Marcus Updateinfo to OVAL Converter 5.5 2026-04-14T06:51:30 Mesa-22.3.5-150500.75.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the Mesa-22.3.5-150500.75.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-5068 at SUSE CVE-2019-5068 at NVD cpe:/o:suse:sle-micro:5.5 NetworkManager-1.38.6-150500.1.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the NetworkManager-1.38.6-150500.1.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2006-7246 at SUSE CVE-2006-7246 at NVD CVE-2015-2924 at SUSE CVE-2015-2924 at NVD CVE-2016-0764 at SUSE CVE-2016-0764 at NVD CVE-2018-1000135 at SUSE CVE-2018-1000135 at NVD CVE-2018-15688 at SUSE CVE-2018-15688 at NVD CVE-2020-10754 at SUSE CVE-2020-10754 at NVD CVE-2020-13529 at SUSE CVE-2020-13529 at NVD CVE-2021-20297 at SUSE CVE-2021-20297 at NVD cpe:/o:suse:sle-micro:5.5 afterburn-5.2.0-150500.1.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the afterburn-5.2.0-150500.1.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-35905 at SUSE CVE-2020-35905 at NVD CVE-2020-36465 at SUSE CVE-2020-36465 at NVD CVE-2021-27378 at SUSE CVE-2021-27378 at NVD CVE-2021-32714 at SUSE CVE-2021-32714 at NVD CVE-2021-32715 at SUSE CVE-2021-32715 at NVD CVE-2021-38191 at SUSE CVE-2021-38191 at NVD CVE-2021-45710 at SUSE CVE-2021-45710 at NVD cpe:/o:suse:sle-micro:5.5 aide-0.16-24.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the aide-0.16-24.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-45417 at SUSE CVE-2021-45417 at NVD cpe:/o:suse:sle-micro:5.5 apparmor-parser-3.0.4-150500.11.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the apparmor-parser-3.0.4-150500.11.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-6507 at SUSE CVE-2017-6507 at NVD CVE-2022-1271 at SUSE CVE-2022-1271 at NVD cpe:/o:suse:sle-micro:5.5 avahi-0.8-150400.7.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the avahi-0.8-150400.7.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-6519 at SUSE CVE-2017-6519 at NVD CVE-2018-1000845 at SUSE CVE-2018-1000845 at NVD CVE-2021-26720 at SUSE CVE-2021-26720 at NVD CVE-2021-3468 at SUSE CVE-2021-3468 at NVD CVE-2021-3502 at SUSE CVE-2021-3502 at NVD CVE-2023-1981 at SUSE CVE-2023-1981 at NVD cpe:/o:suse:sle-micro:5.5 aws-cli-1.27.89-150200.30.11.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the aws-cli-1.27.89-150200.30.11.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-15869 at SUSE CVE-2018-15869 at NVD cpe:/o:suse:sle-micro:5.5 bash-4.4-150400.25.22 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the bash-4.4-150400.25.22 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9401 at SUSE CVE-2016-9401 at NVD cpe:/o:suse:sle-micro:5.5 bcm43xx-firmware-20180314-150400.28.5 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the bcm43xx-firmware-20180314-150400.28.5 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-10370 at SUSE CVE-2020-10370 at NVD cpe:/o:suse:sle-micro:5.5 btrfsmaintenance-0.4.2-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the btrfsmaintenance-0.4.2-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-14722 at SUSE CVE-2018-14722 at NVD cpe:/o:suse:sle-micro:5.5 bzip2-1.0.8-150400.1.122 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the bzip2-1.0.8-150400.1.122 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-3189 at SUSE CVE-2016-3189 at NVD CVE-2019-12900 at SUSE CVE-2019-12900 at NVD cpe:/o:suse:sle-micro:5.5 chrony-4.1-150400.19.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the chrony-4.1-150400.19.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-1567 at SUSE CVE-2016-1567 at NVD CVE-2020-14367 at SUSE CVE-2020-14367 at NVD cpe:/o:suse:sle-micro:5.5 cifs-utils-6.15-150400.3.9.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cifs-utils-6.15-150400.3.9.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-14342 at SUSE CVE-2020-14342 at NVD CVE-2021-20208 at SUSE CVE-2021-20208 at NVD CVE-2022-27239 at SUSE CVE-2022-27239 at NVD CVE-2022-29869 at SUSE CVE-2022-29869 at NVD cpe:/o:suse:sle-micro:5.5 cni-1.1.2-150500.1.20 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cni-1.1.2-150500.1.20 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-20206 at SUSE CVE-2021-20206 at NVD cpe:/o:suse:sle-micro:5.5 cni-plugins-1.1.1-150500.1.19 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cni-plugins-1.1.1-150500.1.19 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-10749 at SUSE CVE-2020-10749 at NVD CVE-2021-20206 at SUSE CVE-2021-20206 at NVD cpe:/o:suse:sle-micro:5.5 conmon-2.1.7-150500.9.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the conmon-2.1.7-150500.9.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-1708 at SUSE CVE-2022-1708 at NVD cpe:/o:suse:sle-micro:5.5 conntrack-tools-1.4.5-1.46 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the conntrack-tools-1.4.5-1.46 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-6496 at SUSE CVE-2015-6496 at NVD cpe:/o:suse:sle-micro:5.5 containerd-1.6.21-150000.93.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the containerd-1.6.21-150000.93.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9962 at SUSE CVE-2016-9962 at NVD CVE-2018-16873 at SUSE CVE-2018-16873 at NVD CVE-2018-16874 at SUSE CVE-2018-16874 at NVD CVE-2018-16875 at SUSE CVE-2018-16875 at NVD CVE-2019-5736 at SUSE CVE-2019-5736 at NVD CVE-2020-15157 at SUSE CVE-2020-15157 at NVD CVE-2020-15257 at SUSE CVE-2020-15257 at NVD CVE-2021-21334 at SUSE CVE-2021-21334 at NVD CVE-2021-32760 at SUSE CVE-2021-32760 at NVD CVE-2021-41103 at SUSE CVE-2021-41103 at NVD CVE-2021-41190 at SUSE CVE-2021-41190 at NVD CVE-2022-23471 at SUSE CVE-2022-23471 at NVD CVE-2022-23648 at SUSE CVE-2022-23648 at NVD CVE-2022-24769 at SUSE CVE-2022-24769 at NVD CVE-2022-27191 at SUSE CVE-2022-27191 at NVD CVE-2022-31030 at SUSE CVE-2022-31030 at NVD CVE-2023-25153 at SUSE CVE-2023-25153 at NVD CVE-2023-25173 at SUSE CVE-2023-25173 at NVD cpe:/o:suse:sle-micro:5.5 containerized-data-importer-manifests-1.55.0-150500.4.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the containerized-data-importer-manifests-1.55.0-150500.4.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-1996 at SUSE CVE-2022-1996 at NVD cpe:/o:suse:sle-micro:5.5 coolkey-1.1.0-1.31 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the coolkey-1.1.0-1.31 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2007-4129 at SUSE CVE-2007-4129 at NVD cpe:/o:suse:sle-micro:5.5 coreutils-8.32-150400.7.5 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the coreutils-8.32-150400.7.5 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-4041 at SUSE CVE-2015-4041 at NVD CVE-2015-4042 at SUSE CVE-2015-4042 at NVD CVE-2017-7476 at SUSE CVE-2017-7476 at NVD cpe:/o:suse:sle-micro:5.5 cpio-2.13-150400.1.98 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cpio-2.13-150400.1.98 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9112 at SUSE CVE-2014-9112 at NVD CVE-2015-1197 at SUSE CVE-2015-1197 at NVD CVE-2016-2037 at SUSE CVE-2016-2037 at NVD CVE-2019-14866 at SUSE CVE-2019-14866 at NVD CVE-2021-38185 at SUSE CVE-2021-38185 at NVD cpe:/o:suse:sle-micro:5.5 cracklib-2.9.7-11.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cracklib-2.9.7-11.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-6318 at SUSE CVE-2016-6318 at NVD cpe:/o:suse:sle-micro:5.5 cryptsetup-2.4.3-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cryptsetup-2.4.3-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-14382 at SUSE CVE-2020-14382 at NVD CVE-2021-4122 at SUSE CVE-2021-4122 at NVD cpe:/o:suse:sle-micro:5.5 cups-config-2.2.7-150000.3.46.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cups-config-2.2.7-150000.3.46.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2012-5519 at SUSE CVE-2012-5519 at NVD CVE-2014-3537 at SUSE CVE-2014-3537 at NVD CVE-2014-5029 at SUSE CVE-2014-5029 at NVD CVE-2014-5030 at SUSE CVE-2014-5030 at NVD CVE-2014-5031 at SUSE CVE-2014-5031 at NVD CVE-2015-1158 at SUSE CVE-2015-1158 at NVD CVE-2015-1159 at SUSE CVE-2015-1159 at NVD CVE-2017-18248 at SUSE CVE-2017-18248 at NVD CVE-2018-4180 at SUSE CVE-2018-4180 at NVD CVE-2018-4181 at SUSE CVE-2018-4181 at NVD CVE-2018-4182 at SUSE CVE-2018-4182 at NVD CVE-2018-4183 at SUSE CVE-2018-4183 at NVD CVE-2018-4700 at SUSE CVE-2018-4700 at NVD CVE-2019-8675 at SUSE CVE-2019-8675 at NVD CVE-2019-8696 at SUSE CVE-2019-8696 at NVD CVE-2019-8842 at SUSE CVE-2019-8842 at NVD CVE-2020-10001 at SUSE CVE-2020-10001 at NVD CVE-2020-3898 at SUSE CVE-2020-3898 at NVD CVE-2021-25317 at SUSE CVE-2021-25317 at NVD CVE-2022-26691 at SUSE CVE-2022-26691 at NVD CVE-2023-32324 at SUSE CVE-2023-32324 at NVD CVE-2023-34241 at SUSE CVE-2023-34241 at NVD cpe:/o:suse:sle-micro:5.5 curl-8.0.1-150400.5.26.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the curl-8.0.1-150400.5.26.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8150 at SUSE CVE-2014-8150 at NVD CVE-2015-3143 at SUSE CVE-2015-3143 at NVD CVE-2015-3144 at SUSE CVE-2015-3144 at NVD CVE-2015-3145 at SUSE CVE-2015-3145 at NVD CVE-2015-3148 at SUSE CVE-2015-3148 at NVD CVE-2015-3153 at SUSE CVE-2015-3153 at NVD CVE-2015-3236 at SUSE CVE-2015-3236 at NVD CVE-2015-3237 at SUSE CVE-2015-3237 at NVD CVE-2016-0755 at SUSE CVE-2016-0755 at NVD CVE-2016-7167 at SUSE CVE-2016-7167 at NVD CVE-2016-8615 at SUSE CVE-2016-8615 at NVD CVE-2016-8616 at SUSE CVE-2016-8616 at NVD CVE-2016-8617 at SUSE CVE-2016-8617 at NVD CVE-2016-8618 at SUSE CVE-2016-8618 at NVD CVE-2016-8619 at SUSE CVE-2016-8619 at NVD CVE-2016-8620 at SUSE CVE-2016-8620 at NVD CVE-2016-8621 at SUSE CVE-2016-8621 at NVD CVE-2016-8622 at SUSE CVE-2016-8622 at NVD CVE-2016-8623 at SUSE CVE-2016-8623 at NVD CVE-2016-8624 at SUSE CVE-2016-8624 at NVD CVE-2016-8625 at SUSE CVE-2016-8625 at NVD CVE-2016-9586 at SUSE CVE-2016-9586 at NVD CVE-2016-9594 at SUSE CVE-2016-9594 at NVD CVE-2017-1000099 at SUSE CVE-2017-1000099 at NVD CVE-2017-1000100 at SUSE CVE-2017-1000100 at NVD CVE-2017-1000101 at SUSE CVE-2017-1000101 at NVD CVE-2017-1000254 at SUSE CVE-2017-1000254 at NVD CVE-2017-1000257 at SUSE CVE-2017-1000257 at NVD CVE-2017-2629 at SUSE CVE-2017-2629 at NVD CVE-2017-7468 at SUSE CVE-2017-7468 at NVD CVE-2017-8816 at SUSE CVE-2017-8816 at NVD CVE-2017-8817 at SUSE CVE-2017-8817 at NVD CVE-2017-8818 at SUSE CVE-2017-8818 at NVD CVE-2017-9502 at SUSE CVE-2017-9502 at NVD CVE-2018-0500 at SUSE CVE-2018-0500 at NVD CVE-2018-1000005 at SUSE CVE-2018-1000005 at NVD CVE-2018-1000007 at SUSE CVE-2018-1000007 at NVD CVE-2018-1000120 at SUSE CVE-2018-1000120 at NVD CVE-2018-1000121 at SUSE CVE-2018-1000121 at NVD CVE-2018-1000122 at SUSE CVE-2018-1000122 at NVD CVE-2018-1000300 at SUSE CVE-2018-1000300 at NVD CVE-2018-1000301 at SUSE CVE-2018-1000301 at NVD CVE-2018-14618 at SUSE CVE-2018-14618 at NVD CVE-2018-16839 at SUSE CVE-2018-16839 at NVD CVE-2018-16840 at SUSE CVE-2018-16840 at NVD CVE-2018-16842 at SUSE CVE-2018-16842 at NVD CVE-2018-16890 at SUSE CVE-2018-16890 at NVD CVE-2019-15601 at SUSE CVE-2019-15601 at NVD CVE-2019-3822 at SUSE CVE-2019-3822 at NVD CVE-2019-3823 at SUSE CVE-2019-3823 at NVD CVE-2019-5435 at SUSE CVE-2019-5435 at NVD CVE-2019-5436 at SUSE CVE-2019-5436 at NVD CVE-2019-5481 at SUSE CVE-2019-5481 at NVD CVE-2019-5482 at SUSE CVE-2019-5482 at NVD CVE-2020-8169 at SUSE CVE-2020-8169 at NVD CVE-2020-8177 at SUSE CVE-2020-8177 at NVD CVE-2020-8231 at SUSE CVE-2020-8231 at NVD CVE-2020-8284 at SUSE CVE-2020-8284 at NVD CVE-2020-8285 at SUSE CVE-2020-8285 at NVD CVE-2020-8286 at SUSE CVE-2020-8286 at NVD CVE-2021-22297 at SUSE CVE-2021-22297 at NVD CVE-2021-22298 at SUSE CVE-2021-22298 at NVD CVE-2021-22876 at SUSE CVE-2021-22876 at NVD CVE-2021-22890 at SUSE CVE-2021-22890 at NVD CVE-2021-22898 at SUSE CVE-2021-22898 at NVD CVE-2021-22901 at SUSE CVE-2021-22901 at NVD CVE-2021-22922 at SUSE CVE-2021-22922 at NVD CVE-2021-22923 at SUSE CVE-2021-22923 at NVD CVE-2021-22924 at SUSE CVE-2021-22924 at NVD CVE-2021-22925 at SUSE CVE-2021-22925 at NVD CVE-2021-22945 at SUSE CVE-2021-22945 at NVD CVE-2021-22946 at SUSE CVE-2021-22946 at NVD CVE-2021-22947 at SUSE CVE-2021-22947 at NVD CVE-2022-22576 at SUSE CVE-2022-22576 at NVD CVE-2022-27774 at SUSE CVE-2022-27774 at NVD CVE-2022-27775 at SUSE CVE-2022-27775 at NVD CVE-2022-27776 at SUSE CVE-2022-27776 at NVD CVE-2022-27778 at SUSE CVE-2022-27778 at NVD CVE-2022-27779 at SUSE CVE-2022-27779 at NVD CVE-2022-27780 at SUSE CVE-2022-27780 at NVD CVE-2022-27781 at SUSE CVE-2022-27781 at NVD CVE-2022-27782 at SUSE CVE-2022-27782 at NVD CVE-2022-30115 at SUSE CVE-2022-30115 at NVD CVE-2022-32205 at SUSE CVE-2022-32205 at NVD CVE-2022-32206 at SUSE CVE-2022-32206 at NVD CVE-2022-32207 at SUSE CVE-2022-32207 at NVD CVE-2022-32208 at SUSE CVE-2022-32208 at NVD CVE-2022-32221 at SUSE CVE-2022-32221 at NVD CVE-2022-35252 at SUSE CVE-2022-35252 at NVD CVE-2022-35260 at SUSE CVE-2022-35260 at NVD CVE-2022-42915 at SUSE CVE-2022-42915 at NVD CVE-2022-42916 at SUSE CVE-2022-42916 at NVD CVE-2022-43551 at SUSE CVE-2022-43551 at NVD CVE-2022-43552 at SUSE CVE-2022-43552 at NVD CVE-2023-23914 at SUSE CVE-2023-23914 at NVD CVE-2023-23915 at SUSE CVE-2023-23915 at NVD CVE-2023-23916 at SUSE CVE-2023-23916 at NVD CVE-2023-27533 at SUSE CVE-2023-27533 at NVD CVE-2023-27534 at SUSE CVE-2023-27534 at NVD CVE-2023-27535 at SUSE CVE-2023-27535 at NVD CVE-2023-27536 at SUSE CVE-2023-27536 at NVD CVE-2023-27537 at SUSE CVE-2023-27537 at NVD CVE-2023-27538 at SUSE CVE-2023-27538 at NVD CVE-2023-28319 at SUSE CVE-2023-28319 at NVD CVE-2023-28320 at SUSE CVE-2023-28320 at NVD CVE-2023-28321 at SUSE CVE-2023-28321 at NVD CVE-2023-28322 at SUSE CVE-2023-28322 at NVD CVE-2023-32001 at SUSE CVE-2023-32001 at NVD cpe:/o:suse:sle-micro:5.5 cyrus-sasl-2.1.28-150500.1.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the cyrus-sasl-2.1.28-150500.1.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-19906 at SUSE CVE-2019-19906 at NVD CVE-2020-8032 at SUSE CVE-2020-8032 at NVD CVE-2022-24407 at SUSE CVE-2022-24407 at NVD cpe:/o:suse:sle-micro:5.5 dbus-1-1.12.2-150400.18.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the dbus-1-1.12.2-150400.18.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3636 at SUSE CVE-2014-3636 at NVD CVE-2014-3637 at SUSE CVE-2014-3637 at NVD CVE-2014-3639 at SUSE CVE-2014-3639 at NVD CVE-2014-7824 at SUSE CVE-2014-7824 at NVD CVE-2014-8148 at SUSE CVE-2014-8148 at NVD CVE-2015-0245 at SUSE CVE-2015-0245 at NVD CVE-2019-12749 at SUSE CVE-2019-12749 at NVD CVE-2020-12049 at SUSE CVE-2020-12049 at NVD CVE-2020-35512 at SUSE CVE-2020-35512 at NVD CVE-2022-42010 at SUSE CVE-2022-42010 at NVD CVE-2022-42011 at SUSE CVE-2022-42011 at NVD CVE-2022-42012 at SUSE CVE-2022-42012 at NVD CVE-2023-34969 at SUSE CVE-2023-34969 at NVD cpe:/o:suse:sle-micro:5.5 dmidecode-3.4-150400.16.