SUSE-SU-2025:3725-1: important: Security update for the Linux Kernel
SLE-SECURITY-UPDATES
null at suse.de
Wed Oct 22 12:32:46 UTC 2025
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2025:3725-1
Release Date: 2025-10-22T11:48:21Z
Rating: important
References:
* bsc#1212533
* bsc#1216527
* bsc#1218644
* bsc#1227555
* bsc#1230062
* bsc#1236897
* bsc#1237449
* bsc#1237776
* bsc#1238782
* bsc#1240324
* bsc#1241166
* bsc#1241292
* bsc#1241866
* bsc#1243112
* bsc#1245538
* bsc#1245700
* bsc#1245963
* bsc#1246057
* bsc#1246190
* bsc#1246248
* bsc#1246298
* bsc#1246509
* bsc#1246782
* bsc#1247099
* bsc#1247126
* bsc#1247136
* bsc#1247137
* bsc#1247223
* bsc#1247239
* bsc#1247262
* bsc#1247442
* bsc#1247483
* bsc#1247963
* bsc#1248111
* bsc#1248121
* bsc#1248192
* bsc#1248199
* bsc#1248200
* bsc#1248202
* bsc#1248225
* bsc#1248296
* bsc#1248343
* bsc#1248357
* bsc#1248360
* bsc#1248365
* bsc#1248378
* bsc#1248380
* bsc#1248392
* bsc#1248512
* bsc#1248610
* bsc#1248616
* bsc#1248619
* bsc#1248622
* bsc#1248626
* bsc#1248628
* bsc#1248634
* bsc#1248639
* bsc#1248674
* bsc#1248681
* bsc#1248733
* bsc#1248734
* bsc#1248735
* bsc#1248775
* bsc#1249122
* bsc#1249123
* bsc#1249124
* bsc#1249125
* bsc#1249126
* bsc#1249143
* bsc#1249156
* bsc#1249163
* bsc#1249172
* bsc#1249176
* bsc#1249183
* bsc#1249186
* bsc#1249193
* bsc#1249199
* bsc#1249201
* bsc#1249202
* bsc#1249206
* bsc#1249258
* bsc#1249262
* bsc#1249274
* bsc#1249284
* bsc#1249290
* bsc#1249295
* bsc#1249300
* bsc#1249303
* bsc#1249305
* bsc#1249306
* bsc#1249315
* bsc#1249333
* bsc#1249334
* bsc#1249374
* bsc#1249481
* bsc#1249482
* bsc#1249488
* bsc#1249494
* bsc#1249504
* bsc#1249508
* bsc#1249510
* bsc#1249513
* bsc#1249516
* bsc#1249524
* bsc#1249526
* bsc#1249533
* bsc#1249540
* bsc#1249545
* bsc#1249566
* bsc#1249604
* bsc#1249608
* bsc#1249770
* bsc#1249887
* bsc#1249906
* bsc#1249915
* bsc#1249974
* bsc#1250002
* bsc#1250021
* bsc#1250025
* bsc#1250057
* bsc#1250179
* bsc#1250251
* bsc#1250267
* bsc#1250294
* bsc#1250334
* bsc#1250336
* bsc#1250344
* bsc#1250365
* bsc#1250407
* bsc#1250522
* bsc#1250530
* bsc#1250574
* bsc#1250655
* bsc#1250722
* bsc#1250952
* jsc#PED-13260
Cross-References:
* CVE-2023-53261
* CVE-2023-5633
* CVE-2024-58090
* CVE-2025-22022
* CVE-2025-38119
* CVE-2025-38216
* CVE-2025-38234
* CVE-2025-38255
* CVE-2025-38263
* CVE-2025-38351
* CVE-2025-38402
* CVE-2025-38408
* CVE-2025-38418
* CVE-2025-38419
* CVE-2025-38456
* CVE-2025-38466
* CVE-2025-38488
* CVE-2025-38514
* CVE-2025-38526
* CVE-2025-38527
* CVE-2025-38533
* CVE-2025-38544
* CVE-2025-38556
* CVE-2025-38574
* CVE-2025-38584
* CVE-2025-38590
* CVE-2025-38593
* CVE-2025-38595
* CVE-2025-38597
* CVE-2025-38614
* CVE-2025-38616
* CVE-2025-38622
* CVE-2025-38623
* CVE-2025-38628
* CVE-2025-38639
* CVE-2025-38640
* CVE-2025-38643
* CVE-2025-38645
* CVE-2025-38659
* CVE-2025-38660
* CVE-2025-38664
* CVE-2025-38676
* CVE-2025-38678
* CVE-2025-38679
* CVE-2025-38684
* CVE-2025-38701
* CVE-2025-38703
* CVE-2025-38705
* CVE-2025-38709
* CVE-2025-38710
* CVE-2025-38721
* CVE-2025-38722
* CVE-2025-38730
* CVE-2025-38732
* CVE-2025-39677
* CVE-2025-39678
* CVE-2025-39681
* CVE-2025-39682
* CVE-2025-39691
* CVE-2025-39695
* CVE-2025-39703
* CVE-2025-39705
* CVE-2025-39707
* CVE-2025-39711
* CVE-2025-39718
* CVE-2025-39738
* CVE-2025-39744
* CVE-2025-39746
* CVE-2025-39747
* CVE-2025-39749
* CVE-2025-39754
* CVE-2025-39764
* CVE-2025-39766
* CVE-2025-39770
* CVE-2025-39773
* CVE-2025-39782
* CVE-2025-39787
* CVE-2025-39797
* CVE-2025-39807
* CVE-2025-39811
* CVE-2025-39816
* CVE-2025-39823
* CVE-2025-39825
* CVE-2025-39830
* CVE-2025-39834
* CVE-2025-39835
* CVE-2025-39838
* CVE-2025-39842
* CVE-2025-39857
* CVE-2025-39865
* CVE-2025-39885
* CVE-2025-39890
* CVE-2025-39922
* CVE-2025-40300
CVSS scores:
* CVE-2023-53261 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2023-53261 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-5633 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5633 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5633 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-58090 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-58090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-22022 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-22022 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38119 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38216 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-38216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-38234 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38234 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38255 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38255 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38263 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38263 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38351 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38351 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38402 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38402 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38408 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38408 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38418 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38419 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38419 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38456 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38456 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38466 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2025-38488 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38488 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38514 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38514 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38526 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38526 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38527 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38527 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38533 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38533 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38544 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38556 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38556 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38574 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38574 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38584 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38584 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38590 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38593 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38595 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38595 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38597 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38614 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38614 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38616 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-38622 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38623 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-38623 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-38628 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38628 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-38639 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38639 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2025-38640 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-38640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38643 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38643 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38645 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38659 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38659 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-38660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38664 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38676 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-38678 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-38679 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38701 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38701 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38703 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38703 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38705 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38709 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38709 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38710 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38710 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-38721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-38732 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-38732 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-39677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39682 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-39691 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
* CVE-2025-39695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39705 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39707 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39707 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39711 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39738 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-39738 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2025-39744 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39746 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39746 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-39747 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39747 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39749 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39782 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39782 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39787 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-39787 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-39797 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39797 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39825 ( SUSE ): 5.9
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39825 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
* CVE-2025-39830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39838 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39838 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-39842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39890 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39890 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-39922 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-39922 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2025-40300 ( SUSE ): 8.2
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2025-40300 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected Products:
* SUSE Linux Enterprise Live Patching 15-SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Real Time Module 15-SP7
An update that solves 94 vulnerabilities, contains one feature and has 41
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer
(bsc#1249770).
* CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are
disabled (bsc#1240324).
* CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints
(bsc#1241292).
* CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler
(bsc#1245700).
* CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased
devices (bsc#1245963).
* CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
* CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
* CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB
flush (bsc#1246782).
* CVE-2025-38402: idpf: return 0 size for RSS key if not supported
(bsc#1247262).
* CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly
(bsc#1247126).
* CVE-2025-38418: remoteproc: core: Release rproc->clean_table after
rproc_attach() fails (bsc#1247137).
* CVE-2025-38419: remoteproc: core: Cleanup acquired resources when
rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
* CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in
ipmi_create_user() (bsc#1247099).
* CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes
(bsc#1247442).
* CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using
async crypto (bsc#1247239).
* CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog
struct (bsc#1248202).
* CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
* CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break
(bsc#1248199).
* CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
* CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
* CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits
(bsc#1248296).
* CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit()
(bsc#1248365).
* CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
* CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found
(bsc#1248360).
* CVE-2025-38593: kABI workaround for bluetooth discovery_state change
(bsc#1248357).
* CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
* CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane
for a video-port (bsc#1248378).
* CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
* CVE-2025-38616: tls: handle data disappearing from under the TLS ULP
(bsc#1248512).
* CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
* CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery
(bsc#1248610).
* CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error
path (bsc#1248616).
* CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-
terminated (bsc#1248674).
* CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
* CVE-2025-38643: wifi: cfg80211: Add missing lock in
cfg80211_check_and_end_cac() (bsc#1248681).
* CVE-2025-38645: net/mlx5: Check device memory pointer before usage
(bsc#1248626).
* CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
* CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated
string (bsc#1248634).
* CVE-2025-38664: ice: Fix a null pointer dereference in
ice_copy_and_init_pkg() (bsc#1248628).
* CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline
(bsc#1248775).
* CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates
(bsc#1249126).
* CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound
check (bsc#1249202).
* CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused
classes (bsc#1249156).
* CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
(bsc#1249258).
* CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
* CVE-2025-38709: loop: Avoid updating block size under exclusive owner
(bsc#1249199).
* CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).
* CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump
(bsc#1249176).
* CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
* CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
* CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback
packets (bsc#1249262).
* CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal
(bsc#1249300).
* CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-
NULL (bsc#1249290).
* CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init
helper (bsc#1249303).
* CVE-2025-39682: tls: fix handling of zero-length records on the rx_list
(bsc#1249284).
* CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper
(bsc#1249374).
* CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag
(bsc#1249315).
* CVE-2025-39705: drm/amd/display: fix a Null pointer dereference
vulnerability (bsc#1249295).
* CVE-2025-39718: vsock/virtio: Validate length in packet header before
skb_put() (bsc#1249305).
* CVE-2025-39738: btrfs: do not allow relocation of partially dropped
subvolumes (bsc#1249540).
* CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work
(bsc#1249494).
* CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable
(bsc#1249516).
* CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race
(bsc#1249533).
* CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration
(bsc#1249524).
* CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation
dumpers (bsc#1249513).
* CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past
buffer_limit (bsc#1249510).
* CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with
only IPV6_CSUM (bsc#1249508).
* CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired()
(bsc#1249504).
* CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint()
(bsc#1249526).
* CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize
(bsc#1249545).
* CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
* CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided
buffer lengths (bsc#1249906).
* CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from
guest (bsc#1250002).
* CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2)
(bsc#1250179).
* CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error
path (bsc#1249974).
* CVE-2025-39834: net/mlx5: HWS, Fix memory leak in
hws_action_get_shared_stc_nic error flow (bsc#1250021).
* CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code
(bsc#1250025).
* CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion
(bsc#1250365).
* CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown
(bsc#1250267).
* CVE-2025-39857: net/smc: fix one NULL pointer dereference in
smc_ib_is_sg_need_sync() (bsc#1250251).
* CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put
(bsc#1250294).
* CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call
(bsc#1250407).
* CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).
* CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT
(bsc#1247483).
The following non-security bugs were fixed:
* 9p/xen: fix init sequence (git-fixes).
* ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
* ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
* ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
* ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
* ACPI: processor: idle: Fix memory leak when register cpuidle device failed
(git-fixes).
* ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
* ACPICA: Fix largest possible resource descriptor index (git-fixes).
* ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not
supported (stable-fixes).
* ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-
fixes).
* ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-
fixes).
* ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
* ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-
fixes).
* ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
* ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
* ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-
fixes).
* ALSA: lx_core: use int type to store negative error codes (git-fixes).
* ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT
(git-fixes).
* ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-
fixes).
* ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
* ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-
fixes).
* ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-
fixes).
* ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
* ALSA: usb-audio: Convert comma to semicolon (git-fixes).
* ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-
fixes).
* ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
* ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
* ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
* ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
* ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
* ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-
fixes).
* ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
* ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
* ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
* ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes).
* ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes).
* ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message
(git-fixes).
* ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
* ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
* ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface
(git-fixes).
* ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
* ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph
failed (git-fixes).
* ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-
fixes).
* ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
* ASoC: wm8940: Correct PLL rate rounding (git-fixes).
* ASoC: wm8940: Correct typo in control name (git-fixes).
* ASoC: wm8974: Correct PLL rate rounding (git-fixes).
* Add alt-commit to drm v3d patch
* Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
* Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
* Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
* Bluetooth: ISO: free rx_skb if not consumed (git-fixes).
* Bluetooth: MGMT: Fix not exposing debug UUID on
MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
* Bluetooth: MGMT: Fix possible UAFs (git-fixes).
* Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
* Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
* Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-
fixes).
* Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
* Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements
(git-fixes).
* Bluetooth: qca: fix invalid device address check (git-fixes).
* Bluetooth: qca: fix wcn3991 device address check (git-fixes).
