-38011.html
* https://www.suse.com/security/cve/CVE-2025-38013.html
* https://www.suse.com/security/cve/CVE-2025-38014.html
* https://www.suse.com/security/cve/CVE-2025-38015.html
* https://www.suse.com/security/cve/CVE-2025-38018.html
* https://www.suse.com/security/cve/CVE-2025-38020.html
* https://www.suse.com/security/cve/CVE-2025-38022.html
* https://www.suse.com/security/cve/CVE-2025-38023.html
* https://www.suse.com/security/cve/CVE-2025-38024.html
* https://www.suse.com/security/cve/CVE-2025-38027.html
* https://www.suse.com/security/cve/CVE-2025-38031.html
* https://www.suse.com/security/cve/CVE-2025-38040.html
* https://www.suse.com/security/cve/CVE-2025-38043.html
* https://www.suse.com/security/cve/CVE-2025-38044.html
* https://www.suse.com/security/cve/CVE-2025-38045.html
* https://www.suse.com/security/cve/CVE-2025-38053.html
* https://www.suse.com/security/cve/CVE-2025-38057.html
* https://www.suse.com/security/cve/CVE-2025-38059.html
* https://www.suse.com/security/cve/CVE-2025-38060.html
* https://www.suse.com/security/cve/CVE-2025-38065.html
* https://www.suse.com/security/cve/CVE-2025-38068.html
* https://www.suse.com/security/cve/CVE-2025-38072.html
* https://www.suse.com/security/cve/CVE-2025-38077.html
* https://www.suse.com/security/cve/CVE-2025-38078.html
* https://www.suse.com/security/cve/CVE-2025-38079.html
* https://www.suse.com/security/cve/CVE-2025-38080.html
* https://www.suse.com/security/cve/CVE-2025-38081.html
* https://www.suse.com/security/cve/CVE-2025-38083.html
* https://bugzilla.suse.com/show_bug.cgi?id=1210025
* https://bugzilla.suse.com/show_bug.cgi?id=1211226
* https://bugzilla.suse.com/show_bug.cgi?id=1215199
* https://bugzilla.suse.com/show_bug.cgi?id=1218184
* https://bugzilla.suse.com/show_bug.cgi?id=1223008
* https://bugzilla.suse.com/show_bug.cgi?id=1235490
* https://bugzilla.suse.com/show_bug.cgi?id=1236208
* https://bugzilla.suse.com/show_bug.cgi?id=1237312
* https://bugzilla.suse.com/show_bug.cgi?id=1237913
* https://bugzilla.suse.com/show_bug.cgi?id=1238859
* https://bugzilla.suse.com/show_bug.cgi?id=1238982
* https://bugzilla.suse.com/show_bug.cgi?id=1240577
* https://bugzilla.suse.com/show_bug.cgi?id=1240610
* https://bugzilla.suse.com/show_bug.cgi?id=1240686
* https://bugzilla.suse.com/show_bug.cgi?id=1240814
* https://bugzilla.suse.com/show_bug.cgi?id=1241166
* https://bugzilla.suse.com/show_bug.cgi?id=1241278
* https://bugzilla.suse.com/show_bug.cgi?id=1241414
* https://bugzilla.suse.com/show_bug.cgi?id=1241544
* https://bugzilla.suse.com/show_bug.cgi?id=1241572
* https://bugzilla.suse.com/show_bug.cgi?id=1241592
* https://bugzilla.suse.com/show_bug.cgi?id=1242504
* https://bugzilla.suse.com/show_bug.cgi?id=1242515
* https://bugzilla.suse.com/show_bug.cgi?id=1242521
* https://bugzilla.suse.com/show_bug.cgi?id=1242556
* https://bugzilla.suse.com/show_bug.cgi?id=1242725
* https://bugzilla.suse.com/show_bug.cgi?id=1242907
* https://bugzilla.suse.com/show_bug.cgi?id=1243051
* https://bugzilla.suse.com/show_bug.cgi?id=1243060
* https://bugzilla.suse.com/show_bug.cgi?id=1243342
* https://bugzilla.suse.com/show_bug.cgi?id=1243467
* https://bugzilla.suse.com/show_bug.cgi?id=1243480
* https://bugzilla.suse.com/show_bug.cgi?id=1243506
* https://bugzilla.suse.com/show_bug.cgi?id=1243523
* https://bugzilla.suse.com/show_bug.cgi?id=1243538
* https://bugzilla.suse.com/show_bug.cgi?id=1243544