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the dmidecode-3.4-150400.16.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2023-30630 at SUSE CVE-2023-30630 at NVD cpe:/o:suse:sle-micro:5.5 dnsmasq-2.86-150400.14.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the dnsmasq-2.86-150400.14.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3294 at SUSE CVE-2015-3294 at NVD CVE-2015-8899 at SUSE CVE-2015-8899 at NVD CVE-2017-14491 at SUSE CVE-2017-14491 at NVD CVE-2017-14492 at SUSE CVE-2017-14492 at NVD CVE-2017-14493 at SUSE CVE-2017-14493 at NVD CVE-2017-14494 at SUSE CVE-2017-14494 at NVD CVE-2017-14495 at SUSE CVE-2017-14495 at NVD CVE-2017-14496 at SUSE CVE-2017-14496 at NVD CVE-2017-15107 at SUSE CVE-2017-15107 at NVD CVE-2019-14834 at SUSE CVE-2019-14834 at NVD CVE-2020-14312 at SUSE CVE-2020-14312 at NVD CVE-2020-25681 at SUSE CVE-2020-25681 at NVD CVE-2020-25682 at SUSE CVE-2020-25682 at NVD CVE-2020-25683 at SUSE CVE-2020-25683 at NVD CVE-2020-25684 at SUSE CVE-2020-25684 at NVD CVE-2020-25685 at SUSE CVE-2020-25685 at NVD CVE-2020-25686 at SUSE CVE-2020-25686 at NVD CVE-2020-25687 at SUSE CVE-2020-25687 at NVD CVE-2021-3448 at SUSE CVE-2021-3448 at NVD CVE-2022-0934 at SUSE CVE-2022-0934 at NVD cpe:/o:suse:sle-micro:5.5 docker-24.0.5_ce-150000.185.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the docker-24.0.5_ce-150000.185.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-5277 at SUSE CVE-2014-5277 at NVD CVE-2014-6407 at SUSE CVE-2014-6407 at NVD CVE-2014-6408 at SUSE CVE-2014-6408 at NVD CVE-2014-8178 at SUSE CVE-2014-8178 at NVD CVE-2014-8179 at SUSE CVE-2014-8179 at NVD CVE-2014-9356 at SUSE CVE-2014-9356 at NVD CVE-2014-9357 at SUSE CVE-2014-9357 at NVD CVE-2014-9358 at SUSE CVE-2014-9358 at NVD CVE-2015-3627 at SUSE CVE-2015-3627 at NVD CVE-2015-3629 at SUSE CVE-2015-3629 at NVD CVE-2015-3630 at SUSE CVE-2015-3630 at NVD CVE-2015-3631 at SUSE CVE-2015-3631 at NVD CVE-2016-3697 at SUSE CVE-2016-3697 at NVD CVE-2016-8867 at SUSE CVE-2016-8867 at NVD CVE-2016-9962 at SUSE CVE-2016-9962 at NVD CVE-2017-14992 at SUSE CVE-2017-14992 at NVD CVE-2017-16539 at SUSE CVE-2017-16539 at NVD CVE-2018-10892 at SUSE CVE-2018-10892 at NVD CVE-2018-15664 at SUSE CVE-2018-15664 at NVD CVE-2018-16873 at SUSE CVE-2018-16873 at NVD CVE-2018-16874 at SUSE CVE-2018-16874 at NVD CVE-2018-16875 at SUSE CVE-2018-16875 at NVD CVE-2018-20699 at SUSE CVE-2018-20699 at NVD CVE-2019-13509 at SUSE CVE-2019-13509 at NVD CVE-2019-14271 at SUSE CVE-2019-14271 at NVD CVE-2020-13401 at SUSE CVE-2020-13401 at NVD CVE-2020-15257 at SUSE CVE-2020-15257 at NVD CVE-2021-21284 at SUSE CVE-2021-21284 at NVD CVE-2021-21285 at SUSE CVE-2021-21285 at NVD CVE-2021-41089 at SUSE CVE-2021-41089 at NVD CVE-2021-41091 at SUSE CVE-2021-41091 at NVD CVE-2021-41092 at SUSE CVE-2021-41092 at NVD CVE-2021-41103 at SUSE CVE-2021-41103 at NVD CVE-2021-41190 at SUSE CVE-2021-41190 at NVD CVE-2021-43565 at SUSE CVE-2021-43565 at NVD CVE-2022-24769 at SUSE CVE-2022-24769 at NVD CVE-2022-27191 at SUSE CVE-2022-27191 at NVD CVE-2022-36109 at SUSE CVE-2022-36109 at NVD CVE-2023-28840 at SUSE CVE-2023-28840 at NVD CVE-2023-28841 at SUSE CVE-2023-28841 at NVD CVE-2023-28842 at SUSE CVE-2023-28842 at NVD cpe:/o:suse:sle-micro:5.5 dracut-055+suse.369.gde6c81bf-150500.3.9.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the dracut-055+suse.369.gde6c81bf-150500.3.9.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-8637 at SUSE CVE-2016-8637 at NVD cpe:/o:suse:sle-micro:5.5 e2fsprogs-1.46.4-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the e2fsprogs-1.46.4-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-0247 at SUSE CVE-2015-0247 at NVD CVE-2015-1572 at SUSE CVE-2015-1572 at NVD CVE-2019-5094 at SUSE CVE-2019-5094 at NVD CVE-2019-5188 at SUSE CVE-2019-5188 at NVD CVE-2022-1304 at SUSE CVE-2022-1304 at NVD cpe:/o:suse:sle-micro:5.5 elfutils-0.185-150400.5.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the elfutils-0.185-150400.5.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9447 at SUSE CVE-2014-9447 at NVD CVE-2018-18310 at SUSE CVE-2018-18310 at NVD CVE-2018-18520 at SUSE CVE-2018-18520 at NVD CVE-2018-18521 at SUSE CVE-2018-18521 at NVD CVE-2019-7146 at SUSE CVE-2019-7146 at NVD CVE-2019-7148 at SUSE CVE-2019-7148 at NVD CVE-2019-7149 at SUSE CVE-2019-7149 at NVD CVE-2019-7150 at SUSE CVE-2019-7150 at NVD CVE-2019-7664 at SUSE CVE-2019-7664 at NVD CVE-2019-7665 at SUSE CVE-2019-7665 at NVD cpe:/o:suse:sle-micro:5.5 file-5.32-7.14.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the file-5.32-7.14.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3710 at SUSE CVE-2014-3710 at NVD CVE-2014-8116 at SUSE CVE-2014-8116 at NVD CVE-2014-8117 at SUSE CVE-2014-8117 at NVD CVE-2017-1000249 at SUSE CVE-2017-1000249 at NVD CVE-2018-10360 at SUSE CVE-2018-10360 at NVD CVE-2019-18218 at SUSE CVE-2019-18218 at NVD CVE-2019-8905 at SUSE CVE-2019-8905 at NVD CVE-2019-8906 at SUSE CVE-2019-8906 at NVD CVE-2019-8907 at SUSE CVE-2019-8907 at NVD cpe:/o:suse:sle-micro:5.5 firewalld-0.9.3-150400.8.12.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the firewalld-0.9.3-150400.8.12.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-5410 at SUSE CVE-2016-5410 at NVD cpe:/o:suse:sle-micro:5.5 gawk-4.2.1-150000.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gawk-4.2.1-150000.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2023-4156 at SUSE CVE-2023-4156 at NVD cpe:/o:suse:sle-micro:5.5 gdk-pixbuf-loader-rsvg-2.52.10-150400.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gdk-pixbuf-loader-rsvg-2.52.10-150400.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-11464 at SUSE CVE-2017-11464 at NVD CVE-2019-20446 at SUSE CVE-2019-20446 at NVD CVE-2021-25900 at SUSE CVE-2021-25900 at NVD CVE-2023-38633 at SUSE CVE-2023-38633 at NVD cpe:/o:suse:sle-micro:5.5 gdk-pixbuf-query-loaders-2.42.9-150400.5.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gdk-pixbuf-query-loaders-2.42.9-150400.5.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-4491 at SUSE CVE-2015-4491 at NVD CVE-2015-7552 at SUSE CVE-2015-7552 at NVD CVE-2015-7673 at SUSE CVE-2015-7673 at NVD CVE-2015-7674 at SUSE CVE-2015-7674 at NVD CVE-2016-6352 at SUSE CVE-2016-6352 at NVD CVE-2017-2862 at SUSE CVE-2017-2862 at NVD CVE-2017-2870 at SUSE CVE-2017-2870 at NVD CVE-2017-6312 at SUSE CVE-2017-6312 at NVD CVE-2017-6313 at SUSE CVE-2017-6313 at NVD CVE-2020-29385 at SUSE CVE-2020-29385 at NVD CVE-2021-44648 at SUSE CVE-2021-44648 at NVD CVE-2021-46829 at SUSE CVE-2021-46829 at NVD cpe:/o:suse:sle-micro:5.5 git-2.35.3-150300.10.27.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the git-2.35.3-150300.10.27.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2005-4900 at SUSE CVE-2005-4900 at NVD CVE-2014-9390 at SUSE CVE-2014-9390 at NVD CVE-2016-2315 at SUSE CVE-2016-2315 at NVD CVE-2016-2324 at SUSE CVE-2016-2324 at NVD CVE-2017-1000117 at SUSE CVE-2017-1000117 at NVD CVE-2017-14867 at SUSE CVE-2017-14867 at NVD CVE-2017-15298 at SUSE CVE-2017-15298 at NVD CVE-2017-8386 at SUSE CVE-2017-8386 at NVD CVE-2018-11233 at SUSE CVE-2018-11233 at NVD CVE-2018-11235 at SUSE CVE-2018-11235 at NVD CVE-2018-17456 at SUSE CVE-2018-17456 at NVD CVE-2018-19486 at SUSE CVE-2018-19486 at NVD CVE-2019-1348 at SUSE CVE-2019-1348 at NVD CVE-2019-1349 at SUSE CVE-2019-1349 at NVD CVE-2019-1350 at SUSE CVE-2019-1350 at NVD CVE-2019-1351 at SUSE CVE-2019-1351 at NVD CVE-2019-1352 at SUSE CVE-2019-1352 at NVD CVE-2019-1353 at SUSE CVE-2019-1353 at NVD CVE-2019-1354 at SUSE CVE-2019-1354 at NVD CVE-2019-1387 at SUSE CVE-2019-1387 at NVD CVE-2019-19604 at SUSE CVE-2019-19604 at NVD CVE-2020-11008 at SUSE CVE-2020-11008 at NVD CVE-2020-5260 at SUSE CVE-2020-5260 at NVD CVE-2021-21300 at SUSE CVE-2021-21300 at NVD CVE-2022-23521 at SUSE CVE-2022-23521 at NVD CVE-2022-24765 at SUSE CVE-2022-24765 at NVD CVE-2022-29187 at SUSE CVE-2022-29187 at NVD CVE-2022-39253 at SUSE CVE-2022-39253 at NVD CVE-2022-39260 at SUSE CVE-2022-39260 at NVD CVE-2022-41903 at SUSE CVE-2022-41903 at NVD CVE-2023-22490 at SUSE CVE-2023-22490 at NVD CVE-2023-23946 at SUSE CVE-2023-23946 at NVD CVE-2023-25652 at SUSE CVE-2023-25652 at NVD CVE-2023-25815 at SUSE CVE-2023-25815 at NVD CVE-2023-29007 at SUSE CVE-2023-29007 at NVD cpe:/o:suse:sle-micro:5.5 glib-networking-2.70.1-150400.1.6 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the glib-networking-2.70.1-150400.1.6 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-13645 at SUSE CVE-2020-13645 at NVD cpe:/o:suse:sle-micro:5.5 glib2-tools-2.70.5-150400.3.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the glib2-tools-2.70.5-150400.3.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-16428 at SUSE CVE-2018-16428 at NVD CVE-2018-16429 at SUSE CVE-2018-16429 at NVD CVE-2019-12450 at SUSE CVE-2019-12450 at NVD CVE-2020-6750 at SUSE CVE-2020-6750 at NVD CVE-2021-27218 at SUSE CVE-2021-27218 at NVD CVE-2021-27219 at SUSE CVE-2021-27219 at NVD CVE-2023-24593 at SUSE CVE-2023-24593 at NVD CVE-2023-25180 at SUSE CVE-2023-25180 at NVD cpe:/o:suse:sle-micro:5.5 glibc-2.31-150300.52.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the glibc-2.31-150300.52.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2009-5155 at SUSE CVE-2009-5155 at NVD CVE-2010-3192 at SUSE CVE-2010-3192 at NVD CVE-2012-3406 at SUSE CVE-2012-3406 at NVD CVE-2013-4458 at SUSE CVE-2013-4458 at NVD CVE-2014-7817 at SUSE CVE-2014-7817 at NVD CVE-2014-8121 at SUSE CVE-2014-8121 at NVD CVE-2014-9402 at SUSE CVE-2014-9402 at NVD CVE-2014-9761 at SUSE CVE-2014-9761 at NVD CVE-2015-1472 at SUSE CVE-2015-1472 at NVD CVE-2015-1473 at SUSE CVE-2015-1473 at NVD CVE-2015-1781 at SUSE CVE-2015-1781 at NVD CVE-2015-5180 at SUSE CVE-2015-5180 at NVD CVE-2015-7547 at SUSE CVE-2015-7547 at NVD CVE-2015-8776 at SUSE CVE-2015-8776 at NVD CVE-2015-8777 at SUSE CVE-2015-8777 at NVD CVE-2015-8778 at SUSE CVE-2015-8778 at NVD CVE-2015-8779 at SUSE CVE-2015-8779 at NVD CVE-2016-10228 at SUSE CVE-2016-10228 at NVD CVE-2016-10739 at SUSE CVE-2016-10739 at NVD CVE-2016-1234 at SUSE CVE-2016-1234 at NVD CVE-2016-3075 at SUSE CVE-2016-3075 at NVD CVE-2016-3706 at SUSE CVE-2016-3706 at NVD CVE-2016-4429 at SUSE CVE-2016-4429 at NVD CVE-2016-5417 at SUSE CVE-2016-5417 at NVD CVE-2016-6323 at SUSE CVE-2016-6323 at NVD CVE-2017-1000366 at SUSE CVE-2017-1000366 at NVD CVE-2017-1000408 at SUSE CVE-2017-1000408 at NVD CVE-2017-1000409 at SUSE CVE-2017-1000409 at NVD CVE-2017-12132 at SUSE CVE-2017-12132 at NVD CVE-2017-12133 at SUSE CVE-2017-12133 at NVD CVE-2017-15670 at SUSE CVE-2017-15670 at NVD CVE-2017-15671 at SUSE CVE-2017-15671 at NVD CVE-2017-15804 at SUSE CVE-2017-15804 at NVD CVE-2017-16997 at SUSE CVE-2017-16997 at NVD CVE-2017-17426 at SUSE CVE-2017-17426 at NVD CVE-2017-18269 at SUSE CVE-2017-18269 at NVD CVE-2018-1000001 at SUSE CVE-2018-1000001 at NVD CVE-2018-11236 at SUSE CVE-2018-11236 at NVD CVE-2018-11237 at SUSE CVE-2018-11237 at NVD CVE-2018-6485 at SUSE CVE-2018-6485 at NVD CVE-2018-6551 at SUSE CVE-2018-6551 at NVD CVE-2019-19126 at SUSE CVE-2019-19126 at NVD CVE-2019-9169 at SUSE CVE-2019-9169 at NVD CVE-2020-10029 at SUSE CVE-2020-10029 at NVD CVE-2020-1751 at SUSE CVE-2020-1751 at NVD CVE-2020-1752 at SUSE CVE-2020-1752 at NVD CVE-2020-27618 at SUSE CVE-2020-27618 at NVD CVE-2020-29562 at SUSE CVE-2020-29562 at NVD CVE-2020-29573 at SUSE CVE-2020-29573 at NVD CVE-2021-27645 at SUSE CVE-2021-27645 at NVD CVE-2021-3326 at SUSE CVE-2021-3326 at NVD CVE-2021-33574 at SUSE CVE-2021-33574 at NVD CVE-2021-35942 at SUSE CVE-2021-35942 at NVD CVE-2021-3999 at SUSE CVE-2021-3999 at NVD CVE-2022-23218 at SUSE CVE-2022-23218 at NVD CVE-2022-23219 at SUSE CVE-2022-23219 at NVD CVE-2023-0687 at SUSE CVE-2023-0687 at NVD cpe:/o:suse:sle-micro:5.5 gnutls-3.7.3-150400.4.35.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gnutls-3.7.3-150400.4.35.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8564 at SUSE CVE-2014-8564 at NVD CVE-2015-6251 at SUSE CVE-2015-6251 at NVD CVE-2016-8610 at SUSE CVE-2016-8610 at NVD CVE-2017-10790 at SUSE CVE-2017-10790 at NVD CVE-2017-7869 at SUSE CVE-2017-7869 at NVD CVE-2018-10844 at SUSE CVE-2018-10844 at NVD CVE-2018-10845 at SUSE CVE-2018-10845 at NVD CVE-2018-10846 at SUSE CVE-2018-10846 at NVD CVE-2018-16868 at SUSE CVE-2018-16868 at NVD CVE-2019-3829 at SUSE CVE-2019-3829 at NVD CVE-2019-3836 at SUSE CVE-2019-3836 at NVD CVE-2020-11501 at SUSE CVE-2020-11501 at NVD CVE-2020-13777 at SUSE CVE-2020-13777 at NVD CVE-2020-24659 at SUSE CVE-2020-24659 at NVD CVE-2021-20231 at SUSE CVE-2021-20231 at NVD CVE-2021-20232 at SUSE CVE-2021-20232 at NVD CVE-2022-2509 at SUSE CVE-2022-2509 at NVD CVE-2023-0361 at SUSE CVE-2023-0361 at NVD cpe:/o:suse:sle-micro:5.5 gpg2-2.2.27-150300.3.5.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gpg2-2.2.27-150300.3.5.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-1000858 at SUSE CVE-2018-1000858 at NVD CVE-2018-12020 at SUSE CVE-2018-12020 at NVD CVE-2018-9234 at SUSE CVE-2018-9234 at NVD CVE-2019-13050 at SUSE CVE-2019-13050 at NVD CVE-2019-14855 at SUSE CVE-2019-14855 at NVD CVE-2020-25125 at SUSE CVE-2020-25125 at NVD CVE-2022-34903 at SUSE CVE-2022-34903 at NVD cpe:/o:suse:sle-micro:5.5 gptfdisk-1.0.8-150400.1.7 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gptfdisk-1.0.8-150400.1.7 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-0256 at SUSE CVE-2020-0256 at NVD CVE-2021-0308 at SUSE CVE-2021-0308 at NVD cpe:/o:suse:sle-micro:5.5 grep-3.1-150000.4.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the grep-3.1-150000.4.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-1345 at SUSE CVE-2015-1345 at NVD cpe:/o:suse:sle-micro:5.5 groff-1.22.4-150400.3.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the groff-1.22.4-150400.3.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2009-5080 at SUSE CVE-2009-5080 at NVD CVE-2009-5081 at SUSE CVE-2009-5081 at NVD cpe:/o:suse:sle-micro:5.5 grub2-2.06-150500.29.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the grub2-2.06-150500.29.