* Bluetooth: vhci: Prevent use-after-free by removing debugfs files early
(git-fixes).
* Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
* Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
* Drop PCI patches that broke kdump capture boot (bsc#1246509).
* Drop arm64 patches that may lead to module load failure (bsc#1250057).
* Drop ath12k patch that was reverted in the upstream (git-fixes).
* Fix source string __assign_string() (bsc#1238782).
* HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
(stable-fixes).
* HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
* HID: input: report battery status changes immediately (git-fixes).
* HID: intel-ish-ipc: Remove redundant ready check after timeout function
(git-fixes).
* HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
* HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
* HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
* HID: wacom: Add a new Art Pen 2 (stable-fixes).
* IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
* Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table
(stable-fixes).
* Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
* KVM: SVM: Clear current_vmcb during vCPU free for all _possible_ CPUs (git-
fixes).
* KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest
(git-fixes).
* KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-
fixes).
* KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
* KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
* KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-
fixes).
* KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-
fixes).
* KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits
(git-fixes).
* KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
* KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes
bsc#1250336).
* KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table
(git-fixes).
* KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE
(git-fixes).
* KVM: x86: Fully defer to vendor code to decide how to force immediate exit
(git-fixes).
* KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-
fixes).
* KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint (git-
fixes).
* KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
* Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186).
* Limit patch filenames to 100 characters (bsc#1249604).
* NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
* NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
* NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-
fixes).
* NFSv4: Do not clear capabilities that won't be reset (git-fixes).
* PCI: Extend isolated function probing to LoongArch (git-fixes).
* PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()
(git-fixes).
* PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-
fixes).
* RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
* Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
* Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
* Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems
Running" (git-fixes).
* SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
* Squashfs: add additional inode sanity checking (git-fixes).
* Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
* Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
* USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
* USB: serial: option: add Telit Cinterion FN990A w/audio compositions
(stable-fixes).
* USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions
(stable-fixes).
* Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.
* afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
* arm64: Handle KCOV __init vs inline mismatches (git-fixes)
* arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
* arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
* arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-
fixes)
* arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
* arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
* arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-
fixes)
* arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399
Puma with Haikou (git-fixes).
* arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-
fixes)
* arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
* arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-
fixes)
* ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
* batman-adv: fix OOB read/write in network-coding decode (git-fixes).
* bpf, bpftool: Fix incorrect disasm pc (git-fixes).
* bpf/selftests: Fix test_tcpnotify_user (poo#189822).
* bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
* bpf: Fix iter/task tid filtering (git-fixes).
* bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
* bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
* bpf: Properly test iter/task tid filtering (git-fixes).
* bpf: bpftool: Setting error code in do_loader() (git-fixes).
* bpf: handle implicit declaration of function gettid in bpf_iter.c
* bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
* bpftool: Fix JSON writer resource leak in version command (git-fixes).
* bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
* bpftool: Fix readlink usage in get_fd_type (git-fixes).
* bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
* bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-
fixes).
* btrfs: abort transaction during log replay if walk_log_tree() failed (git-
fixes).
* btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()
(git-fixes).
* btrfs: add cancellation points to trim loops (git-fixes).
* btrfs: always abort transaction on failure to add block group to free space
tree (git-fixes).
* btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
* btrfs: avoid load/store tearing races when checking if an inode was logged
(git-fixes).
* btrfs: fix data overwriting bug during buffered write when block size <
page size (git-fixes).
* btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
* btrfs: fix race between logging inode and checking if it was logged before
(git-fixes).
* btrfs: fix race between setting last_dir_index_offset and inode logging
(git-fixes).
* btrfs: make found_logical_ret parameter mandatory for function
queue_scrub_stripe() (git-fixes).
* btrfs: move transaction aborts to the error site in
add_block_group_free_space() (git-fixes).
* btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-
fixes).
* btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-
fixes).
* btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-
fixes).
* btrfs: scrub: fix grouping of read IO (git-fixes).
* btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
* btrfs: split remaining space to discard in chunks (git-fixes).
* btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
* btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
* build_bug.h: Add KABI assert (bsc#1249186).
* bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
* bus: mhi: host: Do not use uninitialized 'dev' pointer in
mhi_init_irq_setup() (git-fixes).
* can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-
fixes).
* can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-
fixes).
* can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
* can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get()
fails (git-fixes).
* can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when
j1939_local_ecu_get() failed (git-fixes).
* can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-
fixes).
* can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
* can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
* can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-
fixes).
* can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB
(git-fixes).
* cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
* ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
* ceph: validate snapdirname option length when mounting (git-fixes).
* cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166).
* cgroup/cpuset: Use static_branch_enable_cpuslocked() on
cpusets_insane_config_key (bsc#1241166).
* cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
* cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked()
(bsc#1247963).
* cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
* cgroup: make css_rstat_updated nmi safe (bsc#1247963).
* cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
* cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
* cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
* compiler-clang.h: define **SANITIZE_*** macros only when undefined (stable-
fixes).
* compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
* cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
* cpufreq: Exit governor when failed to start old governor (stable-fixes).
* cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
* cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
* cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
* cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-
fixes).
* cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
* cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-
fixes).
* cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-
fixes).
* cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
* cpufreq: scpi: compare kHz instead of Hz (git-fixes).
* cpufreq: tegra186: Share policy per cluster (stable-fixes).
* cpupower: Fix a bug where the -t option of the set subcommand was not
working (stable-fixes).
* crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
* crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
* crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
* crypto: hisilicon - re-enable address prefetch after device resuming (git-
fixes).
* crypto: hisilicon/qm - check whether the input function and PF are on the
same device (git-fixes).
* crypto: hisilicon/qm - request reserved interrupt for virtual function (git-
fixes).
* crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
* crypto: hisilicon/zip - remove unnecessary validation for high-performance
mode configurations (git-fixes).
* crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
* crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
* crypto: qat - add shutdown handler to qat_c62x (git-fixes).
* crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
* dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
* dmaengine: dw: dmamux: Fix device reference leak in
rzn1_dmamux_route_allocate (git-fixes).
* dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
* dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
* dmaengine: idxd: Remove improper idxd_free (git-fixes).
* dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-
fixes).
* dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-
fixes).
* dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-
fixes).
* docs: admin-guide: update to current minimum pipe size default (git-fixes).
* drivers/base/node: fix double free in register_one_node() (git-fixes).
* drivers/base/node: handle error properly in register_one_node() (git-fixes).
* drivers/base/node: optimize memory block registration to reduce boot time
(bsc#1241866).
* drivers/base/node: remove register_mem_block_under_node_early()
(bsc#1241866).
* drivers/base/node: remove register_memory_blocks_under_node() function call
from register_one_node (bsc#1241866).