* https://bugzilla.suse.com/show_bug.cgi?id=1243551
* https://bugzilla.suse.com/show_bug.cgi?id=1243620
* https://bugzilla.suse.com/show_bug.cgi?id=1243698
* https://bugzilla.suse.com/show_bug.cgi?id=1243774
* https://bugzilla.suse.com/show_bug.cgi?id=1243823
* https://bugzilla.suse.com/show_bug.cgi?id=1243827
* https://bugzilla.suse.com/show_bug.cgi?id=1243832
* https://bugzilla.suse.com/show_bug.cgi?id=1243847
* https://bugzilla.suse.com/show_bug.cgi?id=1244100
* https://bugzilla.suse.com/show_bug.cgi?id=1244145
* https://bugzilla.suse.com/show_bug.cgi?id=1244172
* https://bugzilla.suse.com/show_bug.cgi?id=1244176
* https://bugzilla.suse.com/show_bug.cgi?id=1244229
* https://bugzilla.suse.com/show_bug.cgi?id=1244234
* https://bugzilla.suse.com/show_bug.cgi?id=1244241
* https://bugzilla.suse.com/show_bug.cgi?id=1244274
* https://bugzilla.suse.com/show_bug.cgi?id=1244275
* https://bugzilla.suse.com/show_bug.cgi?id=1244277
* https://bugzilla.suse.com/show_bug.cgi?id=1244309
* https://bugzilla.suse.com/show_bug.cgi?id=1244313
* https://bugzilla.suse.com/show_bug.cgi?id=1244337
* https://bugzilla.suse.com/show_bug.cgi?id=1244626
* https://bugzilla.suse.com/show_bug.cgi?id=1244725
* https://bugzilla.suse.com/show_bug.cgi?id=1244727
* https://bugzilla.suse.com/show_bug.cgi?id=1244729
* https://bugzilla.suse.com/show_bug.cgi?id=1244731
* https://bugzilla.suse.com/show_bug.cgi?id=1244732
* https://bugzilla.suse.com/show_bug.cgi?id=1244736
* https://bugzilla.suse.com/show_bug.cgi?id=1244737
* https://bugzilla.suse.com/show_bug.cgi?id=1244738
* https://bugzilla.suse.com/show_bug.cgi?id=1244739
* https://bugzilla.suse.com/show_bug.cgi?id=1244743
* https://bugzilla.suse.com/show_bug.cgi?id=1244746
* https://bugzilla.suse.com/show_bug.cgi?id=1244759
* https://bugzilla.suse.com/show_bug.cgi?id=1244789
* https://bugzilla.suse.com/show_bug.cgi?id=1244862
* https://bugzilla.suse.com/show_bug.cgi?id=1244906
* https://bugzilla.suse.com/show_bug.cgi?id=1244938
* https://bugzilla.suse.com/show_bug.cgi?id=1244995
* https://bugzilla.suse.com/show_bug.cgi?id=1244996
* https://bugzilla.suse.com/show_bug.cgi?id=1244999
* https://bugzilla.suse.com/show_bug.cgi?id=1245001
* https://bugzilla.suse.com/show_bug.cgi?id=1245003
* https://bugzilla.suse.com/show_bug.cgi?id=1245004
* https://bugzilla.suse.com/show_bug.cgi?id=1245025
* https://bugzilla.suse.com/show_bug.cgi?id=1245042
* https://bugzilla.suse.com/show_bug.cgi?id=1245046
* https://bugzilla.suse.com/show_bug.cgi?id=1245078
* https://bugzilla.suse.com/show_bug.cgi?id=1245081
* https://bugzilla.suse.com/show_bug.cgi?id=1245082
* https://bugzilla.suse.com/show_bug.cgi?id=1245083
* https://bugzilla.suse.com/show_bug.cgi?id=1245155
* https://bugzilla.suse.com/show_bug.cgi?id=1245183
* https://bugzilla.suse.com/show_bug.cgi?id=1245193
* https://bugzilla.suse.com/show_bug.cgi?id=1245210
* https://bugzilla.suse.com/show_bug.cgi?id=1245217
* https://bugzilla.suse.com/show_bug.cgi?id=1245225
* https://bugzilla.suse.com/show_bug.cgi?id=1245226
* https://bugzilla.suse.com/show_bug.cgi?id=1245228
* https://bugzilla.suse.com/show_bug.cgi?id=1245431
* https://bugzilla.suse.com/show_bug.cgi?id=1245455
* https://jira.suse.com/browse/PED-12551
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250721/19a85349/attachment.htm>
More information about the sle-security-updates
mailing list