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-8370 at SUSE CVE-2015-8370 at NVD CVE-2020-10713 at SUSE CVE-2020-10713 at NVD CVE-2020-14308 at SUSE CVE-2020-14308 at NVD CVE-2020-14309 at SUSE CVE-2020-14309 at NVD CVE-2020-14310 at SUSE CVE-2020-14310 at NVD CVE-2020-14311 at SUSE CVE-2020-14311 at NVD CVE-2020-14372 at SUSE CVE-2020-14372 at NVD CVE-2020-15705 at SUSE CVE-2020-15705 at NVD CVE-2020-15706 at SUSE CVE-2020-15706 at NVD CVE-2020-15707 at SUSE CVE-2020-15707 at NVD CVE-2020-25632 at SUSE CVE-2020-25632 at NVD CVE-2020-25647 at SUSE CVE-2020-25647 at NVD CVE-2020-27749 at SUSE CVE-2020-27749 at NVD CVE-2020-27779 at SUSE CVE-2020-27779 at NVD CVE-2021-20225 at SUSE CVE-2021-20225 at NVD CVE-2021-20233 at SUSE CVE-2021-20233 at NVD CVE-2021-3695 at SUSE CVE-2021-3695 at NVD CVE-2021-3696 at SUSE CVE-2021-3696 at NVD CVE-2021-3697 at SUSE CVE-2021-3697 at NVD CVE-2021-3981 at SUSE CVE-2021-3981 at NVD CVE-2021-46705 at SUSE CVE-2021-46705 at NVD CVE-2022-2601 at SUSE CVE-2022-2601 at NVD CVE-2022-28733 at SUSE CVE-2022-28733 at NVD CVE-2022-28734 at SUSE CVE-2022-28734 at NVD CVE-2022-28735 at SUSE CVE-2022-28735 at NVD CVE-2022-28736 at SUSE CVE-2022-28736 at NVD CVE-2022-3775 at SUSE CVE-2022-3775 at NVD cpe:/o:suse:sle-micro:5.5 gstreamer-1.22.0-150500.3.2.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gstreamer-1.22.0-150500.3.2.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-10198 at SUSE CVE-2016-10198 at NVD CVE-2016-10199 at SUSE CVE-2016-10199 at NVD CVE-2017-5837 at SUSE CVE-2017-5837 at NVD CVE-2017-5838 at SUSE CVE-2017-5838 at NVD CVE-2017-5839 at SUSE CVE-2017-5839 at NVD CVE-2017-5840 at SUSE CVE-2017-5840 at NVD CVE-2017-5841 at SUSE CVE-2017-5841 at NVD CVE-2017-5842 at SUSE CVE-2017-5842 at NVD CVE-2017-5843 at SUSE CVE-2017-5843 at NVD CVE-2017-5844 at SUSE CVE-2017-5844 at NVD CVE-2017-5845 at SUSE CVE-2017-5845 at NVD CVE-2017-5846 at SUSE CVE-2017-5846 at NVD CVE-2017-5847 at SUSE CVE-2017-5847 at NVD CVE-2017-5848 at SUSE CVE-2017-5848 at NVD CVE-2021-3185 at SUSE CVE-2021-3185 at NVD cpe:/o:suse:sle-micro:5.5 gstreamer-plugins-base-1.22.0-150500.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gstreamer-plugins-base-1.22.0-150500.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-9928 at SUSE CVE-2019-9928 at NVD CVE-2021-3185 at SUSE CVE-2021-3185 at NVD CVE-2023-37327 at SUSE CVE-2023-37327 at NVD CVE-2023-37328 at SUSE CVE-2023-37328 at NVD cpe:/o:suse:sle-micro:5.5 gtk2-tools-2.24.33-150400.2.11 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gtk2-tools-2.24.33-150400.2.11 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-7447 at SUSE CVE-2013-7447 at NVD cpe:/o:suse:sle-micro:5.5 guestfs-tools-1.48.3-150500.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the guestfs-tools-1.48.3-150500.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-2211 at SUSE CVE-2022-2211 at NVD cpe:/o:suse:sle-micro:5.5 gzip-1.10-150200.10.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the gzip-1.10-150200.10.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-1271 at SUSE CVE-2022-1271 at NVD cpe:/o:suse:sle-micro:5.5 haproxy-2.4.22+git0.f8e3218e2-150400.3.16.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the haproxy-2.4.22+git0.f8e3218e2-150400.3.16.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3281 at SUSE CVE-2015-3281 at NVD CVE-2018-11469 at SUSE CVE-2018-11469 at NVD CVE-2018-14645 at SUSE CVE-2018-14645 at NVD CVE-2018-20102 at SUSE CVE-2018-20102 at NVD CVE-2018-20103 at SUSE CVE-2018-20103 at NVD CVE-2018-20615 at SUSE CVE-2018-20615 at NVD CVE-2019-14241 at SUSE CVE-2019-14241 at NVD CVE-2019-18277 at SUSE CVE-2019-18277 at NVD CVE-2020-11100 at SUSE CVE-2020-11100 at NVD CVE-2021-39240 at SUSE CVE-2021-39240 at NVD CVE-2021-39241 at SUSE CVE-2021-39241 at NVD CVE-2021-39242 at SUSE CVE-2021-39242 at NVD CVE-2021-40346 at SUSE CVE-2021-40346 at NVD CVE-2022-0711 at SUSE CVE-2022-0711 at NVD CVE-2023-0056 at SUSE CVE-2023-0056 at NVD CVE-2023-40225 at SUSE CVE-2023-40225 at NVD cpe:/o:suse:sle-micro:5.5 iscsiuio-0.7.8.6-150500.44.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the iscsiuio-0.7.8.6-150500.44.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-13987 at SUSE CVE-2020-13987 at NVD CVE-2020-13988 at SUSE CVE-2020-13988 at NVD CVE-2020-17437 at SUSE CVE-2020-17437 at NVD CVE-2020-17438 at SUSE CVE-2020-17438 at NVD cpe:/o:suse:sle-micro:5.5 jq-1.6-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the jq-1.6-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-8863 at SUSE CVE-2015-8863 at NVD CVE-2016-4074 at SUSE CVE-2016-4074 at NVD cpe:/o:suse:sle-micro:5.5 kdump-1.0.2+git42.ge1e25ed-150500.1.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the kdump-1.0.2+git42.ge1e25ed-150500.1.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-5759 at SUSE CVE-2016-5759 at NVD cpe:/o:suse:sle-micro:5.5 keepalived-2.2.2-150500.6.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the keepalived-2.2.2-150500.6.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-19044 at SUSE CVE-2018-19044 at NVD CVE-2018-19045 at SUSE CVE-2018-19045 at NVD CVE-2018-19046 at SUSE CVE-2018-19046 at NVD CVE-2021-44225 at SUSE CVE-2021-44225 at NVD cpe:/o:suse:sle-micro:5.5 kernel-default-5.14.21-150500.55.19.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the kernel-default-5.14.21-150500.55.19.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-3695 at SUSE CVE-2016-3695 at NVD CVE-2017-1000251 at SUSE CVE-2017-1000251 at NVD CVE-2017-12153 at SUSE CVE-2017-12153 at NVD CVE-2017-13080 at SUSE CVE-2017-13080 at NVD CVE-2017-14051 at SUSE CVE-2017-14051 at NVD CVE-2017-16536 at SUSE CVE-2017-16536 at NVD CVE-2017-16537 at SUSE CVE-2017-16537 at NVD CVE-2017-16646 at SUSE CVE-2017-16646 at NVD CVE-2017-16648 at SUSE CVE-2017-16648 at NVD CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2017-5753 at SUSE CVE-2017-5753 at NVD CVE-2017-5754 at SUSE CVE-2017-5754 at NVD CVE-2018-10323 at SUSE CVE-2018-10323 at NVD CVE-2018-12232 at SUSE CVE-2018-12232 at NVD CVE-2018-13053 at SUSE CVE-2018-13053 at NVD CVE-2018-20669 at SUSE CVE-2018-20669 at NVD CVE-2019-0154 at SUSE CVE-2019-0154 at NVD CVE-2019-0155 at SUSE CVE-2019-0155 at NVD CVE-2019-10220 at SUSE CVE-2019-10220 at NVD CVE-2019-11477 at SUSE CVE-2019-11477 at NVD CVE-2019-11478 at SUSE CVE-2019-11478 at NVD CVE-2019-11479 at SUSE CVE-2019-11479 at NVD CVE-2019-14615 at SUSE CVE-2019-14615 at NVD CVE-2019-14814 at SUSE CVE-2019-14814 at NVD CVE-2019-14815 at SUSE CVE-2019-14815 at NVD CVE-2019-14816 at SUSE CVE-2019-14816 at NVD CVE-2019-14895 at SUSE CVE-2019-14895 at NVD CVE-2019-14896 at SUSE CVE-2019-14896 at NVD CVE-2019-14897 at SUSE CVE-2019-14897 at NVD CVE-2019-14901 at SUSE CVE-2019-14901 at NVD CVE-2019-15030 at SUSE CVE-2019-15030 at NVD CVE-2019-15031 at SUSE CVE-2019-15031 at NVD CVE-2019-15098 at SUSE CVE-2019-15098 at NVD CVE-2019-15099 at SUSE CVE-2019-15099 at NVD CVE-2019-15290 at SUSE CVE-2019-15290 at NVD CVE-2019-15291 at SUSE CVE-2019-15291 at NVD CVE-2019-15504 at SUSE CVE-2019-15504 at NVD CVE-2019-16231 at SUSE CVE-2019-16231 at NVD CVE-2019-16232 at SUSE CVE-2019-16232 at NVD CVE-2019-16233 at SUSE CVE-2019-16233 at NVD CVE-2019-16234 at SUSE CVE-2019-16234 at NVD CVE-2019-17133 at SUSE CVE-2019-17133 at NVD CVE-2019-17666 at SUSE CVE-2019-17666 at NVD CVE-2019-18198 at SUSE CVE-2019-18198 at NVD CVE-2019-18660 at SUSE CVE-2019-18660 at NVD CVE-2019-18683 at SUSE CVE-2019-18683 at NVD CVE-2019-18786 at SUSE CVE-2019-18786 at NVD CVE-2019-18808 at SUSE CVE-2019-18808 at NVD CVE-2019-18809 at SUSE CVE-2019-18809 at NVD CVE-2019-18811 at SUSE CVE-2019-18811 at NVD CVE-2019-18812 at SUSE CVE-2019-18812 at NVD CVE-2019-18813 at SUSE CVE-2019-18813 at NVD CVE-2019-18814 at SUSE CVE-2019-18814 at NVD CVE-2019-19037 at SUSE CVE-2019-19037 at NVD CVE-2019-19043 at SUSE CVE-2019-19043 at NVD CVE-2019-19044 at SUSE CVE-2019-19044 at NVD CVE-2019-19045 at SUSE CVE-2019-19045 at NVD CVE-2019-19046 at SUSE CVE-2019-19046 at NVD CVE-2019-19047 at SUSE CVE-2019-19047 at NVD CVE-2019-19048 at SUSE CVE-2019-19048 at NVD CVE-2019-19049 at SUSE CVE-2019-19049 at NVD CVE-2019-19050 at SUSE CVE-2019-19050 at NVD CVE-2019-19051 at SUSE CVE-2019-19051 at NVD CVE-2019-19052 at SUSE CVE-2019-19052 at NVD CVE-2019-19053 at SUSE CVE-2019-19053 at NVD CVE-2019-19054 at SUSE CVE-2019-19054 at NVD CVE-2019-19055 at SUSE CVE-2019-19055 at NVD CVE-2019-19056 at SUSE CVE-2019-19056 at NVD CVE-2019-19057 at SUSE CVE-2019-19057 at NVD CVE-2019-19058 at SUSE CVE-2019-19058 at NVD CVE-2019-19060 at SUSE CVE-2019-19060 at NVD CVE-2019-19061 at SUSE CVE-2019-19061 at NVD CVE-2019-19062 at SUSE CVE-2019-19062 at NVD CVE-2019-19063 at SUSE CVE-2019-19063 at NVD CVE-2019-19064 at SUSE CVE-2019-19064 at NVD CVE-2019-19065 at SUSE CVE-2019-19065 at NVD CVE-2019-19066 at SUSE CVE-2019-19066 at NVD CVE-2019-19067 at SUSE CVE-2019-19067 at NVD CVE-2019-19068 at SUSE CVE-2019-19068 at NVD CVE-2019-19069 at SUSE CVE-2019-19069 at NVD CVE-2019-19070 at SUSE CVE-2019-19070 at NVD CVE-2019-19071 at SUSE CVE-2019-19071 at NVD CVE-2019-19072 at SUSE CVE-2019-19072 at NVD CVE-2019-19073 at SUSE CVE-2019-19073 at NVD CVE-2019-19074 at SUSE CVE-2019-19074 at NVD CVE-2019-19075 at SUSE CVE-2019-19075 at NVD CVE-2019-19077 at SUSE CVE-2019-19077 at NVD CVE-2019-19078 at SUSE CVE-2019-19078 at NVD CVE-2019-19080 at SUSE CVE-2019-19080 at NVD CVE-2019-19081 at SUSE CVE-2019-19081 at NVD CVE-2019-19082 at SUSE CVE-2019-19082 at NVD CVE-2019-19083 at SUSE CVE-2019-19083 at NVD CVE-2019-19241 at SUSE CVE-2019-19241 at NVD CVE-2019-19252 at SUSE CVE-2019-19252 at NVD CVE-2019-19332 at SUSE CVE-2019-19332 at NVD CVE-2019-19338 at SUSE CVE-2019-19338 at NVD CVE-2019-19447 at SUSE CVE-2019-19447 at NVD CVE-2019-19462 at SUSE CVE-2019-19462 at NVD CVE-2019-19523 at SUSE CVE-2019-19523 at NVD CVE-2019-19524 at SUSE CVE-2019-19524 at NVD CVE-2019-19525 at SUSE CVE-2019-19525 at NVD CVE-2019-19526 at SUSE CVE-2019-19526 at NVD CVE-2019-19528 at SUSE CVE-2019-19528 at NVD CVE-2019-19529 at SUSE CVE-2019-19529 at NVD CVE-2019-19532 at SUSE CVE-2019-19532 at NVD CVE-2019-19533 at SUSE CVE-2019-19533 at NVD CVE-2019-19534 at SUSE CVE-2019-19534 at NVD CVE-2019-19602 at SUSE CVE-2019-19602 at NVD CVE-2019-19767 at SUSE CVE-2019-19767 at NVD CVE-2019-19768 at SUSE CVE-2019-19768 at NVD CVE-2019-19769 at SUSE CVE-2019-19769 at NVD CVE-2019-19770 at SUSE CVE-2019-19770 at NVD CVE-2019-19807 at SUSE CVE-2019-19807 at NVD CVE-2019-19922 at SUSE CVE-2019-19922 at NVD CVE-2019-19947 at SUSE CVE-2019-19947 at NVD CVE-2019-19965 at SUSE CVE-2019-19965 at NVD CVE-2019-20422 at SUSE CVE-2019-20422 at NVD CVE-2019-20810 at SUSE CVE-2019-20810 at NVD CVE-2019-20812 at SUSE CVE-2019-20812 at NVD CVE-2019-3016 at SUSE CVE-2019-3016 at NVD CVE-2019-8912 at SUSE CVE-2019-8912 at NVD CVE-2020-0110 at SUSE CVE-2020-0110 at NVD CVE-2020-0305 at SUSE CVE-2020-0305 at NVD CVE-2020-0404 at SUSE CVE-2020-0404 at NVD CVE-2020-0427 at SUSE CVE-2020-0427 at NVD CVE-2020-0431 at SUSE CVE-2020-0431 at NVD CVE-2020-0432 at SUSE CVE-2020-0432 at NVD CVE-2020-0444 at SUSE CVE-2020-0444 at NVD CVE-2020-0465 at SUSE CVE-2020-0465 at NVD CVE-2020-0466 at SUSE CVE-2020-0466 at NVD CVE-2020-0543 at SUSE CVE-2020-0543 at NVD CVE-2020-10135 at SUSE CVE-2020-10135 at NVD CVE-2020-10690 at SUSE CVE-2020-10690 at NVD CVE-2020-10711 at SUSE CVE-2020-10711 at NVD CVE-2020-10732 at SUSE CVE-2020-10732 at NVD CVE-2020-10751 at SUSE CVE-2020-10751 at NVD CVE-2020-10757 at SUSE CVE-2020-10757 at NVD CVE-2020-10766 at SUSE CVE-2020-10766 at NVD CVE-2020-10767 at SUSE CVE-2020-10767 at NVD CVE-2020-10768 at SUSE CVE-2020-10768 at NVD CVE-2020-10773 at SUSE CVE-2020-10773 at NVD CVE-2020-10781 at SUSE CVE-2020-10781 at NVD CVE-2020-10942 at SUSE CVE-2020-10942 at NVD CVE-2020-11494 at SUSE CVE-2020-11494 at NVD CVE-2020-11608 at SUSE CVE-2020-11608 at NVD CVE-2020-11668 at SUSE CVE-2020-11668 at NVD CVE-2020-11884 at SUSE CVE-2020-11884 at NVD CVE-2020-12351 at SUSE CVE-2020-12351 at NVD CVE-2020-12352 at SUSE CVE-2020-12352 at NVD CVE-2020-12362 at SUSE CVE-2020-12362 at NVD CVE-2020-12363 at SUSE CVE-2020-12363 at NVD CVE-2020-12364 at SUSE CVE-2020-12364 at NVD CVE-2020-12373 at SUSE CVE-2020-12373 at NVD CVE-2020-12464 at SUSE CVE-2020-12464 at NVD CVE-2020-12465 at SUSE CVE-2020-12465 at NVD CVE-2020-12652 at SUSE CVE-2020-12652 at NVD CVE-2020-12653 at SUSE CVE-2020-12653 at NVD CVE-2020-12654 at SUSE CVE-2020-12654 at NVD CVE-2020-12655 at SUSE CVE-2020-12655 at NVD CVE-2020-12656 at SUSE CVE-2020-12656 at NVD CVE-2020-12657 at SUSE CVE-2020-12657 at NVD CVE-2020-12659 at SUSE CVE-2020-12659 at NVD CVE-2020-12769 at SUSE CVE-2020-12769 at NVD CVE-2020-12770 at SUSE CVE-2020-12770 at NVD CVE-2020-12771 at SUSE CVE-2020-12771 at NVD CVE-2020-12888 at SUSE CVE-2020-12888 at NVD CVE-2020-13143 at SUSE CVE-2020-13143 at NVD CVE-2020-13974 at SUSE CVE-2020-13974 at NVD CVE-2020-14314 at SUSE CVE-2020-14314 at NVD CVE-2020-14331 at SUSE CVE-2020-14331 at NVD CVE-2020-14351 at SUSE CVE-2020-14351 at NVD CVE-2020-14356 at SUSE CVE-2020-14356 at NVD CVE-2020-14385 at SUSE CVE-2020-14385 at NVD CVE-2020-14386 at SUSE CVE-2020-14386 at NVD CVE-2020-14390 at SUSE CVE-2020-14390 at NVD CVE-2020-14416 at SUSE CVE-2020-14416 at NVD CVE-2020-15393 at SUSE CVE-2020-15393 at NVD CVE-2020-15436 at SUSE CVE-2020-15436 at NVD CVE-2020-15437 at SUSE CVE-2020-15437 at NVD CVE-2020-15780 at SUSE CVE-2020-15780 at NVD CVE-2020-16119 at SUSE CVE-2020-16119 at NVD CVE-2020-16120 at SUSE CVE-2020-16120 at NVD CVE-2020-16166 at SUSE CVE-2020-16166 at NVD CVE-2020-1749 at SUSE CVE-2020-1749 at NVD CVE-2020-24490 at SUSE CVE-2020-24490 at NVD CVE-2020-24586 at SUSE CVE-2020-24586 at NVD CVE-2020-24587 at SUSE CVE-2020-24587 at NVD CVE-2020-24588 at SUSE CVE-2020-24588 at NVD CVE-2020-2521 at SUSE CVE-2020-2521 at NVD CVE-2020-25211 at SUSE CVE-2020-25211 at NVD CVE-2020-25212 at SUSE CVE-2020-25212 at NVD CVE-2020-25284 at SUSE CVE-2020-25284 at NVD CVE-2020-25285 at SUSE CVE-2020-25285 at NVD CVE-2020-25639 at SUSE CVE-2020-25639 at NVD CVE-2020-25641 at SUSE CVE-2020-25641 at NVD CVE-2020-25643 at SUSE CVE-2020-25643 at NVD CVE-2020-25645 at SUSE CVE-2020-25645 at NVD CVE-2020-25656 at SUSE CVE-2020-25656 at NVD CVE-2020-25668 at SUSE CVE-2020-25668 at NVD CVE-2020-25669 at SUSE CVE-2020-25669 at NVD CVE-2020-25670 at SUSE CVE-2020-25670 at NVD CVE-2020-25671 at SUSE CVE-2020-25671 at NVD CVE-2020-25672 at SUSE CVE-2020-25672 at NVD CVE-2020-25673 at SUSE CVE-2020-25673 at NVD CVE-2020-25704 at SUSE CVE-2020-25704 at NVD CVE-2020-25705 at SUSE CVE-2020-25705 at NVD CVE-2020-26088 at SUSE CVE-2020-26088 at NVD