* drivers/base/node: rename __register_one_node() to register_one_node()
(bsc#1241866).
* drivers/base/node: rename register_memory_blocks_under_node() and remove
context argument (bsc#1241866).
* drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
* drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-
fixes).
* drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put (git-
fixes).
* drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG
(stable-fixes).
* drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes).
* drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
* drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
* drm/amd/display: Fix mismatch type comparison (stable-fixes).
* drm/amd/display: Fix unnecessary cast warnings from checkpatch (stable-
fixes).
* drm/amd/display: Reduce accessing remote DPCD overhead (git-fixes).
* drm/amd/display: Remove redundant semicolons (git-fixes).
* drm/amd/display: use udelay rather than fsleep (git-fixes).
* drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
* drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
* drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3)
(git-fixes).
* drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
* drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
* drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
* drm/amdgpu/discovery: fix fw based ip discovery (git-fixes).
* drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes).
* drm/amdgpu/mes: add missing locking in helper functions (stable-fixes).
* drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-
fixes).
* drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time
(stable-fixes).
* drm/amdgpu: Fix Circular Locking Dependency in AMDGPU GFX Isolation (git-
fixes).
* drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
* drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-
fixes).
* drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes).
* drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
* drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
* drm/amdgpu: fix incorrect MALL size for GFX1151 (stable-fixes).
* drm/amdgpu: remove the redeclaration of variable i (git-fixes).
* drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
* drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
* drm/ast: Use msleep instead of mdelay for edid read (git-fixes).
* drm/bridge: it6505: select REGMAP_I2C (git-fixes).
* drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
* drm/cirrus-qemu: Fix pitch programming (git-fixes).
* drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
* drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to
TRAINING_PATTERN_SET (bsc#1248121).
* drm/edid: Add support for quirks visible to DRM core and drivers
(bsc#1248121).
* drm/edid: Define the quirks in an enum list (bsc#1248121).
* drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
* drm/i915/backlight: Return immediately when scale() finds invalid parameters
(stable-fixes).
* drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes).
* drm/i915/icl+/tc: Cache the max lane count value (stable-fixes).
* drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-
fixes).
* drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-
fixes).
* drm/mediatek: fix potential OF node use-after-free (git-fixes).
* drm/msm/dp: account for widebus and yuv420 during mode validation (git-
fixes).
* drm/msm/dpu: fix incorrect type for ret (git-fixes).
* drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-
fixes).
* drm/nouveau: select FW caching (git-fixes).
* drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
* drm/panthor: Defer scheduler entitiy destruction to queue release (git-
fixes).
* drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes).
* drm/panthor: validate group queue count (git-fixes).
* drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
* drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
* drm/simpledrm: Do not upcast in release helpers (git-fixes).
* drm/xe/bmg: Add new PCI IDs (stable-fixes).
* drm/xe/bmg: Update Wa_22019338487 (git-fixes).
* drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes).
* drm/xe/tile: Release kobject for the failure path (git-fixes).
* drm/xe: Allow dropping kunit dependency as built-in (git-fixes).
* drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes).
* drm/xe: Carve out wopcm portion from the stolen memory (git-fixes).
* drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes).
* drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-
fixes).
* drm/xe: Fix and re-enable xe_print_blob_ascii85() (git-fixes).
* drm/xe: Move page fault init after topology init (git-fixes).
* drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-
fixes).
* drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-
fixes).
* erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-
fixes).
* ext4: remove writable userspace mappings before truncating page cache
(bsc#1247223).
* fbcon: Fix OOB access in font allocation (git-fixes).
* fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
* firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
* firmware: meson_sm: fix device leak at probe (git-fixes).
* flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read
(git-fixes).
* fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
* hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
* hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6
addrconf (git-fixes).
* hwmon: (mlxreg-fan) Separate methods of fan setting coming from different
subsystems (git-fixes).
* hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
* hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
* hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
* hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-
fixes bsc#1249122).
* i2c: designware: Add disabling clocks when probe fails (git-fixes).
* i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
* i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
* i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
* i2c: tegra: Use internal reset when reset property is not available
(bsc#1249143)
* i3c: Fix default I2C adapter timeout value (git-fixes).
* i3c: master: svc: Recycle unused IBI slot (git-fixes).
* i3c: master: svc: Use manual response for IBI events (git-fixes).
* iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-
fixes).
* iio: dac: ad5360: use int type to store negative error codes (git-fixes).
* iio: dac: ad5421: use int type to store negative error codes (git-fixes).
* iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
* iio: frequency: adf4350: Fix prescaler usage (git-fixes).
* iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume
(git-fixes).
* iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
* iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
* iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-
fixes).
* isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
* kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets
(git-fixes).
* kABI fix for "netfilter: nf_tables: Audit log rule reset" (git-fixes).
* kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access
probe" (bsc#1248121).
* kABI workaround for RCU tasks exit tracking (bsc#1246298).
* kABI: adjust new field on ip_ct_sctp struct (git-fixes).
* kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
* kABI: make nft_trans_gc_catchall() public again (git-fixes).
* kABI: netfilter flowtable move gc operation to bottom (git-fixes).
* kabi: Restore layout of parallel_data (bsc1248343).
* kabi: add struct cgroup_extra (bsc#1247963).
* kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
* kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA
is found (bsc#1218644, bsc#1250655).
* kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
* mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
* maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
* media: b2c2: Fix use-after-free causing by irq_check_work in
flexcop_pci_remove (git-fixes).
* media: chips-media: wave5: Fix gray color on screen (git-fixes).
* media: cx18: Add missing check after DMA map (git-fixes).
* media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
* media: lirc: Fix error handling in lirc_register() (git-fixes).
* media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes).
* media: pci: ivtv: Add missing check after DMA map (git-fixes).
* media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
* media: st-delta: avoid excessive stack usage (git-fixes).
* media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
* media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-
fixes).
* media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()
(git-fixes).
* media: zoran: Remove zoran_fh structure (git-fixes).
* memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-
fixes).
* mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
* mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data()
(git-fixes).
* misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
* mm/hwpoison: do not send SIGBUS to processes with recovered clean pages
(git-fixes).
* mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
* mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
* mm: move page table sync declarations to linux/pgtable.h (git-fixes).
* mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
* mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
* mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
* mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
* mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
* mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
* mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-
fixes).
* mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
* net: hv_netvsc: fix loss of early receive events from host during channel
open (git-fixes).
* net: nfc: nci: Add parameter validation for packet data (git-fixes).
* net: phy: fix phy_uses_state_machine() (git-fixes).
* net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer
(git-fixes).
* net: rose: convert 'use' field to refcount_t (git-fixes).
* net: rose: fix a typo in rose_clear_routes() (git-fixes).
* net: rose: include node references in rose_neigh refcount (git-fixes).
* net: rose: split remove and free operations in rose_remove_neigh() (stable-
fixes).
* net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-
fixes).
* net: usb: cdc-ncm: check for filtering capability (git-fixes).
* net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-
fixes).
* netfilter: conntrack: fix extension size table (git-fixes).
* netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
* netfilter: handle the connecting collision properly in
nf_conntrack_proto_sctp (git-fixes).
* netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-
fixes).
* netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
* netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
* netfilter: nf_tables: Audit log rule reset (git-fixes).
* netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
* netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
* netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
* netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-
fixes).
* netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
* netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
* netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
* netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-
fixes).
* netfilter: nf_tables: Unbreak audit log reset (git-fixes).
* netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
* netfilter: nf_tables: audit log object reset once per table (git-fixes).
* netfilter: nf_tables: bogus ENOENT when destroying element which does not
exist (git-fixes).
* netfilter: nf_tables: disallow element removal on anonymous sets (git-
fixes).
* netfilter: nf_tables: do not remove elements if set backend implements
.abort (git-fixes).
* netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
* netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
* netfilter: nf_tables: revert do not remove elements if set backend
implements .abort (git-fixes).
* netfilter: nf_tables: split async and sync catchall in two functions (git-
fixes).
* netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
* netfilter: nft_payload: fix wrong mac header matching (git-fixes).
* netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-
fixes).
* netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC
(git-fixes).
* netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation
fails (git-fixes).
* netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
* netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
* netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
* nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-
fixes).
* nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
* nvme-auth: do not re-authenticate queues with no prior authentication
(bsc#1227555).
* nvme-pci: try function level reset on init failure (git-fixes).
* nvme-tcp: remove tag set when second admin queue config fails (git-fixes).
* nvmet-auth: always free derived key data (git-fixes).
* nvmet-auth: authenticate on admin queue only (bsc#1227555).
* nvmet: auth: use NULL to clear a pointer in (git-fixes).
* pcmcia: Add error handling for add_interval() in do_validate_mem() (git-
fixes).
* pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-
fixes).
* pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
* phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
* phy: ti-pipe3: fix device leak at unbind (git-fixes).
* pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
* pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
* pinctrl: renesas: Use int type to store negative error codes (git-fixes).
* pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
* platform/mellanox: mlxbf-pmc: Remove newline char from event name input
(git-fixes).
* platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
* platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks
list (stable-fixes).
* platform/x86/intel: power-domains: Use topology_logical_package_id() for
package ID (git-fixes).
* platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
* platform/x86: think-lmi: Fix class device unregistration (git-fixes).
* platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-
fixes).
* power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery
(git-fixes).
* power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-
fixes).
* power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
* power: supply: max77976_charger: fix constant current reporting (git-fixes).
* pptp: fix pptp_xmit() error path (git-fixes).
* pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
* pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
* pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
* rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
* rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
* rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
* rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
* rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
* rcu-tasks: Maintain real-time response in (bsc#1246298)
* rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
* rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
* rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
* regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
* regulator: scmi: Use int type to store negative error codes (git-fixes).
* regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
* rpm: Configure KABI checkingness macro (bsc#1249186)
* rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186)
* rpm: Link arch-symbols script from scripts directory.
* rpm: Link guards script from scripts directory.
* s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes
bsc#1249183).
* s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes
bsc#1249481).
* s390/debug: Add a reverse mode for debug_dump() (git-fixes jsc#PED-13260).
* s390/debug: Add debug_dump() to write debug view to a string buffer (git-
fixes jsc#PED-13260).
* s390/debug: Simplify and document debug_next_entry() logic (git-fixes
jsc#PED-13260).
* s390/debug: Split private data alloc/free out of file operations (git-fixes
jsc#PED-13260).
* s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes
bsc#1248733 LTC#214881).
* s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733
LTC#214881).
* s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
* s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
* s390/pci: Add pci_msg debug view to PCI report (git-fixes jsc#PED-13260).
* s390/pci: Allow automatic recovery with minimal driver support (git-fixes
bsc#1248734 LTC#214880).
* s390/pci: Report PCI error recovery results via SCLP (git-fixes
jsc#PED-13260).
* s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
* s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
* s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
* s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log
(git-fixes bsc#1249488).
* sched/deadline: Collect sched_dl_entity initialization (git-fixes)
* sched/fair: Remove unused parameter from sched_asym() (git-fixes)
* sched/fair: Take the scheduling domain into account in (git-fixes)
* sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
* sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
* seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast
(git-fixes).
* selftests/bpf: Add asserts for netfilter link info (git-fixes).
* selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
* selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
* selftests/bpf: adapt one more case in test_lru_map to the new target_free
(git-fixes).
* selftests/cpufreq: Fix cpufreq basic read and update testcases
(bsc#1250344).
* selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
* serial: max310x: Add error checking in probe() (git-fixes).
* serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
* soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
* spi: bcm2835: Remove redundant semicolons (git-fixes).
* spi: cadence-quadspi: Flush posted register writes before DAC access (git-
fixes).
* spi: cadence-quadspi: Flush posted register writes before INDAC access (git-
fixes).
* spi: mtk-snfi: Remove redundant semicolons (git-fixes).
* spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
* spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-
fixes).
* spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
* struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
* struct l2cap_chan: shift new member rx_avail to end (git-fixes).
* supported.conf: mark hyperv_drm as external
* thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
* thunderbolt: Compare HMAC values in constant time (git-fixes).
* tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
* tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
* uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
* usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-
fixes).
* usb: core: Add 0x prefix to quirks debug output (stable-fixes).
* usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
* usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
* usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
* usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-
fixes).
* usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-
fixes).
* usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
* usb: typec: fusb302: cache PD RX state (git-fixes).
* usb: typec: maxim_contaminant: disable low power mode when reading
comparator values (git-fixes).
* usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is
clean (git-fixes).
* usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
* usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
* usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2
register (git-fixes).
* usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-
fixes).
* usb: typec: tipd: Clear interrupts first (git-fixes).
* usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
* usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
* use uniform permission checks for all mount propagation changes (git-fixes).
* vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
* vhost-scsi: Return queue full for page alloc failures during copy (git-
fixes).
* vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-
fixes).
* vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
* vhost: fail early when __vhost_add_used() fails (git-fixes).
* vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page
(git-fixes).
* vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
* vsock: Allow retrying on connect() failure (git-fixes).
* vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local`
(git-fixes).
* vsock: avoid timeout during connect() if the socket is closing (git-fixes).
* wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
* wifi: ath11k: Fix DMA buffer allocation to resolve SWIOTLB issues (stable-
fixes).
* wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-
fixes).
* wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation
(stable-fixes).
* wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
* wifi: ath11k: fix group data packet drops during rekey (git-fixes).
* wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
* wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes).
* wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes).
* wifi: ath12k: fix the fetching of combined rssi (git-fixes).
* wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
* wifi: ath12k: fix wrong logging ID used for CE (git-fixes).
* wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
(git-fixes).
* wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
* wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
* wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-
fixes).
* wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
* wifi: iwlwifi: Remove redundant header files (git-fixes).
* wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
* wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
* wifi: mac80211: fix Rx packet handling when pubsta information is not
available (git-fixes).
* wifi: mac80211: fix incorrect type for ret (stable-fixes).
* wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
* wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
* wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-
fixes).
* wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
* wifi: mwifiex: send world regulatory domain to driver (git-fixes).
* wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-
fixes).
* wifi: virt_wifi: Fix page fault on connect (stable-fixes).
* wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-
fixes).
* wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-
fixes).
* writeback: Avoid contention on wb->list_lock when switching inodes
(bsc#1237776).
* writeback: Avoid contention on wb->list_lock when switching inodes (kABI
fixup) (bsc#1237776).
* writeback: Avoid excessively long inode switching times (bsc#1237776).
* writeback: Avoid softlockup when switching many inodes (bsc#1237776).
* wrt: Regression fix for wrt s2idle on AMD laptops (bsc#1243112).
* x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails
(git-fixes).
* x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
* x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
* x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
* x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
* x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP
(bsc#1245538).
* x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
* x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings()
(git-fixes).
* x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
* xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
* xen/netfront: Fix TX response spurious interrupts (git-fixes).
* xen: Add support for XenServer 6.1 platform device (git-fixes).
* xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
* xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
* xfs: rework datasync tracking and execution (bsc#1237449).
* xhci: Fix control transfer error on Etron xHCI host (git-fixes).
* xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
* xhci: dbc: decouple endpoint allocation from initialization (git-fixes).
* xhci: fix memory leak regression when freeing xhci vdev devices depth first
(git-fixes).
* xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 15-SP7
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-3725=1
* SUSE Real Time Module 15-SP7
zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2025-3725=1
## Package List:
* SUSE Linux Enterprise Live Patching 15-SP7 (x86_64)
* kernel-livepatch-6_4_0-150700_7_19-rt-debuginfo-1-150700.1.3.1
* kernel-livepatch-6_4_0-150700_7_19-rt-1-150700.1.3.1
* kernel-livepatch-SLE15-SP7-RT_Update_5-debugsource-1-150700.1.3.1
* SUSE Real Time Module 15-SP7 (x86_64)
* kernel-syms-rt-6.4.0-150700.7.19.1
* kernel-rt-devel-debuginfo-6.4.0-150700.7.19.1
* kernel-rt-devel-6.4.0-150700.7.19.1
* cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.19.1
* dlm-kmp-rt-6.4.0-150700.7.19.1
* dlm-kmp-rt-debuginfo-6.4.0-150700.7.19.1
* cluster-md-kmp-rt-6.4.0-150700.7.19.1
* gfs2-kmp-rt-6.4.0-150700.7.19.1
* kernel-rt-debuginfo-6.4.0-150700.7.19.1
* kernel-rt-debugsource-6.4.0-150700.7.19.1
* gfs2-kmp-rt-debuginfo-6.4.0-150700.7.19.1
* ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.19.1
* ocfs2-kmp-rt-6.4.0-150700.7.19.1
* SUSE Real Time Module 15-SP7 (noarch)
* kernel-devel-rt-6.4.0-150700.7.19.1
* kernel-source-rt-6.4.0-150700.7.19.1
* SUSE Real Time Module 15-SP7 (nosrc x86_64)
* kernel-rt-6.4.0-150700.7.19.1
## References:
* https://www.suse.com/security/cve/CVE-2023-53261.html
* https://www.suse.com/security/cve/CVE-2023-5633.html
* https://www.suse.com/security/cve/CVE-2024-58090.html
* https://www.suse.com/security/cve/CVE-2025-22022.html
* https://www.suse.com/security/cve/CVE-2025-38119.html
* https://www.suse.com/security/cve/CVE-2025-38216.html
* https://www.suse.com/security/cve/CVE-2025-38234.html
* https://www.suse.com/security/cve/CVE-2025-38255.html
* https://www.suse.com/security/cve/CVE-2025-38263.html
* https://www.suse.com/security/cve/CVE-2025-38351.html
* https://www.suse.com/security/cve/CVE-2025-38402.html
* https://www.suse.com/security/cve/CVE-2025-38408.html
* https://www.suse.com/security/cve/CVE-2025-38418.html
* https://www.suse.com/security/cve/CVE-2025-38419.html
* https://www.suse.com/security/cve/CVE-2025-38456.html
* https://www.suse.com/security/cve/CVE-2025-38466.html