CVE-2020-26139 at SUSE CVE-2020-26139 at NVD CVE-2020-26141 at SUSE CVE-2020-26141 at NVD CVE-2020-26145 at SUSE CVE-2020-26145 at NVD CVE-2020-26147 at SUSE CVE-2020-26147 at NVD CVE-2020-26558 at SUSE CVE-2020-26558 at NVD CVE-2020-27068 at SUSE CVE-2020-27068 at NVD CVE-2020-27170 at SUSE CVE-2020-27170 at NVD CVE-2020-27171 at SUSE CVE-2020-27171 at NVD CVE-2020-27194 at SUSE CVE-2020-27194 at NVD CVE-2020-2732 at SUSE CVE-2020-2732 at NVD CVE-2020-27673 at SUSE CVE-2020-27673 at NVD CVE-2020-27675 at SUSE CVE-2020-27675 at NVD CVE-2020-27777 at SUSE CVE-2020-27777 at NVD CVE-2020-27786 at SUSE CVE-2020-27786 at NVD CVE-2020-27815 at SUSE CVE-2020-27815 at NVD CVE-2020-27820 at SUSE CVE-2020-27820 at NVD CVE-2020-27825 at SUSE CVE-2020-27825 at NVD CVE-2020-27830 at SUSE CVE-2020-27830 at NVD CVE-2020-27835 at SUSE CVE-2020-27835 at NVD CVE-2020-28374 at SUSE CVE-2020-28374 at NVD CVE-2020-28915 at SUSE CVE-2020-28915 at NVD CVE-2020-28941 at SUSE CVE-2020-28941 at NVD CVE-2020-28974 at SUSE CVE-2020-28974 at NVD CVE-2020-29368 at SUSE CVE-2020-29368 at NVD CVE-2020-29369 at SUSE CVE-2020-29369 at NVD CVE-2020-29370 at SUSE CVE-2020-29370 at NVD CVE-2020-29371 at SUSE CVE-2020-29371 at NVD CVE-2020-29373 at SUSE CVE-2020-29373 at NVD CVE-2020-29568 at SUSE CVE-2020-29568 at NVD CVE-2020-29569 at SUSE CVE-2020-29569 at NVD CVE-2020-29660 at SUSE CVE-2020-29660 at NVD CVE-2020-29661 at SUSE CVE-2020-29661 at NVD CVE-2020-35519 at SUSE CVE-2020-35519 at NVD CVE-2020-36158 at SUSE CVE-2020-36158 at NVD CVE-2020-36310 at SUSE CVE-2020-36310 at NVD CVE-2020-36311 at SUSE CVE-2020-36311 at NVD CVE-2020-36312 at SUSE CVE-2020-36312 at NVD CVE-2020-36322 at SUSE CVE-2020-36322 at NVD CVE-2020-36385 at SUSE CVE-2020-36385 at NVD CVE-2020-36386 at SUSE CVE-2020-36386 at NVD CVE-2020-36516 at SUSE CVE-2020-36516 at NVD CVE-2020-4788 at SUSE CVE-2020-4788 at NVD CVE-2020-8428 at SUSE CVE-2020-8428 at NVD CVE-2020-8647 at SUSE CVE-2020-8647 at NVD CVE-2020-8648 at SUSE CVE-2020-8648 at NVD CVE-2020-8649 at SUSE CVE-2020-8649 at NVD CVE-2020-8694 at SUSE CVE-2020-8694 at NVD CVE-2020-8835 at SUSE CVE-2020-8835 at NVD CVE-2020-8992 at SUSE CVE-2020-8992 at NVD CVE-2020-9383 at SUSE CVE-2020-9383 at NVD CVE-2021-0129 at SUSE CVE-2021-0129 at NVD CVE-2021-0342 at SUSE CVE-2021-0342 at NVD CVE-2021-0512 at SUSE CVE-2021-0512 at NVD CVE-2021-0605 at SUSE CVE-2021-0605 at NVD CVE-2021-20177 at SUSE CVE-2021-20177 at NVD CVE-2021-20268 at SUSE CVE-2021-20268 at NVD CVE-2021-20321 at SUSE CVE-2021-20321 at NVD CVE-2021-21781 at SUSE CVE-2021-21781 at NVD CVE-2021-22543 at SUSE CVE-2021-22543 at NVD CVE-2021-22555 at SUSE CVE-2021-22555 at NVD CVE-2021-22600 at SUSE CVE-2021-22600 at NVD CVE-2021-23134 at SUSE CVE-2021-23134 at NVD CVE-2021-26341 at SUSE CVE-2021-26341 at NVD CVE-2021-26930 at SUSE CVE-2021-26930 at NVD CVE-2021-26931 at SUSE CVE-2021-26931 at NVD CVE-2021-26932 at SUSE CVE-2021-26932 at NVD CVE-2021-27363 at SUSE CVE-2021-27363 at NVD CVE-2021-27364 at SUSE CVE-2021-27364 at NVD CVE-2021-27365 at SUSE CVE-2021-27365 at NVD CVE-2021-28038 at SUSE CVE-2021-28038 at NVD CVE-2021-28375 at SUSE CVE-2021-28375 at NVD CVE-2021-28660 at SUSE CVE-2021-28660 at NVD CVE-2021-28688 at SUSE CVE-2021-28688 at NVD CVE-2021-28711 at SUSE CVE-2021-28711 at NVD CVE-2021-28712 at SUSE CVE-2021-28712 at NVD CVE-2021-28713 at SUSE CVE-2021-28713 at NVD CVE-2021-28714 at SUSE CVE-2021-28714 at NVD CVE-2021-28715 at SUSE CVE-2021-28715 at NVD CVE-2021-28950 at SUSE CVE-2021-28950 at NVD CVE-2021-28952 at SUSE CVE-2021-28952 at NVD CVE-2021-28964 at SUSE CVE-2021-28964 at NVD CVE-2021-28971 at SUSE CVE-2021-28971 at NVD CVE-2021-28972 at SUSE CVE-2021-28972 at NVD CVE-2021-29154 at SUSE CVE-2021-29154 at NVD CVE-2021-29155 at SUSE CVE-2021-29155 at NVD CVE-2021-29264 at SUSE CVE-2021-29264 at NVD CVE-2021-29265 at SUSE CVE-2021-29265 at NVD CVE-2021-29647 at SUSE CVE-2021-29647 at NVD CVE-2021-29650 at SUSE CVE-2021-29650 at NVD CVE-2021-30002 at SUSE CVE-2021-30002 at NVD CVE-2021-32399 at SUSE CVE-2021-32399 at NVD CVE-2021-33034 at SUSE CVE-2021-33034 at NVD CVE-2021-33061 at SUSE CVE-2021-33061 at NVD CVE-2021-33135 at SUSE CVE-2021-33135 at NVD CVE-2021-33200 at SUSE CVE-2021-33200 at NVD CVE-2021-3347 at SUSE CVE-2021-3347 at NVD CVE-2021-3348 at SUSE CVE-2021-3348 at NVD CVE-2021-33624 at SUSE CVE-2021-33624 at NVD CVE-2021-33655 at SUSE CVE-2021-33655 at NVD CVE-2021-33909 at SUSE CVE-2021-33909 at NVD CVE-2021-3428 at SUSE CVE-2021-3428 at NVD CVE-2021-3444 at SUSE CVE-2021-3444 at NVD CVE-2021-34556 at SUSE CVE-2021-34556 at NVD CVE-2021-34693 at SUSE CVE-2021-34693 at NVD CVE-2021-3483 at SUSE CVE-2021-3483 at NVD CVE-2021-3489 at SUSE CVE-2021-3489 at NVD CVE-2021-3490 at SUSE CVE-2021-3490 at NVD CVE-2021-3491 at SUSE CVE-2021-3491 at NVD CVE-2021-35039 at SUSE CVE-2021-35039 at NVD CVE-2021-3542 at SUSE CVE-2021-3542 at NVD CVE-2021-35477 at SUSE CVE-2021-35477 at NVD CVE-2021-3573 at SUSE CVE-2021-3573 at NVD CVE-2021-3609 at SUSE CVE-2021-3609 at NVD CVE-2021-3612 at SUSE CVE-2021-3612 at NVD CVE-2021-3640 at SUSE CVE-2021-3640 at NVD CVE-2021-3653 at SUSE CVE-2021-3653 at NVD CVE-2021-3656 at SUSE CVE-2021-3656 at NVD CVE-2021-3659 at SUSE CVE-2021-3659 at NVD CVE-2021-3679 at SUSE CVE-2021-3679 at NVD CVE-2021-3732 at SUSE CVE-2021-3732 at NVD CVE-2021-3739 at SUSE CVE-2021-3739 at NVD CVE-2021-3743 at SUSE CVE-2021-3743 at NVD CVE-2021-3744 at SUSE CVE-2021-3744 at NVD CVE-2021-3753 at SUSE CVE-2021-3753 at NVD CVE-2021-37576 at SUSE CVE-2021-37576 at NVD CVE-2021-3759 at SUSE CVE-2021-3759 at NVD CVE-2021-3760 at SUSE CVE-2021-3760 at NVD CVE-2021-3764 at SUSE CVE-2021-3764 at NVD CVE-2021-3772 at SUSE CVE-2021-3772 at NVD CVE-2021-38160 at SUSE CVE-2021-38160 at NVD CVE-2021-38166 at SUSE CVE-2021-38166 at NVD CVE-2021-38198 at SUSE CVE-2021-38198 at NVD CVE-2021-38204 at SUSE CVE-2021-38204 at NVD CVE-2021-38205 at SUSE CVE-2021-38205 at NVD CVE-2021-38206 at SUSE CVE-2021-38206 at NVD CVE-2021-38207 at SUSE CVE-2021-38207 at NVD CVE-2021-38209 at SUSE CVE-2021-38209 at NVD CVE-2021-3896 at SUSE CVE-2021-3896 at NVD CVE-2021-39685 at SUSE CVE-2021-39685 at NVD CVE-2021-39698 at SUSE CVE-2021-39698 at NVD CVE-2021-4001 at SUSE CVE-2021-4001 at NVD CVE-2021-4002 at SUSE CVE-2021-4002 at NVD CVE-2021-4037 at SUSE CVE-2021-4037 at NVD CVE-2021-4083 at SUSE CVE-2021-4083 at NVD CVE-2021-4090 at SUSE CVE-2021-4090 at NVD CVE-2021-41073 at SUSE CVE-2021-41073 at NVD CVE-2021-4135 at SUSE CVE-2021-4135 at NVD CVE-2021-4148 at SUSE CVE-2021-4148 at NVD CVE-2021-4155 at SUSE CVE-2021-4155 at NVD CVE-2021-41864 at SUSE CVE-2021-41864 at NVD CVE-2021-4197 at SUSE CVE-2021-4197 at NVD CVE-2021-4202 at SUSE CVE-2021-4202 at NVD CVE-2021-4204 at SUSE CVE-2021-4204 at NVD CVE-2021-42252 at SUSE CVE-2021-42252 at NVD CVE-2021-42327 at SUSE CVE-2021-42327 at NVD CVE-2021-42739 at SUSE CVE-2021-42739 at NVD CVE-2021-43056 at SUSE CVE-2021-43056 at NVD CVE-2021-43057 at SUSE CVE-2021-43057 at NVD CVE-2021-43267 at SUSE CVE-2021-43267 at NVD CVE-2021-43389 at SUSE CVE-2021-43389 at NVD CVE-2021-43975 at SUSE CVE-2021-43975 at NVD CVE-2021-43976 at SUSE CVE-2021-43976 at NVD CVE-2021-44733 at SUSE CVE-2021-44733 at NVD CVE-2021-44879 at SUSE CVE-2021-44879 at NVD CVE-2021-45095 at SUSE CVE-2021-45095 at NVD CVE-2021-45402 at SUSE CVE-2021-45402 at NVD CVE-2021-45480 at SUSE CVE-2021-45480 at NVD CVE-2021-45868 at SUSE CVE-2021-45868 at NVD CVE-2022-0001 at SUSE CVE-2022-0001 at NVD CVE-2022-0002 at SUSE CVE-2022-0002 at NVD CVE-2022-0168 at SUSE CVE-2022-0168 at NVD CVE-2022-0171 at SUSE CVE-2022-0171 at NVD CVE-2022-0185 at SUSE CVE-2022-0185 at NVD CVE-2022-0264 at SUSE CVE-2022-0264 at NVD CVE-2022-0322 at SUSE CVE-2022-0322 at NVD CVE-2022-0330 at SUSE CVE-2022-0330 at NVD CVE-2022-0382 at SUSE CVE-2022-0382 at NVD CVE-2022-0435 at SUSE CVE-2022-0435 at NVD CVE-2022-0487 at SUSE CVE-2022-0487 at NVD CVE-2022-0492 at SUSE CVE-2022-0492 at NVD CVE-2022-0494 at SUSE CVE-2022-0494 at NVD CVE-2022-0500 at SUSE CVE-2022-0500 at NVD CVE-2022-0516 at SUSE CVE-2022-0516 at NVD CVE-2022-0617 at SUSE CVE-2022-0617 at NVD CVE-2022-0644 at SUSE CVE-2022-0644 at NVD CVE-2022-0742 at SUSE CVE-2022-0742 at NVD CVE-2022-0847 at SUSE CVE-2022-0847 at NVD CVE-2022-0854 at SUSE CVE-2022-0854 at NVD CVE-2022-0886 at SUSE CVE-2022-0886 at NVD CVE-2022-0995 at SUSE CVE-2022-0995 at NVD CVE-2022-0998 at SUSE CVE-2022-0998 at NVD CVE-2022-1011 at SUSE CVE-2022-1011 at NVD CVE-2022-1012 at SUSE CVE-2022-1012 at NVD CVE-2022-1015 at SUSE CVE-2022-1015 at NVD CVE-2022-1016 at SUSE CVE-2022-1016 at NVD CVE-2022-1048 at SUSE CVE-2022-1048 at NVD CVE-2022-1055 at SUSE CVE-2022-1055 at NVD CVE-2022-1158 at SUSE CVE-2022-1158 at NVD CVE-2022-1184 at SUSE CVE-2022-1184 at NVD CVE-2022-1195 at SUSE CVE-2022-1195 at NVD CVE-2022-1198 at SUSE CVE-2022-1198 at NVD CVE-2022-1199 at SUSE CVE-2022-1199 at NVD CVE-2022-1204 at SUSE CVE-2022-1204 at NVD CVE-2022-1205 at SUSE CVE-2022-1205 at NVD CVE-2022-1263 at SUSE CVE-2022-1263 at NVD CVE-2022-1280 at SUSE CVE-2022-1280 at NVD CVE-2022-1462 at SUSE CVE-2022-1462 at NVD CVE-2022-1508 at SUSE CVE-2022-1508 at NVD CVE-2022-1516 at SUSE CVE-2022-1516 at NVD CVE-2022-1651 at SUSE CVE-2022-1651 at NVD CVE-2022-1652 at SUSE CVE-2022-1652 at NVD CVE-2022-1671 at SUSE CVE-2022-1671 at NVD CVE-2022-1679 at SUSE CVE-2022-1679 at NVD CVE-2022-1729 at SUSE CVE-2022-1729 at NVD CVE-2022-1734 at SUSE CVE-2022-1734 at NVD CVE-2022-1789 at SUSE CVE-2022-1789 at NVD CVE-2022-1836 at SUSE CVE-2022-1836 at NVD CVE-2022-1852 at SUSE CVE-2022-1852 at NVD CVE-2022-1882 at SUSE CVE-2022-1882 at NVD CVE-2022-1966 at SUSE CVE-2022-1966 at NVD CVE-2022-1972 at SUSE CVE-2022-1972 at NVD CVE-2022-1974 at SUSE CVE-2022-1974 at NVD CVE-2022-1975 at SUSE CVE-2022-1975 at NVD CVE-2022-1998 at SUSE CVE-2022-1998 at NVD CVE-2022-20008 at SUSE CVE-2022-20008 at NVD CVE-2022-20132 at SUSE CVE-2022-20132 at NVD CVE-2022-20154 at SUSE CVE-2022-20154 at NVD CVE-2022-20368 at SUSE CVE-2022-20368 at NVD CVE-2022-20369 at SUSE CVE-2022-20369 at NVD CVE-2022-21123 at SUSE CVE-2022-21123 at NVD CVE-2022-21125 at SUSE CVE-2022-21125 at NVD CVE-2022-21127 at SUSE CVE-2022-21127 at NVD CVE-2022-21166 at SUSE CVE-2022-21166 at NVD CVE-2022-21180 at SUSE CVE-2022-21180 at NVD CVE-2022-21499 at SUSE CVE-2022-21499 at NVD CVE-2022-21505 at SUSE CVE-2022-21505 at NVD CVE-2022-2153 at SUSE CVE-2022-2153 at NVD CVE-2022-2196 at SUSE CVE-2022-2196 at NVD CVE-2022-22942 at SUSE CVE-2022-22942 at NVD CVE-2022-23036 at SUSE CVE-2022-23036 at NVD CVE-2022-23037 at SUSE CVE-2022-23037 at NVD CVE-2022-23038 at SUSE CVE-2022-23038 at NVD CVE-2022-23039 at SUSE CVE-2022-23039 at NVD CVE-2022-23040 at SUSE CVE-2022-23040 at NVD CVE-2022-23041 at SUSE CVE-2022-23041 at NVD CVE-2022-23042 at SUSE CVE-2022-23042 at NVD CVE-2022-2318 at SUSE CVE-2022-2318 at NVD CVE-2022-23222 at SUSE CVE-2022-23222 at NVD CVE-2022-23960 at SUSE CVE-2022-23960 at NVD CVE-2022-24122 at SUSE CVE-2022-24122 at NVD CVE-2022-24448 at SUSE CVE-2022-24448 at NVD CVE-2022-24958 at SUSE CVE-2022-24958 at NVD CVE-2022-24959 at SUSE CVE-2022-24959 at NVD CVE-2022-25258 at SUSE CVE-2022-25258 at NVD CVE-2022-25375 at SUSE CVE-2022-25375 at NVD CVE-2022-25636 at SUSE CVE-2022-25636 at NVD CVE-2022-2585 at SUSE CVE-2022-2585 at NVD CVE-2022-2586 at SUSE CVE-2022-2586 at NVD CVE-2022-2588 at SUSE CVE-2022-2588 at NVD CVE-2022-2602 at SUSE CVE-2022-2602 at NVD CVE-2022-26365 at SUSE CVE-2022-26365 at NVD CVE-2022-26373 at SUSE CVE-2022-26373 at NVD CVE-2022-2639 at SUSE CVE-2022-2639 at NVD CVE-2022-26490 at SUSE CVE-2022-26490 at NVD CVE-2022-2663 at SUSE CVE-2022-2663 at NVD CVE-2022-26878 at SUSE CVE-2022-26878 at NVD CVE-2022-26966 at SUSE CVE-2022-26966 at NVD CVE-2022-27223 at SUSE CVE-2022-27223 at NVD CVE-2022-28356 at SUSE CVE-2022-28356 at NVD CVE-2022-28388 at SUSE CVE-2022-28388 at NVD CVE-2022-28389 at SUSE CVE-2022-28389 at NVD CVE-2022-28390 at SUSE CVE-2022-28390 at NVD CVE-2022-28693 at SUSE CVE-2022-28693 at NVD CVE-2022-2873 at SUSE CVE-2022-2873 at NVD CVE-2022-28748 at SUSE CVE-2022-28748 at NVD CVE-2022-28893 at SUSE CVE-2022-28893 at NVD CVE-2022-2905 at SUSE CVE-2022-2905 at NVD CVE-2022-29156 at SUSE CVE-2022-29156 at NVD CVE-2022-2938 at SUSE CVE-2022-2938 at NVD CVE-2022-29581 at SUSE CVE-2022-29581 at NVD CVE-2022-29582 at SUSE CVE-2022-29582 at NVD CVE-2022-2959 at SUSE CVE-2022-2959 at NVD CVE-2022-2964 at SUSE CVE-2022-2964 at NVD CVE-2022-2977 at SUSE CVE-2022-2977 at NVD CVE-2022-2978 at SUSE CVE-2022-2978 at NVD CVE-2022-29900 at SUSE CVE-2022-29900 at NVD CVE-2022-29901 at SUSE CVE-2022-29901 at NVD CVE-2022-3028 at SUSE CVE-2022-3028 at NVD CVE-2022-30594 at SUSE CVE-2022-30594 at NVD CVE-2022-3078 at SUSE CVE-2022-3078 at NVD CVE-2022-3104 at SUSE CVE-2022-3104 at NVD CVE-2022-3105 at SUSE CVE-2022-3105 at NVD CVE-2022-3106 at SUSE CVE-2022-3106 at NVD CVE-2022-3107 at SUSE CVE-2022-3107 at NVD CVE-2022-3108 at SUSE CVE-2022-3108 at NVD CVE-2022-3111 at SUSE CVE-2022-3111 at NVD CVE-2022-3112 at SUSE CVE-2022-3112 at NVD CVE-2022-3113 at SUSE CVE-2022-3113 at NVD CVE-2022-3114 at SUSE CVE-2022-3114 at NVD CVE-2022-3115 at SUSE CVE-2022-3115 at NVD CVE-2022-3169 at SUSE CVE-2022-3169 at NVD CVE-2022-3176 at SUSE CVE-2022-3176 at NVD CVE-2022-3202 at SUSE CVE-2022-3202 at NVD CVE-2022-32250 at SUSE CVE-2022-32250 at NVD CVE-2022-32296 at SUSE CVE-2022-32296 at NVD CVE-2022-3239 at SUSE CVE-2022-3239 at NVD CVE-2022-3303 at SUSE CVE-2022-3303 at NVD CVE-2022-3344 at SUSE CVE-2022-3344 at NVD CVE-2022-33740 at SUSE CVE-2022-33740 at NVD CVE-2022-33741 at SUSE CVE-2022-33741 at NVD CVE-2022-33742 at SUSE CVE-2022-33742 at NVD CVE-2022-33743 at SUSE CVE-2022-33743 at NVD CVE-2022-33981 at SUSE CVE-2022-33981 at NVD CVE-2022-3424 at SUSE CVE-2022-3424 at NVD CVE-2022-3435 at SUSE CVE-2022-3435 at NVD CVE-2022-34918 at SUSE CVE-2022-34918 at NVD CVE-2022-3521 at SUSE CVE-2022-3521 at NVD CVE-2022-3523 at SUSE CVE-2022-3523 at NVD CVE-2022-3524 at SUSE CVE-2022-3524 at NVD CVE-2022-3526 at SUSE CVE-2022-3526 at NVD CVE-2022-3535 at SUSE CVE-2022-3535 at NVD CVE-2022-3542 at SUSE CVE-2022-3542 at NVD CVE-2022-3545 at SUSE CVE-2022-3545 at NVD CVE-2022-3564 at SUSE CVE-2022-3564 at NVD CVE-2022-3565 at SUSE CVE-2022-3565 at NVD CVE-2022-3566 at SUSE CVE-2022-3566 at NVD CVE-2022-3567 at SUSE CVE-2022-3567 at NVD CVE-2022-3577 at SUSE CVE-2022-3577 at NVD CVE-2022-3586 at SUSE CVE-2022-3586 at NVD CVE-2022-3594 at SUSE CVE-2022-3594 at NVD CVE-2022-3619 