* https://www.suse.com/security/cve/CVE-2025-38488.html
* https://www.suse.com/security/cve/CVE-2025-38514.html
* https://www.suse.com/security/cve/CVE-2025-38526.html
* https://www.suse.com/security/cve/CVE-2025-38527.html
* https://www.suse.com/security/cve/CVE-2025-38533.html
* https://www.suse.com/security/cve/CVE-2025-38544.html
* https://www.suse.com/security/cve/CVE-2025-38556.html
* https://www.suse.com/security/cve/CVE-2025-38574.html
* https://www.suse.com/security/cve/CVE-2025-38584.html
* https://www.suse.com/security/cve/CVE-2025-38590.html
* https://www.suse.com/security/cve/CVE-2025-38593.html
* https://www.suse.com/security/cve/CVE-2025-38595.html
* https://www.suse.com/security/cve/CVE-2025-38597.html
* https://www.suse.com/security/cve/CVE-2025-38614.html
* https://www.suse.com/security/cve/CVE-2025-38616.html
* https://www.suse.com/security/cve/CVE-2025-38622.html
* https://www.suse.com/security/cve/CVE-2025-38623.html
* https://www.suse.com/security/cve/CVE-2025-38628.html
* https://www.suse.com/security/cve/CVE-2025-38639.html
* https://www.suse.com/security/cve/CVE-2025-38640.html
* https://www.suse.com/security/cve/CVE-2025-38643.html
* https://www.suse.com/security/cve/CVE-2025-38645.html
* https://www.suse.com/security/cve/CVE-2025-38659.html
* https://www.suse.com/security/cve/CVE-2025-38660.html
* https://www.suse.com/security/cve/CVE-2025-38664.html
* https://www.suse.com/security/cve/CVE-2025-38676.html
* https://www.suse.com/security/cve/CVE-2025-38678.html
* https://www.suse.com/security/cve/CVE-2025-38679.html
* https://www.suse.com/security/cve/CVE-2025-38684.html
* https://www.suse.com/security/cve/CVE-2025-38701.html
* https://www.suse.com/security/cve/CVE-2025-38703.html
* https://www.suse.com/security/cve/CVE-2025-38705.html
* https://www.suse.com/security/cve/CVE-2025-38709.html
* https://www.suse.com/security/cve/CVE-2025-38710.html
* https://www.suse.com/security/cve/CVE-2025-38721.html
* https://www.suse.com/security/cve/CVE-2025-38722.html
* https://www.suse.com/security/cve/CVE-2025-38730.html
* https://www.suse.com/security/cve/CVE-2025-38732.html
* https://www.suse.com/security/cve/CVE-2025-39677.html
* https://www.suse.com/security/cve/CVE-2025-39678.html
* https://www.suse.com/security/cve/CVE-2025-39681.html
* https://www.suse.com/security/cve/CVE-2025-39682.html
* https://www.suse.com/security/cve/CVE-2025-39691.html
* https://www.suse.com/security/cve/CVE-2025-39695.html
* https://www.suse.com/security/cve/CVE-2025-39703.html
* https://www.suse.com/security/cve/CVE-2025-39705.html
* https://www.suse.com/security/cve/CVE-2025-39707.html
* https://www.suse.com/security/cve/CVE-2025-39711.html
* https://www.suse.com/security/cve/CVE-2025-39718.html
* https://www.suse.com/security/cve/CVE-2025-39738.html
* https://www.suse.com/security/cve/CVE-2025-39744.html
* https://www.suse.com/security/cve/CVE-2025-39746.html
* https://www.suse.com/security/cve/CVE-2025-39747.html
* https://www.suse.com/security/cve/CVE-2025-39749.html
* https://www.suse.com/security/cve/CVE-2025-39754.html
* https://www.suse.com/security/cve/CVE-2025-39764.html
* https://www.suse.com/security/cve/CVE-2025-39766.html
* https://www.suse.com/security/cve/CVE-2025-39770.html
* https://www.suse.com/security/cve/CVE-2025-39773.html
* https://www.suse.com/security/cve/CVE-2025-39782.html
* https://www.suse.com/security/cve/CVE-2025-39787.html
* https://www.suse.com/security/cve/CVE-2025-39797.html
* https://www.suse.com/security/cve/CVE-2025-39807.html
* https://www.suse.com/security/cve/CVE-2025-39811.html
* https://www.suse.com/security/cve/CVE-2025-39816.html
* https://www.suse.com/security/cve/CVE-2025-39823.html
* https://www.suse.com/security/cve/CVE-2025-39825.html
* https://www.suse.com/security/cve/CVE-2025-39830.html
* https://www.suse.com/security/cve/CVE-2025-39834.html
* https://www.suse.com/security/cve/CVE-2025-39835.html
* https://www.suse.com/security/cve/CVE-2025-39838.html
* https://www.suse.com/security/cve/CVE-2025-39842.html
* https://www.suse.com/security/cve/CVE-2025-39857.html
* https://www.suse.com/security/cve/CVE-2025-39865.html
* https://www.suse.com/security/cve/CVE-2025-39885.html
* https://www.suse.com/security/cve/CVE-2025-39890.html
* https://www.suse.com/security/cve/CVE-2025-39922.html
* https://www.suse.com/security/cve/CVE-2025-40300.html
* https://bugzilla.suse.com/show_bug.cgi?id=1212533
* https://bugzilla.suse.com/show_bug.cgi?id=1216527
* https://bugzilla.suse.com/show_bug.cgi?id=1218644
* https://bugzilla.suse.com/show_bug.cgi?id=1227555
* https://bugzilla.suse.com/show_bug.cgi?id=1230062
* https://bugzilla.suse.com/show_bug.cgi?id=1236897
* https://bugzilla.suse.com/show_bug.cgi?id=1237449
* https://bugzilla.suse.com/show_bug.cgi?id=1237776
* https://bugzilla.suse.com/show_bug.cgi?id=1238782
* https://bugzilla.suse.com/show_bug.cgi?id=1240324
* https://bugzilla.suse.com/show_bug.cgi?id=1241166
* https://bugzilla.suse.com/show_bug.cgi?id=1241292
* https://bugzilla.suse.com/show_bug.cgi?id=1241866
* https://bugzilla.suse.com/show_bug.cgi?id=1243112
* https://bugzilla.suse.com/show_bug.cgi?id=1245538
* https://bugzilla.suse.com/show_bug.cgi?id=1245700
* https://bugzilla.suse.com/show_bug.cgi?id=1245963
* https://bugzilla.suse.com/show_bug.cgi?id=1246057
* https://bugzilla.suse.com/show_bug.cgi?id=1246190
* https://bugzilla.suse.com/show_bug.cgi?id=1246248
* https://bugzilla.suse.com/show_bug.cgi?id=1246298
* https://bugzilla.suse.com/show_bug.cgi?id=1246509
* https://bugzilla.suse.com/show_bug.cgi?id=1246782
* https://bugzilla.suse.com/show_bug.cgi?id=1247099
* https://bugzilla.suse.com/show_bug.cgi?id=1247126
* https://bugzilla.suse.com/show_bug.cgi?id=1247136
* https://bugzilla.suse.com/show_bug.cgi?id=1247137