at SUSE CVE-2022-3619 at NVD CVE-2022-3621 at SUSE CVE-2022-3621 at NVD CVE-2022-3625 at SUSE CVE-2022-3625 at NVD CVE-2022-3628 at SUSE CVE-2022-3628 at NVD CVE-2022-36280 at SUSE CVE-2022-36280 at NVD CVE-2022-3629 at SUSE CVE-2022-3629 at NVD CVE-2022-3633 at SUSE CVE-2022-3633 at NVD CVE-2022-3635 at SUSE CVE-2022-3635 at NVD CVE-2022-3640 at SUSE CVE-2022-3640 at NVD CVE-2022-3643 at SUSE CVE-2022-3643 at NVD CVE-2022-3646 at SUSE CVE-2022-3646 at NVD CVE-2022-3649 at SUSE CVE-2022-3649 at NVD CVE-2022-36879 at SUSE CVE-2022-36879 at NVD CVE-2022-36946 at SUSE CVE-2022-36946 at NVD CVE-2022-3707 at SUSE CVE-2022-3707 at NVD CVE-2022-38096 at SUSE CVE-2022-38096 at NVD CVE-2022-3903 at SUSE CVE-2022-3903 at NVD CVE-2022-39188 at SUSE CVE-2022-39188 at NVD CVE-2022-39189 at SUSE CVE-2022-39189 at NVD CVE-2022-39190 at SUSE CVE-2022-39190 at NVD CVE-2022-40476 at SUSE CVE-2022-40476 at NVD CVE-2022-40768 at SUSE CVE-2022-40768 at NVD CVE-2022-4095 at SUSE CVE-2022-4095 at NVD CVE-2022-40982 at SUSE CVE-2022-40982 at NVD CVE-2022-41218 at SUSE CVE-2022-41218 at NVD CVE-2022-4129 at SUSE CVE-2022-4129 at NVD CVE-2022-4139 at SUSE CVE-2022-4139 at NVD CVE-2022-41674 at SUSE CVE-2022-41674 at NVD CVE-2022-41848 at SUSE CVE-2022-41848 at NVD CVE-2022-41849 at SUSE CVE-2022-41849 at NVD CVE-2022-41850 at SUSE CVE-2022-41850 at NVD CVE-2022-41858 at SUSE CVE-2022-41858 at NVD CVE-2022-42328 at SUSE CVE-2022-42328 at NVD CVE-2022-42329 at SUSE CVE-2022-42329 at NVD CVE-2022-4269 at SUSE CVE-2022-4269 at NVD CVE-2022-42703 at SUSE CVE-2022-42703 at NVD CVE-2022-42719 at SUSE CVE-2022-42719 at NVD CVE-2022-42720 at SUSE CVE-2022-42720 at NVD CVE-2022-42721 at SUSE CVE-2022-42721 at NVD CVE-2022-42722 at SUSE CVE-2022-42722 at NVD CVE-2022-42895 at SUSE CVE-2022-42895 at NVD CVE-2022-42896 at SUSE CVE-2022-42896 at NVD CVE-2022-43750 at SUSE CVE-2022-43750 at NVD CVE-2022-4378 at SUSE CVE-2022-4378 at NVD CVE-2022-4379 at SUSE CVE-2022-4379 at NVD CVE-2022-4382 at SUSE CVE-2022-4382 at NVD CVE-2022-43945 at SUSE CVE-2022-43945 at NVD CVE-2022-45869 at SUSE CVE-2022-45869 at NVD CVE-2022-45884 at SUSE CVE-2022-45884 at NVD CVE-2022-45885 at SUSE CVE-2022-45885 at NVD CVE-2022-45886 at SUSE CVE-2022-45886 at NVD CVE-2022-45887 at SUSE CVE-2022-45887 at NVD CVE-2022-45888 at SUSE CVE-2022-45888 at NVD CVE-2022-45919 at SUSE CVE-2022-45919 at NVD CVE-2022-45934 at SUSE CVE-2022-45934 at NVD CVE-2022-4662 at SUSE CVE-2022-4662 at NVD CVE-2022-4744 at SUSE CVE-2022-4744 at NVD CVE-2022-47520 at SUSE CVE-2022-47520 at NVD CVE-2022-47929 at SUSE CVE-2022-47929 at NVD CVE-2023-0045 at SUSE CVE-2023-0045 at NVD CVE-2023-0122 at SUSE CVE-2023-0122 at NVD CVE-2023-0179 at SUSE CVE-2023-0179 at NVD CVE-2023-0266 at SUSE CVE-2023-0266 at NVD CVE-2023-0386 at SUSE CVE-2023-0386 at NVD CVE-2023-0394 at SUSE CVE-2023-0394 at NVD CVE-2023-0459 at SUSE CVE-2023-0459 at NVD CVE-2023-0461 at SUSE CVE-2023-0461 at NVD CVE-2023-0468 at SUSE CVE-2023-0468 at NVD CVE-2023-0469 at SUSE CVE-2023-0469 at NVD CVE-2023-0590 at SUSE CVE-2023-0590 at NVD CVE-2023-0597 at SUSE CVE-2023-0597 at NVD CVE-2023-1075 at SUSE CVE-2023-1075 at NVD CVE-2023-1076 at SUSE CVE-2023-1076 at NVD CVE-2023-1077 at SUSE CVE-2023-1077 at NVD CVE-2023-1078 at SUSE CVE-2023-1078 at NVD CVE-2023-1079 at SUSE CVE-2023-1079 at NVD CVE-2023-1095 at SUSE CVE-2023-1095 at NVD CVE-2023-1118 at SUSE CVE-2023-1118 at NVD CVE-2023-1249 at SUSE CVE-2023-1249 at NVD CVE-2023-1281 at SUSE CVE-2023-1281 at NVD CVE-2023-1380 at SUSE CVE-2023-1380 at NVD CVE-2023-1382 at SUSE CVE-2023-1382 at NVD CVE-2023-1513 at SUSE CVE-2023-1513 at NVD CVE-2023-1582 at SUSE CVE-2023-1582 at NVD CVE-2023-1583 at SUSE CVE-2023-1583 at NVD CVE-2023-1611 at SUSE CVE-2023-1611 at NVD CVE-2023-1637 at SUSE CVE-2023-1637 at NVD CVE-2023-1652 at SUSE CVE-2023-1652 at NVD CVE-2023-1670 at SUSE CVE-2023-1670 at NVD CVE-2023-1829 at SUSE CVE-2023-1829 at NVD CVE-2023-1838 at SUSE CVE-2023-1838 at NVD CVE-2023-1855 at SUSE CVE-2023-1855 at NVD CVE-2023-1989 at SUSE CVE-2023-1989 at NVD CVE-2023-1990 at SUSE CVE-2023-1990 at NVD CVE-2023-1998 at SUSE CVE-2023-1998 at NVD CVE-2023-2002 at SUSE CVE-2023-2002 at NVD CVE-2023-2008 at SUSE CVE-2023-2008 at NVD CVE-2023-2019 at SUSE CVE-2023-2019 at NVD CVE-2023-20569 at SUSE CVE-2023-20569 at NVD CVE-2023-20593 at SUSE CVE-2023-20593 at NVD CVE-2023-21102 at SUSE CVE-2023-21102 at NVD CVE-2023-21106 at SUSE CVE-2023-21106 at NVD CVE-2023-2124 at SUSE CVE-2023-2124 at NVD CVE-2023-21400 at SUSE CVE-2023-21400 at NVD CVE-2023-2156 at SUSE CVE-2023-2156 at NVD CVE-2023-2162 at SUSE CVE-2023-2162 at NVD CVE-2023-2166 at SUSE CVE-2023-2166 at NVD CVE-2023-2176 at SUSE CVE-2023-2176 at NVD CVE-2023-2235 at SUSE CVE-2023-2235 at NVD CVE-2023-2269 at SUSE CVE-2023-2269 at NVD CVE-2023-22995 at SUSE CVE-2023-22995 at NVD CVE-2023-22998 at SUSE CVE-2023-22998 at NVD CVE-2023-23000 at SUSE CVE-2023-23000 at NVD CVE-2023-23001 at SUSE CVE-2023-23001 at NVD CVE-2023-23004 at SUSE CVE-2023-23004 at NVD CVE-2023-23006 at SUSE CVE-2023-23006 at NVD CVE-2023-23454 at SUSE CVE-2023-23454 at NVD CVE-2023-23455 at SUSE CVE-2023-23455 at NVD CVE-2023-23559 at SUSE CVE-2023-23559 at NVD CVE-2023-2430 at SUSE CVE-2023-2430 at NVD CVE-2023-2483 at SUSE CVE-2023-2483 at NVD CVE-2023-25012 at SUSE CVE-2023-25012 at NVD CVE-2023-2513 at SUSE CVE-2023-2513 at NVD CVE-2023-26545 at SUSE CVE-2023-26545 at NVD CVE-2023-28327 at SUSE CVE-2023-28327 at NVD CVE-2023-28328 at SUSE CVE-2023-28328 at NVD CVE-2023-28410 at SUSE CVE-2023-28410 at NVD CVE-2023-28464 at SUSE CVE-2023-28464 at NVD CVE-2023-28466 at SUSE CVE-2023-28466 at NVD CVE-2023-28866 at SUSE CVE-2023-28866 at NVD CVE-2023-2985 at SUSE CVE-2023-2985 at NVD CVE-2023-3006 at SUSE CVE-2023-3006 at NVD CVE-2023-30456 at SUSE CVE-2023-30456 at NVD CVE-2023-30772 at SUSE CVE-2023-30772 at NVD CVE-2023-3090 at SUSE CVE-2023-3090 at NVD CVE-2023-31083 at SUSE CVE-2023-31083 at NVD CVE-2023-31084 at SUSE CVE-2023-31084 at NVD CVE-2023-3111 at SUSE CVE-2023-3111 at NVD CVE-2023-3117 at SUSE CVE-2023-3117 at NVD CVE-2023-31248 at SUSE CVE-2023-31248 at NVD CVE-2023-3141 at SUSE CVE-2023-3141 at NVD CVE-2023-31436 at SUSE CVE-2023-31436 at NVD CVE-2023-3161 at SUSE CVE-2023-3161 at NVD CVE-2023-3212 at SUSE CVE-2023-3212 at NVD CVE-2023-3220 at SUSE CVE-2023-3220 at NVD CVE-2023-32233 at SUSE CVE-2023-32233 at NVD CVE-2023-3268 at SUSE CVE-2023-3268 at NVD CVE-2023-33288 at SUSE CVE-2023-33288 at NVD CVE-2023-3357 at SUSE CVE-2023-3357 at NVD CVE-2023-3358 at SUSE CVE-2023-3358 at NVD CVE-2023-3389 at SUSE CVE-2023-3389 at NVD CVE-2023-3390 at SUSE CVE-2023-3390 at NVD CVE-2023-33951 at SUSE CVE-2023-33951 at NVD CVE-2023-33952 at SUSE CVE-2023-33952 at NVD CVE-2023-35001 at SUSE CVE-2023-35001 at NVD CVE-2023-3567 at SUSE CVE-2023-3567 at NVD CVE-2023-35788 at SUSE CVE-2023-35788 at NVD CVE-2023-35823 at SUSE CVE-2023-35823 at NVD CVE-2023-35828 at SUSE CVE-2023-35828 at NVD CVE-2023-35829 at SUSE CVE-2023-35829 at NVD CVE-2023-3609 at SUSE CVE-2023-3609 at NVD CVE-2023-3611 at SUSE CVE-2023-3611 at NVD CVE-2023-3776 at SUSE CVE-2023-3776 at NVD CVE-2023-3812 at SUSE CVE-2023-3812 at NVD CVE-2023-38409 at SUSE CVE-2023-38409 at NVD CVE-2023-3863 at SUSE CVE-2023-3863 at NVD CVE-2023-4004 at SUSE CVE-2023-4004 at NVD cpe:/o:suse:sle-micro:5.5 kernel-firmware-all-20230724-150500.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the kernel-firmware-all-20230724-150500.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-13080 at SUSE CVE-2017-13080 at NVD CVE-2017-13081 at SUSE CVE-2017-13081 at NVD CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2019-9836 at SUSE CVE-2019-9836 at NVD CVE-2021-26312 at SUSE CVE-2021-26312 at NVD CVE-2021-26339 at SUSE CVE-2021-26339 at NVD CVE-2021-26342 at SUSE CVE-2021-26342 at NVD CVE-2021-26347 at SUSE CVE-2021-26347 at NVD CVE-2021-26348 at SUSE CVE-2021-26348 at NVD CVE-2021-26349 at SUSE CVE-2021-26349 at NVD CVE-2021-26350 at SUSE CVE-2021-26350 at NVD CVE-2021-26364 at SUSE CVE-2021-26364 at NVD CVE-2021-26372 at SUSE CVE-2021-26372 at NVD CVE-2021-26373 at SUSE CVE-2021-26373 at NVD CVE-2021-26375 at SUSE CVE-2021-26375 at NVD CVE-2021-26376 at SUSE CVE-2021-26376 at NVD CVE-2021-26378 at SUSE CVE-2021-26378 at NVD CVE-2021-26388 at SUSE CVE-2021-26388 at NVD CVE-2021-33139 at SUSE CVE-2021-33139 at NVD CVE-2021-33155 at SUSE CVE-2021-33155 at NVD CVE-2021-46744 at SUSE CVE-2021-46744 at NVD CVE-2023-20569 at SUSE CVE-2023-20569 at NVD CVE-2023-20593 at SUSE CVE-2023-20593 at NVD cpe:/o:suse:sle-micro:5.5 kernel-rt-5.14.21-150500.13.14.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the kernel-rt-5.14.21-150500.13.14.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-3695 at SUSE CVE-2016-3695 at NVD CVE-2017-1000251 at SUSE CVE-2017-1000251 at NVD CVE-2017-12153 at SUSE CVE-2017-12153 at NVD CVE-2017-13080 at SUSE CVE-2017-13080 at NVD CVE-2017-14051 at SUSE CVE-2017-14051 at NVD CVE-2017-16536 at SUSE CVE-2017-16536 at NVD CVE-2017-16537 at SUSE CVE-2017-16537 at NVD CVE-2017-16646 at SUSE CVE-2017-16646 at NVD CVE-2017-16648 at SUSE CVE-2017-16648 at NVD CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2017-5753 at SUSE CVE-2017-5753 at NVD CVE-2017-5754 at SUSE CVE-2017-5754 at NVD CVE-2018-10323 at SUSE CVE-2018-10323 at NVD CVE-2018-12232 at SUSE CVE-2018-12232 at NVD CVE-2018-13053 at SUSE CVE-2018-13053 at NVD CVE-2018-20669 at SUSE CVE-2018-20669 at NVD CVE-2019-0154 at SUSE CVE-2019-0154 at NVD CVE-2019-0155 at SUSE CVE-2019-0155 at NVD CVE-2019-10220 at SUSE CVE-2019-10220 at NVD CVE-2019-11477 at SUSE CVE-2019-11477 at NVD CVE-2019-11478 at SUSE CVE-2019-11478 at NVD CVE-2019-11479 at SUSE CVE-2019-11479 at NVD CVE-2019-14615 at SUSE CVE-2019-14615 at NVD CVE-2019-14814 at SUSE CVE-2019-14814 at NVD CVE-2019-14815 at SUSE CVE-2019-14815 at NVD CVE-2019-14816 at SUSE CVE-2019-14816 at NVD CVE-2019-14895 at SUSE CVE-2019-14895 at NVD CVE-2019-14896 at SUSE CVE-2019-14896 at NVD CVE-2019-14897 at SUSE CVE-2019-14897 at NVD CVE-2019-14901 at SUSE CVE-2019-14901 at NVD CVE-2019-15030 at SUSE CVE-2019-15030 at NVD CVE-2019-15031 at SUSE CVE-2019-15031 at NVD CVE-2019-15098 at SUSE CVE-2019-15098 at NVD CVE-2019-15099 at SUSE CVE-2019-15099 at NVD CVE-2019-15290 at SUSE CVE-2019-15290 at NVD CVE-2019-15291 at SUSE CVE-2019-15291 at NVD CVE-2019-15504 at SUSE CVE-2019-15504 at NVD CVE-2019-16231 at SUSE CVE-2019-16231 at NVD CVE-2019-16232 at SUSE CVE-2019-16232 at NVD CVE-2019-16233 at SUSE CVE-2019-16233 at NVD CVE-2019-16234 at SUSE CVE-2019-16234 at NVD CVE-2019-17133 at SUSE CVE-2019-17133 at NVD CVE-2019-17666 at SUSE CVE-2019-17666 at NVD CVE-2019-18198 at SUSE CVE-2019-18198 at NVD CVE-2019-18660 at SUSE CVE-2019-18660 at NVD CVE-2019-18683 at SUSE CVE-2019-18683 at NVD CVE-2019-18786 at SUSE CVE-2019-18786 at NVD CVE-2019-18808 at SUSE CVE-2019-18808 at NVD CVE-2019-18809 at SUSE CVE-2019-18809 at NVD CVE-2019-18811 at SUSE CVE-2019-18811 at NVD CVE-2019-18812 at SUSE CVE-2019-18812 at NVD CVE-2019-18813 at SUSE CVE-2019-18813 at NVD CVE-2019-18814 at SUSE CVE-2019-18814 at NVD CVE-2019-19037 at SUSE CVE-2019-19037 at NVD CVE-2019-19043 at SUSE CVE-2019-19043 at NVD CVE-2019-19044 at SUSE CVE-2019-19044 at NVD CVE-2019-19045 at SUSE CVE-2019-19045 at NVD CVE-2019-19046 at SUSE CVE-2019-19046 at NVD CVE-2019-19047 at SUSE CVE-2019-19047 at NVD CVE-2019-19048 at SUSE CVE-2019-19048 at NVD CVE-2019-19049 at SUSE CVE-2019-19049 at NVD CVE-2019-19050 at SUSE CVE-2019-19050 at NVD CVE-2019-19051 at SUSE CVE-2019-19051 at NVD CVE-2019-19052 at SUSE CVE-2019-19052 at NVD CVE-2019-19053 at SUSE CVE-2019-19053 at NVD CVE-2019-19054 at SUSE CVE-2019-19054 at NVD CVE-2019-19055 at SUSE CVE-2019-19055 at NVD CVE-2019-19056 at SUSE CVE-2019-19056 at NVD CVE-2019-19057 at SUSE CVE-2019-19057 at NVD CVE-2019-19058 at SUSE CVE-2019-19058 at NVD CVE-2019-19060 at SUSE CVE-2019-19060 at NVD CVE-2019-19061 at SUSE CVE-2019-19061 at NVD CVE-2019-19062 at SUSE CVE-2019-19062 at NVD CVE-2019-19063 at SUSE CVE-2019-19063 at NVD CVE-2019-19064 at SUSE CVE-2019-19064 at NVD CVE-2019-19065 at SUSE CVE-2019-19065 at NVD CVE-2019-19066 at SUSE CVE-2019-19066 at NVD CVE-2019-19067 at SUSE CVE-2019-19067 at NVD CVE-2019-19068 at SUSE CVE-2019-19068 at NVD CVE-2019-19069 at SUSE CVE-2019-19069 at NVD CVE-2019-19070 at SUSE CVE-2019-19070 at NVD CVE-2019-19071 at SUSE CVE-2019-19071 at NVD CVE-2019-19072 at SUSE CVE-2019-19072 at NVD CVE-2019-19073 at SUSE CVE-2019-19073 at NVD CVE-2019-19074 at SUSE CVE-2019-19074 at NVD CVE-2019-19075 at SUSE CVE-2019-19075 at NVD CVE-2019-19077 at SUSE CVE-2019-19077 at NVD CVE-2019-19078 at SUSE CVE-2019-19078 at NVD CVE-2019-19080 at SUSE CVE-2019-19080 at NVD CVE-2019-19081 at SUSE CVE-2019-19081 at NVD CVE-2019-19082 at SUSE CVE-2019-19082 at NVD CVE-2019-19083 at SUSE CVE-2019-19083 at NVD CVE-2019-19241 at SUSE CVE-2019-19241 at NVD CVE-2019-19252 at SUSE CVE-2019-19252 at NVD CVE-2019-19332 at SUSE CVE-2019-19332 at NVD CVE-2019-19338 at SUSE CVE-2019-19338 at NVD CVE-2019-19447 at SUSE CVE-2019-19447 at NVD CVE-2019-19462 at SUSE CVE-2019-19462 at NVD CVE-2019-19523 at SUSE CVE-2019-19523 at NVD CVE-2019-19524 at SUSE CVE-2019-19524 at NVD CVE-2019-19525 at SUSE CVE-2019-19525 at NVD CVE-2019-19526 at SUSE CVE-2019-19526 at NVD CVE-2019-19528 at SUSE CVE-2019-19528 at NVD CVE-2019-19529 at SUSE CVE-2019-19529 at NVD CVE-2019-19532 at SUSE CVE-2019-19532 at NVD CVE-2019-19533 at SUSE CVE-2019-19533 at NVD CVE-2019-19534 at SUSE CVE-2019-19534 at NVD CVE-2019-19602 at SUSE CVE-2019-19602 at NVD CVE-2019-19767 at SUSE CVE-2019-19767 at NVD CVE-2019-19768 at SUSE CVE-2019-19768 at NVD CVE-2019-19769 at SUSE CVE-2019-19769 at NVD CVE-2019-19770 at SUSE CVE-2019-19770 at NVD CVE-2019-19807 at SUSE CVE-2019-19807 at NVD CVE-2019-19922 at SUSE CVE-2019-19922 at NVD CVE-2019-19947 at SUSE CVE-2019-19947 at NVD CVE-2019-19965 at SUSE CVE-2019-19965 at NVD CVE-2019-20422 at SUSE CVE-2019-20422 at NVD CVE-2019-20810 at SUSE CVE-2019-20810 at NVD CVE-2019-20812 at SUSE CVE-2019-20812 at NVD CVE-2019-3016 at SUSE CVE-2019-3016 at NVD CVE-2019-8912 at SUSE CVE-2019-8912 at NVD CVE-2020-0110 at SUSE CVE-2020-0110 at NVD CVE-2020-0305 at SUSE CVE-2020-0305 at NVD CVE-2020-0404 at SUSE CVE-2020-0404 at NVD CVE-2020-0427 at SUSE CVE-2020-0427 at NVD CVE-2020-0431 at SUSE CVE-2020-0431 at NVD CVE-2020-0432 at SUSE CVE-2020-0432 at NVD CVE-2020-0444 at SUSE CVE-2020-0444 at NVD CVE-2020-0465 at SUSE CVE-2020-0465 at NVD CVE-2020-0466 