* https://bugzilla.suse.com/show_bug.cgi?id=1247223
* https://bugzilla.suse.com/show_bug.cgi?id=1247239
* https://bugzilla.suse.com/show_bug.cgi?id=1247262
* https://bugzilla.suse.com/show_bug.cgi?id=1247442
* https://bugzilla.suse.com/show_bug.cgi?id=1247483
* https://bugzilla.suse.com/show_bug.cgi?id=1247963
* https://bugzilla.suse.com/show_bug.cgi?id=1248111
* https://bugzilla.suse.com/show_bug.cgi?id=1248121
* https://bugzilla.suse.com/show_bug.cgi?id=1248192
* https://bugzilla.suse.com/show_bug.cgi?id=1248199
* https://bugzilla.suse.com/show_bug.cgi?id=1248200
* https://bugzilla.suse.com/show_bug.cgi?id=1248202
* https://bugzilla.suse.com/show_bug.cgi?id=1248225
* https://bugzilla.suse.com/show_bug.cgi?id=1248296
* https://bugzilla.suse.com/show_bug.cgi?id=1248343
* https://bugzilla.suse.com/show_bug.cgi?id=1248357
* https://bugzilla.suse.com/show_bug.cgi?id=1248360
* https://bugzilla.suse.com/show_bug.cgi?id=1248365
* https://bugzilla.suse.com/show_bug.cgi?id=1248378
* https://bugzilla.suse.com/show_bug.cgi?id=1248380
* https://bugzilla.suse.com/show_bug.cgi?id=1248392
* https://bugzilla.suse.com/show_bug.cgi?id=1248512
* https://bugzilla.suse.com/show_bug.cgi?id=1248610
* https://bugzilla.suse.com/show_bug.cgi?id=1248616
* https://bugzilla.suse.com/show_bug.cgi?id=1248619
* https://bugzilla.suse.com/show_bug.cgi?id=1248622
* https://bugzilla.suse.com/show_bug.cgi?id=1248626
* https://bugzilla.suse.com/show_bug.cgi?id=1248628
* https://bugzilla.suse.com/show_bug.cgi?id=1248634
* https://bugzilla.suse.com/show_bug.cgi?id=1248639
* https://bugzilla.suse.com/show_bug.cgi?id=1248674
* https://bugzilla.suse.com/show_bug.cgi?id=1248681
* https://bugzilla.suse.com/show_bug.cgi?id=1248733
* https://bugzilla.suse.com/show_bug.cgi?id=1248734
* https://bugzilla.suse.com/show_bug.cgi?id=1248735
* https://bugzilla.suse.com/show_bug.cgi?id=1248775
* https://bugzilla.suse.com/show_bug.cgi?id=1249122
* https://bugzilla.suse.com/show_bug.cgi?id=1249123
* https://bugzilla.suse.com/show_bug.cgi?id=1249124
* https://bugzilla.suse.com/show_bug.cgi?id=1249125
* https://bugzilla.suse.com/show_bug.cgi?id=1249126
* https://bugzilla.suse.com/show_bug.cgi?id=1249143
* https://bugzilla.suse.com/show_bug.cgi?id=1249156
* https://bugzilla.suse.com/show_bug.cgi?id=1249163
* https://bugzilla.suse.com/show_bug.cgi?id=1249172
* https://bugzilla.suse.com/show_bug.cgi?id=1249176
* https://bugzilla.suse.com/show_bug.cgi?id=1249183
* https://bugzilla.suse.com/show_bug.cgi?id=1249186
* https://bugzilla.suse.com/show_bug.cgi?id=1249193
* https://bugzilla.suse.com/show_bug.cgi?id=1249199
* https://bugzilla.suse.com/show_bug.cgi?id=1249201
* https://bugzilla.suse.com/show_bug.cgi?id=1249202
* https://bugzilla.suse.com/show_bug.cgi?id=1249206
* https://bugzilla.suse.com/show_bug.cgi?id=1249258
* https://bugzilla.suse.com/show_bug.cgi?id=1249262
* https://bugzilla.suse.com/show_bug.cgi?id=1249274
* https://bugzilla.suse.com/show_bug.cgi?id=1249284
* https://bugzilla.suse.com/show_bug.cgi?id=1249290
* https://bugzilla.suse.com/show_bug.cgi?id=1249295
* https://bugzilla.suse.com/show_bug.cgi?id=1249300
* https://bugzilla.suse.com/show_bug.cgi?id=1249303
* https://bugzilla.suse.com/show_bug.cgi?id=1249305
* https://bugzilla.suse.com/show_bug.cgi?id=1249306
* https://bugzilla.suse.com/show_bug.cgi?id=1249315
* https://bugzilla.suse.com/show_bug.cgi?id=1249333
* https://bugzilla.suse.com/show_bug.cgi?id=1249334
* https://bugzilla.suse.com/show_bug.cgi?id=1249374
* https://bugzilla.suse.com/show_bug.cgi?id=1249481
* https://bugzilla.suse.com/show_bug.cgi?id=1249482
* https://bugzilla.suse.com/show_bug.cgi?id=1249488
* https://bugzilla.suse.com/show_bug.cgi?id=1249494
* https://bugzilla.suse.com/show_bug.cgi?id=1249504
* https://bugzilla.suse.com/show_bug.cgi?id=1249508
* https://bugzilla.suse.com/show_bug.cgi?id=1249510
* https://bugzilla.suse.com/show_bug.cgi?id=1249513
* https://bugzilla.suse.com/show_bug.cgi?id=1249516
* https://bugzilla.suse.com/show_bug.cgi?id=1249524
* https://bugzilla.suse.com/show_bug.cgi?id=1249526
* https://bugzilla.suse.com/show_bug.cgi?id=1249533
* https://bugzilla.suse.com/show_bug.cgi?id=1249540
* https://bugzilla.suse.com/show_bug.cgi?id=1249545
* https://bugzilla.suse.com/show_bug.cgi?id=1249566
* https://bugzilla.suse.com/show_bug.cgi?id=1249604
* https://bugzilla.suse.com/show_bug.cgi?id=1249608
* https://bugzilla.suse.com/show_bug.cgi?id=1249770
* https://bugzilla.suse.com/show_bug.cgi?id=1249887
* https://bugzilla.suse.com/show_bug.cgi?id=1249906
* https://bugzilla.suse.com/show_bug.cgi?id=1249915
* https://bugzilla.suse.com/show_bug.cgi?id=1249974
* https://bugzilla.suse.com/show_bug.cgi?id=1250002
* https://bugzilla.suse.com/show_bug.cgi?id=1250021
* https://bugzilla.suse.com/show_bug.cgi?id=1250025
* https://bugzilla.suse.com/show_bug.cgi?id=1250057
* https://bugzilla.suse.com/show_bug.cgi?id=1250179
* https://bugzilla.suse.com/show_bug.cgi?id=1250251
* https://bugzilla.suse.com/show_bug.cgi?id=1250267
* https://bugzilla.suse.com/show_bug.cgi?id=1250294
* https://bugzilla.suse.com/show_bug.cgi?id=1250334
* https://bugzilla.suse.com/show_bug.cgi?id=1250336
* https://bugzilla.suse.com/show_bug.cgi?id=1250344
* https://bugzilla.suse.com/show_bug.cgi?id=1250365
* https://bugzilla.suse.com/show_bug.cgi?id=1250407
* https://bugzilla.suse.com/show_bug.cgi?id=1250522
* https://bugzilla.suse.com/show_bug.cgi?id=1250530
* https://bugzilla.suse.com/show_bug.cgi?id=1250574
* https://bugzilla.suse.com/show_bug.cgi?id=1250655
* https://bugzilla.suse.com/show_bug.cgi?id=1250722
* https://bugzilla.suse.com/show_bug.cgi?id=1250952
* https://jira.suse.com/browse/PED-13260
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20251022/022a7f1e/attachment.htm>
More information about the sle-security-updates
mailing list