at SUSE CVE-2020-0466 at NVD CVE-2020-0543 at SUSE CVE-2020-0543 at NVD CVE-2020-10135 at SUSE CVE-2020-10135 at NVD CVE-2020-10690 at SUSE CVE-2020-10690 at NVD CVE-2020-10711 at SUSE CVE-2020-10711 at NVD CVE-2020-10732 at SUSE CVE-2020-10732 at NVD CVE-2020-10751 at SUSE CVE-2020-10751 at NVD CVE-2020-10757 at SUSE CVE-2020-10757 at NVD CVE-2020-10766 at SUSE CVE-2020-10766 at NVD CVE-2020-10767 at SUSE CVE-2020-10767 at NVD CVE-2020-10768 at SUSE CVE-2020-10768 at NVD CVE-2020-10773 at SUSE CVE-2020-10773 at NVD CVE-2020-10781 at SUSE CVE-2020-10781 at NVD CVE-2020-10942 at SUSE CVE-2020-10942 at NVD CVE-2020-11494 at SUSE CVE-2020-11494 at NVD CVE-2020-11608 at SUSE CVE-2020-11608 at NVD CVE-2020-11668 at SUSE CVE-2020-11668 at NVD CVE-2020-11884 at SUSE CVE-2020-11884 at NVD CVE-2020-12351 at SUSE CVE-2020-12351 at NVD CVE-2020-12352 at SUSE CVE-2020-12352 at NVD CVE-2020-12362 at SUSE CVE-2020-12362 at NVD CVE-2020-12363 at SUSE CVE-2020-12363 at NVD CVE-2020-12364 at SUSE CVE-2020-12364 at NVD CVE-2020-12373 at SUSE CVE-2020-12373 at NVD CVE-2020-12464 at SUSE CVE-2020-12464 at NVD CVE-2020-12465 at SUSE CVE-2020-12465 at NVD CVE-2020-12652 at SUSE CVE-2020-12652 at NVD CVE-2020-12653 at SUSE CVE-2020-12653 at NVD CVE-2020-12654 at SUSE CVE-2020-12654 at NVD CVE-2020-12655 at SUSE CVE-2020-12655 at NVD CVE-2020-12656 at SUSE CVE-2020-12656 at NVD CVE-2020-12657 at SUSE CVE-2020-12657 at NVD CVE-2020-12659 at SUSE CVE-2020-12659 at NVD CVE-2020-12769 at SUSE CVE-2020-12769 at NVD CVE-2020-12770 at SUSE CVE-2020-12770 at NVD CVE-2020-12771 at SUSE CVE-2020-12771 at NVD CVE-2020-12888 at SUSE CVE-2020-12888 at NVD CVE-2020-13143 at SUSE CVE-2020-13143 at NVD CVE-2020-13974 at SUSE CVE-2020-13974 at NVD CVE-2020-14314 at SUSE CVE-2020-14314 at NVD CVE-2020-14331 at SUSE CVE-2020-14331 at NVD CVE-2020-14351 at SUSE CVE-2020-14351 at NVD CVE-2020-14356 at SUSE CVE-2020-14356 at NVD CVE-2020-14385 at SUSE CVE-2020-14385 at NVD CVE-2020-14386 at SUSE CVE-2020-14386 at NVD CVE-2020-14390 at SUSE CVE-2020-14390 at NVD CVE-2020-14416 at SUSE CVE-2020-14416 at NVD CVE-2020-15393 at SUSE CVE-2020-15393 at NVD CVE-2020-15436 at SUSE CVE-2020-15436 at NVD CVE-2020-15437 at SUSE CVE-2020-15437 at NVD CVE-2020-15780 at SUSE CVE-2020-15780 at NVD CVE-2020-16119 at SUSE CVE-2020-16119 at NVD CVE-2020-16120 at SUSE CVE-2020-16120 at NVD CVE-2020-16166 at SUSE CVE-2020-16166 at NVD CVE-2020-1749 at SUSE CVE-2020-1749 at NVD CVE-2020-24490 at SUSE CVE-2020-24490 at NVD CVE-2020-24586 at SUSE CVE-2020-24586 at NVD CVE-2020-24587 at SUSE CVE-2020-24587 at NVD CVE-2020-24588 at SUSE CVE-2020-24588 at NVD CVE-2020-2521 at SUSE CVE-2020-2521 at NVD CVE-2020-25211 at SUSE CVE-2020-25211 at NVD CVE-2020-25212 at SUSE CVE-2020-25212 at NVD CVE-2020-25284 at SUSE CVE-2020-25284 at NVD CVE-2020-25285 at SUSE CVE-2020-25285 at NVD CVE-2020-25639 at SUSE CVE-2020-25639 at NVD CVE-2020-25641 at SUSE CVE-2020-25641 at NVD CVE-2020-25643 at SUSE CVE-2020-25643 at NVD CVE-2020-25645 at SUSE CVE-2020-25645 at NVD CVE-2020-25656 at SUSE CVE-2020-25656 at NVD CVE-2020-25668 at SUSE CVE-2020-25668 at NVD CVE-2020-25669 at SUSE CVE-2020-25669 at NVD CVE-2020-25670 at SUSE CVE-2020-25670 at NVD CVE-2020-25671 at SUSE CVE-2020-25671 at NVD CVE-2020-25672 at SUSE CVE-2020-25672 at NVD CVE-2020-25673 at SUSE CVE-2020-25673 at NVD CVE-2020-25704 at SUSE CVE-2020-25704 at NVD CVE-2020-25705 at SUSE CVE-2020-25705 at NVD CVE-2020-26088 at SUSE CVE-2020-26088 at NVD CVE-2020-26139 at SUSE CVE-2020-26139 at NVD CVE-2020-26141 at SUSE CVE-2020-26141 at NVD CVE-2020-26145 at SUSE CVE-2020-26145 at NVD CVE-2020-26147 at SUSE CVE-2020-26147 at NVD CVE-2020-26558 at SUSE CVE-2020-26558 at NVD CVE-2020-27068 at SUSE CVE-2020-27068 at NVD CVE-2020-27170 at SUSE CVE-2020-27170 at NVD CVE-2020-27171 at SUSE CVE-2020-27171 at NVD CVE-2020-27194 at SUSE CVE-2020-27194 at NVD CVE-2020-2732 at SUSE CVE-2020-2732 at NVD CVE-2020-27673 at SUSE CVE-2020-27673 at NVD CVE-2020-27675 at SUSE CVE-2020-27675 at NVD CVE-2020-27777 at SUSE CVE-2020-27777 at NVD CVE-2020-27786 at SUSE CVE-2020-27786 at NVD CVE-2020-27815 at SUSE CVE-2020-27815 at NVD CVE-2020-27820 at SUSE CVE-2020-27820 at NVD CVE-2020-27825 at SUSE CVE-2020-27825 at NVD CVE-2020-27830 at SUSE CVE-2020-27830 at NVD CVE-2020-27835 at SUSE CVE-2020-27835 at NVD CVE-2020-28374 at SUSE CVE-2020-28374 at NVD CVE-2020-28915 at SUSE CVE-2020-28915 at NVD CVE-2020-28941 at SUSE CVE-2020-28941 at NVD CVE-2020-28974 at SUSE CVE-2020-28974 at NVD CVE-2020-29368 at SUSE CVE-2020-29368 at NVD CVE-2020-29369 at SUSE CVE-2020-29369 at NVD CVE-2020-29370 at SUSE CVE-2020-29370 at NVD CVE-2020-29371 at SUSE CVE-2020-29371 at NVD CVE-2020-29373 at SUSE CVE-2020-29373 at NVD CVE-2020-29568 at SUSE CVE-2020-29568 at NVD CVE-2020-29569 at SUSE CVE-2020-29569 at NVD CVE-2020-29660 at SUSE CVE-2020-29660 at NVD CVE-2020-29661 at SUSE CVE-2020-29661 at NVD CVE-2020-35519 at SUSE CVE-2020-35519 at NVD CVE-2020-36158 at SUSE CVE-2020-36158 at NVD CVE-2020-36310 at SUSE CVE-2020-36310 at NVD CVE-2020-36311 at SUSE CVE-2020-36311 at NVD CVE-2020-36312 at SUSE CVE-2020-36312 at NVD CVE-2020-36322 at SUSE CVE-2020-36322 at NVD CVE-2020-36385 at SUSE CVE-2020-36385 at NVD CVE-2020-36386 at SUSE CVE-2020-36386 at NVD CVE-2020-36516 at SUSE CVE-2020-36516 at NVD CVE-2020-4788 at SUSE CVE-2020-4788 at NVD CVE-2020-8428 at SUSE CVE-2020-8428 at NVD CVE-2020-8647 at SUSE CVE-2020-8647 at NVD CVE-2020-8648 at SUSE CVE-2020-8648 at NVD CVE-2020-8649 at SUSE CVE-2020-8649 at NVD CVE-2020-8694 at SUSE CVE-2020-8694 at NVD CVE-2020-8835 at SUSE CVE-2020-8835 at NVD CVE-2020-8992 at SUSE CVE-2020-8992 at NVD CVE-2020-9383 at SUSE CVE-2020-9383 at NVD CVE-2021-0129 at SUSE CVE-2021-0129 at NVD CVE-2021-0342 at SUSE CVE-2021-0342 at NVD CVE-2021-0512 at SUSE CVE-2021-0512 at NVD CVE-2021-0605 at SUSE CVE-2021-0605 at NVD CVE-2021-20177 at SUSE CVE-2021-20177 at NVD CVE-2021-20268 at SUSE CVE-2021-20268 at NVD CVE-2021-20321 at SUSE CVE-2021-20321 at NVD CVE-2021-21781 at SUSE CVE-2021-21781 at NVD CVE-2021-22543 at SUSE CVE-2021-22543 at NVD CVE-2021-22555 at SUSE CVE-2021-22555 at NVD CVE-2021-22600 at SUSE CVE-2021-22600 at NVD CVE-2021-23134 at SUSE CVE-2021-23134 at NVD CVE-2021-26341 at SUSE CVE-2021-26341 at NVD CVE-2021-26930 at SUSE CVE-2021-26930 at NVD CVE-2021-26931 at SUSE CVE-2021-26931 at NVD CVE-2021-26932 at SUSE CVE-2021-26932 at NVD CVE-2021-27363 at SUSE CVE-2021-27363 at NVD CVE-2021-27364 at SUSE CVE-2021-27364 at NVD CVE-2021-27365 at SUSE CVE-2021-27365 at NVD CVE-2021-28038 at SUSE CVE-2021-28038 at NVD CVE-2021-28375 at SUSE CVE-2021-28375 at NVD CVE-2021-28660 at SUSE CVE-2021-28660 at NVD CVE-2021-28688 at SUSE CVE-2021-28688 at NVD CVE-2021-28711 at SUSE CVE-2021-28711 at NVD CVE-2021-28712 at SUSE CVE-2021-28712 at NVD CVE-2021-28713 at SUSE CVE-2021-28713 at NVD CVE-2021-28714 at SUSE CVE-2021-28714 at NVD CVE-2021-28715 at SUSE CVE-2021-28715 at NVD CVE-2021-28950 at SUSE CVE-2021-28950 at NVD CVE-2021-28952 at SUSE CVE-2021-28952 at NVD CVE-2021-28964 at SUSE CVE-2021-28964 at NVD CVE-2021-28971 at SUSE CVE-2021-28971 at NVD CVE-2021-28972 at SUSE CVE-2021-28972 at NVD CVE-2021-29154 at SUSE CVE-2021-29154 at NVD CVE-2021-29155 at SUSE CVE-2021-29155 at NVD CVE-2021-29264 at SUSE CVE-2021-29264 at NVD CVE-2021-29265 at SUSE CVE-2021-29265 at NVD CVE-2021-29647 at SUSE CVE-2021-29647 at NVD CVE-2021-29650 at SUSE CVE-2021-29650 at NVD CVE-2021-30002 at SUSE CVE-2021-30002 at NVD CVE-2021-32399 at SUSE CVE-2021-32399 at NVD CVE-2021-33034 at SUSE CVE-2021-33034 at NVD CVE-2021-33061 at SUSE CVE-2021-33061 at NVD CVE-2021-33135 at SUSE CVE-2021-33135 at NVD CVE-2021-33200 at SUSE CVE-2021-33200 at NVD CVE-2021-3347 at SUSE CVE-2021-3347 at NVD CVE-2021-3348 at SUSE CVE-2021-3348 at NVD CVE-2021-33624 at SUSE CVE-2021-33624 at NVD CVE-2021-33655 at SUSE CVE-2021-33655 at NVD CVE-2021-33909 at SUSE CVE-2021-33909 at NVD CVE-2021-3428 at SUSE CVE-2021-3428 at NVD CVE-2021-3444 at SUSE CVE-2021-3444 at NVD CVE-2021-34556 at SUSE CVE-2021-34556 at NVD CVE-2021-34693 at SUSE CVE-2021-34693 at NVD CVE-2021-3483 at SUSE CVE-2021-3483 at NVD CVE-2021-3489 at SUSE CVE-2021-3489 at NVD CVE-2021-3490 at SUSE CVE-2021-3490 at NVD CVE-2021-3491 at SUSE CVE-2021-3491 at NVD CVE-2021-35039 at SUSE CVE-2021-35039 at NVD CVE-2021-3542 at SUSE CVE-2021-3542 at NVD CVE-2021-35477 at SUSE CVE-2021-35477 at NVD CVE-2021-3573 at SUSE CVE-2021-3573 at NVD CVE-2021-3609 at SUSE CVE-2021-3609 at NVD CVE-2021-3612 at SUSE CVE-2021-3612 at NVD CVE-2021-3640 at SUSE CVE-2021-3640 at NVD CVE-2021-3653 at SUSE CVE-2021-3653 at NVD CVE-2021-3656 at SUSE CVE-2021-3656 at NVD CVE-2021-3659 at SUSE CVE-2021-3659 at NVD CVE-2021-3679 at SUSE CVE-2021-3679 at NVD CVE-2021-3732 at SUSE CVE-2021-3732 at NVD CVE-2021-3739 at SUSE CVE-2021-3739 at NVD CVE-2021-3743 at SUSE CVE-2021-3743 at NVD CVE-2021-3744 at SUSE CVE-2021-3744 at NVD CVE-2021-3753 at SUSE CVE-2021-3753 at NVD CVE-2021-37576 at SUSE CVE-2021-37576 at NVD CVE-2021-3759 at SUSE CVE-2021-3759 at NVD CVE-2021-3760 at SUSE CVE-2021-3760 at NVD CVE-2021-3764 at SUSE CVE-2021-3764 at NVD CVE-2021-3772 at SUSE CVE-2021-3772 at NVD CVE-2021-38160 at SUSE CVE-2021-38160 at NVD CVE-2021-38166 at SUSE CVE-2021-38166 at NVD CVE-2021-38198 at SUSE CVE-2021-38198 at NVD CVE-2021-38204 at SUSE CVE-2021-38204 at NVD CVE-2021-38205 at SUSE CVE-2021-38205 at NVD CVE-2021-38206 at SUSE CVE-2021-38206 at NVD CVE-2021-38207 at SUSE CVE-2021-38207 at NVD CVE-2021-38209 at SUSE CVE-2021-38209 at NVD CVE-2021-3896 at SUSE CVE-2021-3896 at NVD CVE-2021-39685 at SUSE CVE-2021-39685 at NVD CVE-2021-39698 at SUSE CVE-2021-39698 at NVD CVE-2021-4001 at SUSE CVE-2021-4001 at NVD CVE-2021-4002 at SUSE CVE-2021-4002 at NVD CVE-2021-4037 at SUSE CVE-2021-4037 at NVD CVE-2021-4083 at SUSE CVE-2021-4083 at NVD CVE-2021-4090 at SUSE CVE-2021-4090 at NVD CVE-2021-41073 at SUSE CVE-2021-41073 at NVD CVE-2021-4135 at SUSE CVE-2021-4135 at NVD CVE-2021-4148 at SUSE CVE-2021-4148 at NVD CVE-2021-4155 at SUSE CVE-2021-4155 at NVD CVE-2021-41864 at SUSE CVE-2021-41864 at NVD CVE-2021-4197 at SUSE CVE-2021-4197 at NVD CVE-2021-4202 at SUSE CVE-2021-4202 at NVD CVE-2021-4204 at SUSE CVE-2021-4204 at NVD CVE-2021-42252 at SUSE CVE-2021-42252 at NVD CVE-2021-42327 at SUSE CVE-2021-42327 at NVD CVE-2021-42739 at SUSE CVE-2021-42739 at NVD CVE-2021-43056 at SUSE CVE-2021-43056 at NVD CVE-2021-43057 at SUSE CVE-2021-43057 at NVD CVE-2021-43267 at SUSE CVE-2021-43267 at NVD CVE-2021-43389 at SUSE CVE-2021-43389 at NVD CVE-2021-43975 at SUSE CVE-2021-43975 at NVD CVE-2021-43976 at SUSE CVE-2021-43976 at NVD CVE-2021-44733 at SUSE CVE-2021-44733 at NVD CVE-2021-44879 at SUSE CVE-2021-44879 at NVD CVE-2021-45095 at SUSE CVE-2021-45095 at NVD CVE-2021-45402 at SUSE CVE-2021-45402 at NVD CVE-2021-45480 at SUSE CVE-2021-45480 at NVD CVE-2021-45868 at SUSE CVE-2021-45868 at NVD CVE-2022-0001 at SUSE CVE-2022-0001 at NVD CVE-2022-0002 at SUSE CVE-2022-0002 at NVD CVE-2022-0168 at SUSE CVE-2022-0168 at NVD CVE-2022-0171 at SUSE CVE-2022-0171 at NVD CVE-2022-0185 at SUSE CVE-2022-0185 at NVD CVE-2022-0264 at SUSE CVE-2022-0264 at NVD CVE-2022-0322 at SUSE CVE-2022-0322 at NVD CVE-2022-0330 at SUSE CVE-2022-0330 at NVD CVE-2022-0382 at SUSE CVE-2022-0382 at NVD CVE-2022-0435 at SUSE CVE-2022-0435 at NVD CVE-2022-0487 at SUSE CVE-2022-0487 at NVD CVE-2022-0492 at SUSE CVE-2022-0492 at NVD CVE-2022-0494 at SUSE CVE-2022-0494 at NVD CVE-2022-0500 at SUSE CVE-2022-0500 at NVD CVE-2022-0516 at SUSE CVE-2022-0516 at NVD CVE-2022-0617 at SUSE CVE-2022-0617 at NVD CVE-2022-0644 at SUSE CVE-2022-0644 at NVD CVE-2022-0742 at SUSE CVE-2022-0742 at NVD CVE-2022-0847 at SUSE CVE-2022-0847 at NVD CVE-2022-0854 at SUSE CVE-2022-0854 at NVD CVE-2022-0886 at SUSE CVE-2022-0886 at NVD CVE-2022-0995 at SUSE CVE-2022-0995 at NVD CVE-2022-0998 at SUSE CVE-2022-0998 at NVD CVE-2022-1011 at SUSE CVE-2022-1011 at NVD CVE-2022-1012 at SUSE CVE-2022-1012 at NVD CVE-2022-1015 at SUSE CVE-2022-1015 at NVD CVE-2022-1016 at SUSE CVE-2022-1016 at NVD CVE-2022-1048 at SUSE CVE-2022-1048 at NVD CVE-2022-1055 at SUSE CVE-2022-1055 at NVD CVE-2022-1158 at SUSE CVE-2022-1158 at NVD CVE-2022-1184 at SUSE CVE-2022-1184 at NVD CVE-2022-1195 at SUSE CVE-2022-1195 at NVD CVE-2022-1198 at SUSE CVE-2022-1198 at NVD CVE-2022-1199 at SUSE CVE-2022-1199 at NVD CVE-2022-1204 at SUSE CVE-2022-1204 at NVD CVE-2022-1205 at SUSE CVE-2022-1205 at NVD CVE-2022-1263 at SUSE CVE-2022-1263 at NVD CVE-2022-1280 at SUSE CVE-2022-1280 at NVD CVE-2022-1462 at SUSE CVE-2022-1462 at NVD CVE-2022-1508 at SUSE CVE-2022-1508 at NVD CVE-2022-1516 at SUSE CVE-2022-1516 at NVD CVE-2022-1651 at SUSE CVE-2022-1651 at NVD CVE-2022-1652 at SUSE CVE-2022-1652 at NVD CVE-2022-1671 at SUSE CVE-2022-1671 at NVD CVE-2022-1679 at SUSE CVE-2022-1679 at NVD CVE-2022-1729 at SUSE CVE-2022-1729 at NVD CVE-2022-1734 at SUSE CVE-2022-1734 at NVD CVE-2022-1789 at SUSE CVE-2022-1789 at NVD CVE-2022-1836 at SUSE CVE-2022-1836 at NVD CVE-2022-1852 at SUSE CVE-2022-1852 at NVD CVE-2022-1882 at SUSE CVE-2022-1882 at NVD CVE-2022-1966 at SUSE CVE-2022-1966 at NVD CVE-2022-1972 at SUSE CVE-2022-1972 at NVD CVE-2022-1974 at SUSE CVE-2022-1974 at NVD CVE-2022-1975 at SUSE CVE-2022-1975 at NVD CVE-2022-1998 at SUSE CVE-2022-1998 at NVD CVE-2022-20008 at SUSE CVE-2022-20008 at NVD CVE-2022-20132 at SUSE CVE-2022-20132 at NVD CVE-2022-20154 at SUSE CVE-2022-20154 at NVD CVE-2022-20368 at SUSE CVE-2022-20368 at NVD CVE-2022-20369 at SUSE CVE-2022-20369 at NVD CVE-2022-21123 at SUSE CVE-2022-21123 at NVD CVE-2022-21125 at SUSE CVE-2022-21125 at NVD CVE-2022-21127 at SUSE CVE-2022-21127 at NVD CVE-2022-21166 at SUSE CVE-2022-21166 at NVD CVE-2022-21180 at SUSE CVE-2022-21180 at NVD CVE-2022-21499 at SUSE CVE-2022-21499 at NVD CVE-2022-21505 at SUSE CVE-2022-21505 at NVD CVE-2022-2153 at SUSE CVE-2022-2153 at NVD CVE-2022-2196 at SUSE CVE-2022-2196 at NVD CVE-2022-22942 at SUSE CVE-2022-22942 at NVD CVE-2022-23036 at SUSE CVE-2022-23036 at NVD CVE-2022-23037 at SUSE CVE-2022-23037 at NVD CVE-2022-23038 at SUSE CVE-2022-23038 at NVD CVE-2022-23039 at SUSE CVE-2022-23039 at NVD CVE-2022-23040 at SUSE CVE-2022-23040 at NVD CVE-2022-23041 at SUSE CVE-2022-23041 at NVD CVE-2022-23042 at SUSE CVE-2022-23042 at NVD CVE-2022-2318 at SUSE CVE-2022-2318 at NVD CVE-2022-23222 at SUSE CVE-2022-23222 at NVD CVE-2022-23960 at SUSE CVE-2022-23960 at NVD CVE-2022-24122 at SUSE CVE-2022-24122 at NVD CVE-2022-24448 at SUSE CVE-2022-24448 at NVD CVE-2022-24958 at SUSE CVE-2022-24958 at NVD CVE-2022-24959 at SUSE CVE-2022-24959 at NVD CVE-2022-25258 at SUSE CVE-2022-25258 at NVD CVE-2022-25375 at SUSE CVE-2022-25375 at NVD CVE-2022-25636 at SUSE CVE-2022-25636 at NVD CVE-2022-2585 at SUSE CVE-2022-2585 at NVD CVE-2022-2586 at SUSE CVE-2022-2586 at NVD CVE-2022-2588 at SUSE CVE-2022-2588 at NVD CVE-2022-2602 at SUSE CVE-2022-2602 at NVD CVE-2022-26365 at SUSE CVE-2022-26365 at NVD CVE-2022-26373 at SUSE CVE-2022-26373 at NVD CVE-2022-2639 at SUSE CVE-2022-2639 at NVD CVE-2022-26490 at SUSE CVE-2022-26490 at NVD CVE-2022-2663 at SUSE CVE-2022-2663 at NVD CVE-2022-26878 at SUSE CVE-2022-26878 at NVD CVE-2022-26966 at SUSE CVE-2022-26966 at NVD CVE-2022-27223 at SUSE CVE-2022-27223 at NVD CVE-2022-28356 at SUSE CVE-2022-28356 at NVD CVE-2022-28388 at SUSE CVE-2022-28388 at NVD CVE-2022-28389 at SUSE CVE-2022-28389 at NVD CVE-2022-28390 at SUSE CVE-2022-28390 at NVD CVE-2022-28693 at SUSE CVE-2022-28693 at NVD CVE-2022-2873 at SUSE CVE-2022-2873 at NVD CVE-2022-28748 at SUSE CVE-2022-28748 at NVD CVE-2022-28893 at SUSE CVE-2022-28893 at NVD CVE-2022-2905 at SUSE CVE-2022-2905 at NVD CVE-2022-29156 at SUSE CVE-2022-29156 at NVD CVE-2022-2938 at SUSE CVE-2022-2938 at NVD CVE-2022-29581 at SUSE CVE-2022-29581 at NVD CVE-2022-29582 at SUSE CVE-2022-29582 at NVD CVE-2022-2959 at SUSE CVE-2022-2959 at NVD CVE-2022-2964 at SUSE CVE-2022-2964 at NVD CVE-2022-2977 at SUSE CVE-2022-2977 at NVD CVE-2022-2978 at SUSE CVE-2022-2978 at NVD CVE-2022-29900 at SUSE CVE-2022-29900 at NVD CVE-2022-29901 at SUSE CVE-2022-29901 at NVD CVE-2022-3028 at SUSE CVE-2022-3028 at NVD CVE-2022-30594 at SUSE CVE-2022-30594 at NVD CVE-2022-3078 at SUSE CVE-2022-3078 at NVD CVE-2022-3104 at SUSE CVE-2022-3104 at NVD CVE-2022-3105 at SUSE CVE-2022-3105 at NVD CVE-2022-3106 at SUSE CVE-2022-3106 at NVD CVE-2022-3107 at SUSE CVE-2022-3107 at NVD CVE-2022-3108 at SUSE CVE-2022-3108 at NVD CVE-2022-3111 at SUSE CVE-2022-3111 at NVD CVE-2022-3112 at SUSE CVE-2022-3112 at NVD CVE-2022-3113 at SUSE CVE-2022-3113 at NVD CVE-2022-3114 at SUSE CVE-2022-3114 at NVD CVE-2022-3115 at SUSE CVE-2022-3115 at NVD CVE-2022-3169 at SUSE CVE-2022-3169 at NVD CVE-2022-3176 at SUSE CVE-2022-3176 at NVD CVE-2022-3202 at SUSE CVE-2022-3202 at NVD CVE-2022-32250 at SUSE CVE-2022-32250 at NVD CVE-2022-32296 at SUSE CVE-2022-32296 at NVD CVE-2022-3239 at SUSE CVE-2022-3239 at NVD CVE-2022-3303 at SUSE CVE-2022-3303 at NVD CVE-2022-3344 at SUSE CVE-2022-3344 at NVD CVE-2022-33740 at SUSE CVE-2022-33740 at NVD CVE-2022-33741 at SUSE CVE-2022-33741 at NVD CVE-2022-33742 at SUSE CVE-2022-33742 at NVD CVE-2022-33743 at SUSE CVE-2022-33743 at NVD CVE-2022-33981 at SUSE CVE-2022-33981 at NVD CVE-2022-3424 at SUSE CVE-2022-3424 at NVD CVE-2022-3435 at SUSE CVE-2022-3435 at NVD CVE-2022-34918 at SUSE CVE-2022-34918 at NVD CVE-2022-3521 at SUSE CVE-2022-3521 at NVD CVE-2022-3523 at SUSE CVE-2022-3523 at NVD CVE-2022-3524 at SUSE CVE-2022-3524 at NVD CVE-2022-3526 at SUSE CVE-2022-3526 at NVD CVE-2022-3535 at SUSE CVE-2022-3535 at NVD CVE-2022-3542 at SUSE CVE-2022-3542 at NVD CVE-2022-3545 at SUSE CVE-2022-3545 at NVD CVE-2022-3564 at SUSE CVE-2022-3564 at NVD CVE-2022-3565 at SUSE CVE-2022-3565 at NVD CVE-2022-3566 at SUSE CVE-2022-3566 at NVD CVE-2022-3567 at SUSE CVE-2022-3567 at NVD CVE-2022-3577 at SUSE CVE-2022-3577 at NVD CVE-2022-3586 at SUSE CVE-2022-3586 at NVD CVE-2022-3594 at SUSE CVE-2022-3594 at NVD CVE-2022-3619 at SUSE CVE-2022-3619 at NVD CVE-2022-3621 at SUSE CVE-2022-3621 at NVD CVE-2022-3625 at SUSE CVE-2022-3625 at NVD CVE-2022-3628 at SUSE CVE-2022-3628 at NVD CVE-2022-36280 at SUSE CVE-2022-36280 at NVD CVE-2022-3629 at SUSE CVE-2022-3629 at NVD CVE-2022-3633 at SUSE CVE-2022-3633 at NVD CVE-2022-3635 at SUSE CVE-2022-3635 at NVD CVE-2022-3640 at SUSE CVE-2022-3640 at NVD CVE-2022-3643 at SUSE CVE-2022-3643 at NVD CVE-2022-3646 at SUSE CVE-2022-3646 at NVD CVE-2022-3649 at SUSE CVE-2022-3649 at NVD CVE-2022-36879 at SUSE CVE-2022-36879 at NVD CVE-2022-36946 at SUSE CVE-2022-36946 at NVD CVE-2022-3707 at SUSE CVE-2022-3707 at NVD CVE-2022-38096 at SUSE CVE-2022-38096 at NVD CVE-2022-38457 at SUSE CVE-2022-38457 at NVD CVE-2022-3903 at SUSE CVE-2022-3903 at NVD CVE-2022-39188 at SUSE CVE-2022-39188 at NVD CVE-2022-39189 at SUSE CVE-2022-39189 at NVD CVE-2022-39190 at SUSE CVE-2022-39190 at NVD CVE-2022-40133 at SUSE CVE-2022-40133 at NVD CVE-2022-40476 at SUSE CVE-2022-40476 at NVD CVE-2022-40768 at SUSE CVE-2022-40768 at NVD CVE-2022-4095 at SUSE CVE-2022-4095 at NVD CVE-2022-40982 at SUSE CVE-2022-40982 at NVD CVE-2022-41218 at SUSE CVE-2022-41218 at NVD CVE-2022-4129 at SUSE CVE-2022-4129 at NVD CVE-2022-4139 at SUSE CVE-2022-4139 at NVD CVE-2022-41674 at SUSE CVE-2022-41674 at NVD CVE-2022-41848 at SUSE CVE-2022-41848 at NVD CVE-2022-41849 at SUSE CVE-2022-41849 at NVD CVE-2022-41850 at SUSE CVE-2022-41850 at NVD CVE-2022-41858 at SUSE CVE-2022-41858 at NVD CVE-2022-42328 at SUSE CVE-2022-42328 at NVD CVE-2022-42329 at SUSE CVE-2022-42329 at NVD CVE-2022-4269 at SUSE CVE-2022-4269 at NVD CVE-2022-42703 at SUSE CVE-2022-42703 at NVD CVE-2022-42719 at SUSE CVE-2022-42719 at NVD CVE-2022-42720 at SUSE CVE-2022-42720 at NVD CVE-2022-42721 at SUSE CVE-2022-42721 at NVD CVE-2022-42722 at SUSE CVE-2022-42722 at NVD CVE-2022-42895 at SUSE CVE-2022-42895 at NVD CVE-2022-42896 at SUSE CVE-2022-42896 at NVD CVE-2022-43750 at SUSE CVE-2022-43750 at NVD CVE-2022-4378 at SUSE CVE-2022-4378 at NVD CVE-2022-4379 at SUSE CVE-2022-4379 at NVD CVE-2022-4382 at SUSE CVE-2022-4382 at NVD CVE-2022-43945 at SUSE CVE-2022-43945 at NVD CVE-2022-45869 at SUSE CVE-2022-45869 at NVD CVE-2022-45884 at SUSE CVE-2022-45884 at NVD CVE-2022-45885 at SUSE CVE-2022-45885 at NVD CVE-2022-45886 at SUSE CVE-2022-45886 at NVD CVE-2022-45887 at SUSE CVE-2022-45887 at NVD CVE-2022-45888 at SUSE CVE-2022-45888 at NVD CVE-2022-45919 at SUSE CVE-2022-45919 at NVD CVE-2022-45934 at SUSE CVE-2022-45934 at NVD CVE-2022-4662 at SUSE CVE-2022-4662 at NVD CVE-2022-4744 at SUSE CVE-2022-4744 at NVD CVE-2022-47520 at SUSE CVE-2022-47520 at NVD CVE-2022-47929 at SUSE CVE-2022-47929 at NVD CVE-2023-0045 at SUSE CVE-2023-0045 at NVD CVE-2023-0122 at SUSE CVE-2023-0122 at NVD CVE-2023-0179 at SUSE CVE-2023-0179 at NVD CVE-2023-0266 at SUSE CVE-2023-0266 at NVD CVE-2023-0386 at SUSE CVE-2023-0386 at NVD CVE-2023-0394 at SUSE CVE-2023-0394 at NVD CVE-2023-0459 at SUSE CVE-2023-0459 at NVD CVE-2023-0461 at SUSE CVE-2023-0461 at NVD CVE-2023-0468 at SUSE CVE-2023-0468 at NVD CVE-2023-0469 at SUSE CVE-2023-0469 at NVD CVE-2023-0590 at SUSE CVE-2023-0590 at NVD CVE-2023-0597 at SUSE CVE-2023-0597 at NVD CVE-2023-1075 at SUSE CVE-2023-1075 at NVD CVE-2023-1076 at SUSE CVE-2023-1076 at NVD CVE-2023-1077 at SUSE CVE-2023-1077 at NVD CVE-2023-1078 at SUSE CVE-2023-1078 at NVD CVE-2023-1079 at SUSE CVE-2023-1079 at NVD CVE-2023-1095 at SUSE CVE-2023-1095 at NVD CVE-2023-1118 at SUSE CVE-2023-1118 at NVD CVE-2023-1249 at SUSE CVE-2023-1249 at NVD CVE-2023-1281 at SUSE CVE-2023-1281 at NVD CVE-2023-1380 at SUSE CVE-2023-1380 at NVD CVE-2023-1382 at SUSE CVE-2023-1382 at NVD CVE-2023-1513 at SUSE CVE-2023-1513 at NVD CVE-2023-1582 at SUSE CVE-2023-1582 at NVD CVE-2023-1583 at SUSE CVE-2023-1583 at NVD CVE-2023-1611 at SUSE CVE-2023-1611 at NVD CVE-2023-1637 at SUSE CVE-2023-1637 at NVD CVE-2023-1652 at SUSE CVE-2023-1652 at NVD CVE-2023-1670 at SUSE CVE-2023-1670 at NVD CVE-2023-1829 at SUSE CVE-2023-1829 at NVD CVE-2023-1838 at SUSE CVE-2023-1838 at NVD CVE-2023-1855 at SUSE CVE-2023-1855 at NVD CVE-2023-1989 at SUSE CVE-2023-1989 at NVD CVE-2023-1990 at SUSE CVE-2023-1990 at NVD CVE-2023-1998 at SUSE CVE-2023-1998 at NVD CVE-2023-2002 at SUSE CVE-2023-2002 at NVD CVE-2023-2007 at SUSE CVE-2023-2007 at NVD CVE-2023-2008 at SUSE CVE-2023-2008 at NVD CVE-2023-2019 at SUSE CVE-2023-2019 at NVD CVE-2023-20569 at SUSE CVE-2023-20569 at NVD CVE-2023-20588 at SUSE CVE-2023-20588 at NVD CVE-2023-20593 at SUSE CVE-2023-20593 at NVD CVE-2023-21102 at SUSE CVE-2023-21102 at NVD CVE-2023-21106 at SUSE CVE-2023-21106 at NVD CVE-2023-2124 at SUSE CVE-2023-2124 at NVD CVE-2023-21400 at SUSE CVE-2023-21400 at NVD CVE-2023-2156 at SUSE CVE-2023-2156 at NVD CVE-2023-2162 at SUSE CVE-2023-2162 at NVD CVE-2023-2166 at SUSE CVE-2023-2166 at NVD CVE-2023-2176 at SUSE CVE-2023-2176 at NVD CVE-2023-2235 at SUSE CVE-2023-2235 at NVD CVE-2023-2269 at SUSE CVE-2023-2269 at NVD CVE-2023-22995 at SUSE CVE-2023-22995 at NVD CVE-2023-22998 at SUSE CVE-2023-22998 at NVD CVE-2023-23000 at SUSE CVE-2023-23000 at NVD CVE-2023-23001 at SUSE CVE-2023-23001 at NVD CVE-2023-23004 at SUSE CVE-2023-23004 at NVD CVE-2023-23006 at SUSE CVE-2023-23006 at NVD CVE-2023-23454 at SUSE CVE-2023-23454 at NVD CVE-2023-23455 at SUSE CVE-2023-23455 at NVD CVE-2023-23559 at SUSE CVE-2023-23559 at NVD CVE-2023-2430 at SUSE CVE-2023-2430 at NVD CVE-2023-2483 at SUSE CVE-2023-2483 at NVD CVE-2023-25012 at SUSE CVE-2023-25012 at NVD CVE-2023-2513 at SUSE CVE-2023-2513 at NVD CVE-2023-26545 at SUSE CVE-2023-26545 at NVD CVE-2023-28327 at SUSE CVE-2023-28327 at NVD CVE-2023-28328 at SUSE CVE-2023-28328 at NVD CVE-2023-28410 at SUSE CVE-2023-28410 at NVD CVE-2023-28464 at SUSE CVE-2023-28464 at NVD CVE-2023-28466 at SUSE CVE-2023-28466 at NVD CVE-2023-28866 at SUSE CVE-2023-28866 at NVD CVE-2023-2985 at SUSE CVE-2023-2985 at NVD CVE-2023-3006 at SUSE CVE-2023-3006 at NVD CVE-2023-30456 at SUSE CVE-2023-30456 at NVD CVE-2023-30772 at SUSE CVE-2023-30772 at NVD CVE-2023-3090 at SUSE CVE-2023-3090 at NVD CVE-2023-31083 at SUSE CVE-2023-31083 at NVD CVE-2023-31084 at SUSE CVE-2023-31084 at NVD CVE-2023-3111 at SUSE CVE-2023-3111 at NVD CVE-2023-3117 at SUSE CVE-2023-3117 at NVD CVE-2023-31248 at SUSE CVE-2023-31248 at NVD CVE-2023-3141 at SUSE CVE-2023-3141 at NVD CVE-2023-31436 at SUSE CVE-2023-31436 at NVD CVE-2023-3161 at SUSE CVE-2023-3161 at NVD CVE-2023-3212 at SUSE CVE-2023-3212 at NVD CVE-2023-3220 at SUSE CVE-2023-3220 at NVD CVE-2023-32233 at SUSE CVE-2023-32233 at NVD CVE-2023-3268 at SUSE CVE-2023-3268 at NVD CVE-2023-33288 at SUSE CVE-2023-33288 at NVD CVE-2023-3357 at SUSE CVE-2023-3357 at NVD CVE-2023-3358 at SUSE CVE-2023-3358 at NVD CVE-2023-3389 at SUSE CVE-2023-3389 at NVD CVE-2023-3390 at SUSE CVE-2023-3390 at NVD CVE-2023-33951 at SUSE CVE-2023-33951 at NVD CVE-2023-33952 at SUSE CVE-2023-33952 at NVD CVE-2023-34319 at SUSE CVE-2023-34319 at NVD CVE-2023-35001 at SUSE CVE-2023-35001 at NVD CVE-2023-3567 at SUSE CVE-2023-3567 at NVD CVE-2023-35788 at SUSE CVE-2023-35788 at NVD CVE-2023-35823 at SUSE CVE-2023-35823 at NVD CVE-2023-35828 at SUSE CVE-2023-35828 at NVD CVE-2023-35829 at SUSE CVE-2023-35829 at NVD CVE-2023-3609 at SUSE CVE-2023-3609 at NVD CVE-2023-3610 at SUSE CVE-2023-3610 at NVD CVE-2023-3611 at SUSE CVE-2023-3611 at NVD CVE-2023-37453 at SUSE CVE-2023-37453 at NVD CVE-2023-3772 at SUSE CVE-2023-3772 at NVD CVE-2023-3776 at SUSE CVE-2023-3776 at NVD CVE-2023-3812 at SUSE CVE-2023-3812 at NVD CVE-2023-38409 at SUSE CVE-2023-38409 at NVD CVE-2023-3863 at SUSE CVE-2023-3863 at NVD CVE-2023-4004 at SUSE CVE-2023-4004 at NVD CVE-2023-40283 at SUSE CVE-2023-40283 at NVD CVE-2023-4128 at SUSE CVE-2023-4128 at NVD CVE-2023-4133 at SUSE CVE-2023-4133 at NVD CVE-2023-4134 at SUSE CVE-2023-4134 at NVD CVE-2023-4147 at SUSE CVE-2023-4147 at NVD CVE-2023-4194 at SUSE CVE-2023-4194 at NVD CVE-2023-4273 at SUSE CVE-2023-4273 at NVD CVE-2023-4387 at SUSE CVE-2023-4387 at NVD CVE-2023-4459 at SUSE CVE-2023-4459 at NVD CVE-2023-4563 at SUSE CVE-2023-4563 at NVD CVE-2023-4569 at SUSE CVE-2023-4569 at NVD cpe:/o:suse:sle-micro:5.5 kpartx-0.9.4+74+suse.f97cc59-150500.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the kpartx-0.9.4+74+suse.f97cc59-150500.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-41973 at SUSE CVE-2022-41973 at NVD CVE-2022-41974 at SUSE CVE-2022-41974 at NVD cpe:/o:suse:sle-micro:5.5 krb5-1.20.1-150500.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the krb5-1.20.1-150500.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-5351 at SUSE CVE-2014-5351 at NVD CVE-2014-5352 at SUSE CVE-2014-5352 at NVD CVE-2014-5353 at SUSE CVE-2014-5353 at NVD CVE-2014-5354 at SUSE CVE-2014-5354 at NVD CVE-2014-5355 at SUSE CVE-2014-5355 at NVD CVE-2014-9421 at SUSE CVE-2014-9421 at NVD CVE-2014-9422 at SUSE CVE-2014-9422 at NVD CVE-2014-9423 at SUSE CVE-2014-9423 at NVD CVE-2015-2694 at SUSE CVE-2015-2694 at NVD CVE-2015-2695 at SUSE CVE-2015-2695 at NVD CVE-2015-2696 at SUSE CVE-2015-2696 at NVD CVE-2015-2697 at SUSE CVE-2015-2697 at NVD CVE-2015-2698 at SUSE CVE-2015-2698 at NVD CVE-2015-8629 at SUSE CVE-2015-8629 at NVD CVE-2015-8630 at SUSE CVE-2015-8630 at NVD CVE-2015-8631 at SUSE CVE-2015-8631 at NVD CVE-2016-3119 at SUSE CVE-2016-3119 at NVD CVE-2016-3120 at SUSE CVE-2016-3120 at NVD CVE-2017-11368 at SUSE CVE-2017-11368 at NVD CVE-2017-11462 at SUSE CVE-2017-11462 at NVD CVE-2018-20217 at SUSE CVE-2018-20217 at NVD CVE-2018-5729 at SUSE CVE-2018-5729 at NVD CVE-2018-5730 at SUSE CVE-2018-5730 at NVD CVE-2020-28196 at SUSE CVE-2020-28196 at NVD CVE-2021-36222 at SUSE CVE-2021-36222 at NVD CVE-2021-37750 at SUSE CVE-2021-37750 at NVD CVE-2022-42898 at SUSE CVE-2022-42898 at NVD CVE-2023-36054 at SUSE CVE-2023-36054 at NVD cpe:/o:suse:sle-micro:5.5 kubevirt-manifests-0.58.0-150500.6.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the kubevirt-manifests-0.58.0-150500.6.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-43565 at SUSE CVE-2021-43565 at NVD CVE-2022-1798 at SUSE CVE-2022-1798 at NVD CVE-2022-1996 at SUSE CVE-2022-1996 at NVD CVE-2022-29162 at SUSE CVE-2022-29162 at NVD CVE-2023-26484 at SUSE CVE-2023-26484 at NVD cpe:/o:suse:sle-micro:5.5 less-590-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the less-590-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9488 at SUSE CVE-2014-9488 at NVD CVE-2022-46663 at SUSE CVE-2022-46663 at NVD cpe:/o:suse:sle-micro:5.5 libX11-6-1.6.5-150000.3.30.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libX11-6-1.6.5-150000.3.30.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-14598 at SUSE CVE-2018-14598 at NVD CVE-2018-14599 at SUSE CVE-2018-14599 at NVD CVE-2018-14600 at SUSE CVE-2018-14600 at NVD CVE-2020-14344 at SUSE CVE-2020-14344 at NVD CVE-2020-14363 at SUSE CVE-2020-14363 at NVD CVE-2021-31535 at SUSE CVE-2021-31535 at NVD CVE-2022-3554 at SUSE CVE-2022-3554 at NVD CVE-2022-3555 at SUSE CVE-2022-3555 at NVD CVE-2023-3138 at SUSE CVE-2023-3138 at NVD cpe:/o:suse:sle-micro:5.5 libXcursor1-1.1.15-1.18 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXcursor1-1.1.15-1.18 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-2003 at SUSE CVE-2013-2003 at NVD CVE-2017-16612 at SUSE CVE-2017-16612 at NVD cpe:/o:suse:sle-micro:5.5 libXext6-1.3.3-1.30 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXext6-1.3.3-1.30 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1982 at SUSE CVE-2013-1982 at NVD cpe:/o:suse:sle-micro:5.5 libXfixes3-6.0.0-150400.1.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXfixes3-6.0.0-150400.1.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1983 at SUSE CVE-2013-1983 at NVD cpe:/o:suse:sle-micro:5.5 libXi6-1.7.9-3.2.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXi6-1.7.9-3.2.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1984 at SUSE CVE-2013-1984 at NVD CVE-2013-1995 at SUSE CVE-2013-1995 at NVD CVE-2013-1998 at SUSE CVE-2013-1998 at NVD cpe:/o:suse:sle-micro:5.5 libXinerama1-1.1.3-1.22 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXinerama1-1.1.3-1.22 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1985 at SUSE CVE-2013-1985 at NVD cpe:/o:suse:sle-micro:5.5 libXrandr2-1.5.1-2.17 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXrandr2-1.5.1-2.17 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1986 at SUSE CVE-2013-1986 at NVD CVE-2016-7947 at SUSE CVE-2016-7947 at NVD CVE-2016-7948 at SUSE CVE-2016-7948 at NVD cpe:/o:suse:sle-micro:5.5 libXrender1-0.9.10-1.30 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXrender1-0.9.10-1.30 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1987 at SUSE CVE-2013-1987 at NVD cpe:/o:suse:sle-micro:5.5 libXtst6-1.2.3-1.24 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXtst6-1.2.3-1.24 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-2063 at SUSE CVE-2013-2063 at NVD cpe:/o:suse:sle-micro:5.5 libXv1-1.0.11-1.23 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXv1-1.0.11-1.23 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-1989 at SUSE CVE-2013-1989 at NVD CVE-2013-2066 at SUSE CVE-2013-2066 at NVD CVE-2016-5407 at SUSE CVE-2016-5407 at NVD cpe:/o:suse:sle-micro:5.5 libXxf86vm1-1.1.4-1.23 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libXxf86vm1-1.1.4-1.23 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-2001 at SUSE CVE-2013-2001 at NVD cpe:/o:suse:sle-micro:5.5 libarchive13-3.5.1-150400.3.12.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libarchive13-3.5.1-150400.3.12.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-0211 at SUSE CVE-2013-0211 at NVD CVE-2015-2304 at SUSE CVE-2015-2304 at NVD CVE-2015-8917 at SUSE CVE-2015-8917 at NVD CVE-2015-8928 at SUSE CVE-2015-8928 at NVD CVE-2015-8933 at SUSE CVE-2015-8933 at NVD CVE-2015-8934 at SUSE CVE-2015-8934 at NVD CVE-2016-1541 at SUSE CVE-2016-1541 at NVD CVE-2016-4300 at SUSE CVE-2016-4300 at NVD CVE-2016-4301 at SUSE CVE-2016-4301 at NVD CVE-2016-4809 at SUSE CVE-2016-4809 at NVD CVE-2016-5418 at SUSE CVE-2016-5418 at NVD CVE-2016-5844 at SUSE CVE-2016-5844 at NVD CVE-2016-6250 at SUSE CVE-2016-6250 at NVD CVE-2016-8687 at SUSE CVE-2016-8687 at NVD CVE-2016-8688 at SUSE CVE-2016-8688 at NVD CVE-2016-8689 at SUSE CVE-2016-8689 at NVD CVE-2017-14166 at SUSE CVE-2017-14166 at NVD CVE-2017-14501 at SUSE CVE-2017-14501 at NVD CVE-2017-14502 at SUSE CVE-2017-14502 at NVD CVE-2017-14503 at SUSE CVE-2017-14503 at NVD CVE-2017-5601 at SUSE CVE-2017-5601 at NVD CVE-2018-1000877 at SUSE CVE-2018-1000877 at NVD CVE-2018-1000878 at SUSE CVE-2018-1000878 at NVD CVE-2018-1000879 at SUSE CVE-2018-1000879 at NVD CVE-2018-1000880 at SUSE CVE-2018-1000880 at NVD CVE-2019-1000019 at SUSE CVE-2019-1000019 at NVD CVE-2019-1000020 at SUSE CVE-2019-1000020 at NVD CVE-2019-18408 at SUSE CVE-2019-18408 at NVD CVE-2019-19221 at SUSE CVE-2019-19221 at NVD CVE-2021-23177 at SUSE CVE-2021-23177 at NVD CVE-2021-31566 at SUSE CVE-2021-31566 at NVD CVE-2021-36976 at SUSE CVE-2021-36976 at NVD CVE-2022-26280 at SUSE CVE-2022-26280 at NVD CVE-2022-36227 at SUSE CVE-2022-36227 at NVD cpe:/o:suse:sle-micro:5.5 libaudit1-3.0.6-150400.4.13.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libaudit1-3.0.6-150400.4.13.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-5186 at SUSE CVE-2015-5186 at NVD cpe:/o:suse:sle-micro:5.5 libaugeas0-1.12.0-150400.3.3.6 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libaugeas0-1.12.0-150400.3.3.6 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8119 at SUSE CVE-2014-8119 at NVD CVE-2017-7555 at SUSE CVE-2017-7555 at NVD cpe:/o:suse:sle-micro:5.5 libblkid1-2.37.4-150500.7.16 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libblkid1-2.37.4-150500.7.16 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9114 at SUSE CVE-2014-9114 at NVD CVE-2015-5218 at SUSE CVE-2015-5218 at NVD CVE-2016-2779 at SUSE CVE-2016-2779 at NVD CVE-2016-5011 at SUSE CVE-2016-5011 at NVD CVE-2017-2616 at SUSE CVE-2017-2616 at NVD CVE-2021-37600 at SUSE CVE-2021-37600 at NVD CVE-2021-3995 at SUSE CVE-2021-3995 at NVD CVE-2021-3996 at SUSE CVE-2021-3996 at NVD CVE-2022-0563 at SUSE CVE-2022-0563 at NVD cpe:/o:suse:sle-micro:5.5 libbluetooth3-5.65-150500.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libbluetooth3-5.65-150500.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9797 at SUSE CVE-2016-9797 at NVD CVE-2016-9798 at SUSE CVE-2016-9798 at NVD CVE-2016-9800 at SUSE CVE-2016-9800 at NVD CVE-2016-9801 at SUSE CVE-2016-9801 at NVD CVE-2016-9802 at SUSE CVE-2016-9802 at NVD CVE-2016-9804 at SUSE CVE-2016-9804 at NVD CVE-2016-9917 at SUSE CVE-2016-9917 at NVD CVE-2016-9918 at SUSE CVE-2016-9918 at NVD CVE-2020-0556 at SUSE CVE-2020-0556 at NVD CVE-2020-26558 at SUSE CVE-2020-26558 at NVD CVE-2021-0129 at SUSE CVE-2021-0129 at NVD CVE-2021-3588 at SUSE CVE-2021-3588 at NVD CVE-2022-0204 at SUSE CVE-2022-0204 at NVD CVE-2023-27349 at SUSE CVE-2023-27349 at NVD cpe:/o:suse:sle-micro:5.5 libbpf1-1.1.0-150500.1.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libbpf1-1.1.0-150500.1.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-45940 at SUSE CVE-2021-45940 at NVD CVE-2021-45941 at SUSE CVE-2021-45941 at NVD CVE-2022-3533 at SUSE CVE-2022-3533 at NVD CVE-2022-3534 at SUSE CVE-2022-3534 at NVD CVE-2022-3606 at SUSE CVE-2022-3606 at NVD cpe:/o:suse:sle-micro:5.5 libbrotlicommon1-1.0.7-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libbrotlicommon1-1.0.7-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-8927 at SUSE CVE-2020-8927 at NVD cpe:/o:suse:sle-micro:5.5 libbsd0-0.8.7-3.3.17 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libbsd0-0.8.7-3.3.17 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-20367 at SUSE CVE-2019-20367 at NVD cpe:/o:suse:sle-micro:5.5 libcairo-gobject2-1.16.0-150400.9.6 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libcairo-gobject2-1.16.0-150400.9.6 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9082 at SUSE CVE-2016-9082 at NVD CVE-2017-7475 at SUSE CVE-2017-7475 at NVD CVE-2017-9814 at SUSE CVE-2017-9814 at NVD cpe:/o:suse:sle-micro:5.5 libcap2-2.63-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libcap2-2.63-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2023-2602 at SUSE CVE-2023-2602 at NVD CVE-2023-2603 at SUSE CVE-2023-2603 at NVD cpe:/o:suse:sle-micro:5.5 libcares2-1.19.1-150000.3.23.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libcares2-1.19.1-150000.3.23.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-5180 at SUSE CVE-2016-5180 at NVD CVE-2017-1000381 at SUSE CVE-2017-1000381 at NVD CVE-2020-8277 at SUSE CVE-2020-8277 at NVD CVE-2021-3672 at SUSE CVE-2021-3672 at NVD CVE-2022-4904 at SUSE CVE-2022-4904 at NVD CVE-2023-31124 at SUSE CVE-2023-31124 at NVD CVE-2023-31130 at SUSE CVE-2023-31130 at NVD CVE-2023-31147 at SUSE CVE-2023-31147 at NVD CVE-2023-32067 at SUSE CVE-2023-32067 at NVD cpe:/o:suse:sle-micro:5.5 libcolord2-1.4.5-150400.4.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libcolord2-1.4.5-150400.4.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-42523 at SUSE CVE-2021-42523 at NVD cpe:/o:suse:sle-micro:5.5 libcontainers-common-20230214-150500.4.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libcontainers-common-20230214-150500.4.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-15664 at SUSE CVE-2018-15664 at NVD CVE-2019-10152 at SUSE CVE-2019-10152 at NVD CVE-2020-14370 at SUSE CVE-2020-14370 at NVD CVE-2020-15157 at SUSE CVE-2020-15157 at NVD CVE-2021-20199 at SUSE CVE-2021-20199 at NVD CVE-2021-20291 at SUSE CVE-2021-20291 at NVD CVE-2021-3602 at SUSE CVE-2021-3602 at NVD cpe:/o:suse:sle-micro:5.5 libekmfweb1-2.25.0-150500.9.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libekmfweb1-2.25.0-150500.9.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-25316 at SUSE CVE-2021-25316 at NVD cpe:/o:suse:sle-micro:5.5 libevent-2_1-8-2.1.8-2.23 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libevent-2_1-8-2.1.8-2.23 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-6272 at SUSE CVE-2014-6272 at NVD cpe:/o:suse:sle-micro:5.5 libexpat1-2.4.4-150400.3.12.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libexpat1-2.4.4-150400.3.12.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2012-0876 at SUSE CVE-2012-0876 at NVD CVE-2012-6702 at SUSE CVE-2012-6702 at NVD CVE-2013-0340 at SUSE CVE-2013-0340 at NVD CVE-2015-1283 at SUSE CVE-2015-1283 at NVD CVE-2016-0718 at SUSE CVE-2016-0718 at NVD CVE-2016-4472 at SUSE CVE-2016-4472 at NVD CVE-2016-5300 at SUSE CVE-2016-5300 at NVD CVE-2016-9063 at SUSE CVE-2016-9063 at NVD CVE-2017-9233 at SUSE CVE-2017-9233 at NVD CVE-2018-20843 at SUSE CVE-2018-20843 at NVD CVE-2019-15903 at SUSE CVE-2019-15903 at NVD CVE-2021-45960 at SUSE CVE-2021-45960 at NVD CVE-2021-46143 at SUSE CVE-2021-46143 at NVD CVE-2022-22822 at SUSE CVE-2022-22822 at NVD CVE-2022-22823 at SUSE CVE-2022-22823 at NVD CVE-2022-22824 at SUSE CVE-2022-22824 at NVD CVE-2022-22825 at SUSE CVE-2022-22825 at NVD CVE-2022-22826 at SUSE CVE-2022-22826 at NVD CVE-2022-22827 at SUSE CVE-2022-22827 at NVD CVE-2022-23852 at SUSE CVE-2022-23852 at NVD CVE-2022-23990 at SUSE CVE-2022-23990 at NVD CVE-2022-25235 at SUSE CVE-2022-25235 at NVD CVE-2022-25236 at SUSE CVE-2022-25236 at NVD CVE-2022-25313 at SUSE CVE-2022-25313 at NVD CVE-2022-25314 at SUSE CVE-2022-25314 at NVD CVE-2022-25315 at SUSE CVE-2022-25315 at NVD CVE-2022-40674 at SUSE CVE-2022-40674 at NVD CVE-2022-43680 at SUSE CVE-2022-43680 at NVD cpe:/o:suse:sle-micro:5.5 libfreebl3-3.90-150400.3.32.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libfreebl3-3.90-150400.3.32.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-1569 at SUSE CVE-2014-1569 at NVD CVE-2015-2721 at SUSE CVE-2015-2721 at NVD CVE-2015-4000 at SUSE CVE-2015-4000 at NVD CVE-2015-7181 at SUSE CVE-2015-7181 at NVD CVE-2015-7182 at SUSE CVE-2015-7182 at NVD CVE-2015-7575 at SUSE CVE-2015-7575 at NVD CVE-2016-1950 at SUSE CVE-2016-1950 at NVD CVE-2016-1979 at SUSE CVE-2016-1979 at NVD CVE-2016-2834 at SUSE CVE-2016-2834 at NVD CVE-2018-0495 at SUSE CVE-2018-0495 at NVD CVE-2018-12384 at SUSE CVE-2018-12384 at NVD CVE-2018-12404 at SUSE CVE-2018-12404 at NVD CVE-2018-18508 at SUSE CVE-2018-18508 at NVD CVE-2019-11745 at SUSE CVE-2019-11745 at NVD CVE-2019-17006 at SUSE CVE-2019-17006 at NVD CVE-2020-12399 at SUSE CVE-2020-12399 at NVD CVE-2020-12400 at SUSE CVE-2020-12400 at NVD CVE-2020-12401 at SUSE CVE-2020-12401 at NVD CVE-2020-12402 at SUSE CVE-2020-12402 at NVD CVE-2020-12403 at SUSE CVE-2020-12403 at NVD CVE-2020-25648 at SUSE CVE-2020-25648 at NVD CVE-2020-6829 at SUSE CVE-2020-6829 at NVD CVE-2021-43527 at SUSE CVE-2021-43527 at NVD CVE-2022-1097 at SUSE CVE-2022-1097 at NVD CVE-2022-23491 at SUSE CVE-2022-23491 at NVD CVE-2022-3479 at SUSE CVE-2022-3479 at NVD CVE-2023-0767 at SUSE CVE-2023-0767 at NVD cpe:/o:suse:sle-micro:5.5 libfreetype6-2.10.4-150000.4.15.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libfreetype6-2.10.4-150000.4.15.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-2240 at SUSE CVE-2014-2240 at NVD CVE-2014-9656 at SUSE CVE-2014-9656 at NVD CVE-2014-9657 at SUSE CVE-2014-9657 at NVD CVE-2014-9658 at SUSE CVE-2014-9658 at NVD CVE-2014-9659 at SUSE CVE-2014-9659 at NVD CVE-2014-9660 at SUSE CVE-2014-9660 at NVD CVE-2014-9661 at SUSE CVE-2014-9661 at NVD CVE-2014-9662 at SUSE CVE-2014-9662 at NVD CVE-2014-9663 at SUSE CVE-2014-9663 at NVD CVE-2014-9664 at SUSE CVE-2014-9664 at NVD CVE-2014-9665 at SUSE CVE-2014-9665 at NVD CVE-2014-9666 at SUSE CVE-2014-9666 at NVD CVE-2014-9667 at SUSE CVE-2014-9667 at NVD CVE-2014-9668 at SUSE CVE-2014-9668 at NVD CVE-2014-9669 at SUSE CVE-2014-9669 at NVD CVE-2014-9670 at SUSE CVE-2014-9670 at NVD CVE-2014-9671 at SUSE CVE-2014-9671 at NVD CVE-2014-9672 at SUSE CVE-2014-9672 at NVD CVE-2014-9673 at SUSE CVE-2014-9673 at NVD CVE-2014-9674 at SUSE CVE-2014-9674 at NVD CVE-2014-9675 at SUSE CVE-2014-9675 at NVD CVE-2017-8105 at SUSE CVE-2017-8105 at NVD CVE-2017-8287 at SUSE CVE-2017-8287 at NVD CVE-2018-6942 at SUSE CVE-2018-6942 at NVD CVE-2020-15999 at SUSE CVE-2020-15999 at NVD CVE-2022-27404 at SUSE CVE-2022-27404 at NVD CVE-2022-27405 at SUSE CVE-2022-27405 at NVD CVE-2022-27406 at SUSE CVE-2022-27406 at NVD CVE-2023-2004 at SUSE CVE-2023-2004 at NVD cpe:/o:suse:sle-micro:5.5 libfribidi0-1.0.10-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libfribidi0-1.0.10-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-18397 at SUSE CVE-2019-18397 at NVD CVE-2022-25308 at SUSE CVE-2022-25308 at NVD CVE-2022-25309 at SUSE CVE-2022-25309 at NVD CVE-2022-25310 at SUSE CVE-2022-25310 at NVD cpe:/o:suse:sle-micro:5.5 libfuse2-2.9.7-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libfuse2-2.9.7-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2009-3297 at SUSE CVE-2009-3297 at NVD CVE-2011-0541 at SUSE CVE-2011-0541 at NVD CVE-2015-3202 at SUSE CVE-2015-3202 at NVD CVE-2018-10906 at SUSE CVE-2018-10906 at NVD cpe:/o:suse:sle-micro:5.5 libgcrypt20-1.9.4-150500.10.19 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libgcrypt20-1.9.4-150500.10.19 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3591 at SUSE CVE-2014-3591 at NVD CVE-2015-0837 at SUSE CVE-2015-0837 at NVD CVE-2015-5738 at SUSE CVE-2015-5738 at NVD CVE-2015-7511 at SUSE CVE-2015-7511 at NVD CVE-2016-6313 at SUSE CVE-2016-6313 at NVD CVE-2017-0379 at SUSE CVE-2017-0379 at NVD CVE-2017-7526 at SUSE CVE-2017-7526 at NVD CVE-2018-0495 at SUSE CVE-2018-0495 at NVD CVE-2019-12904 at SUSE CVE-2019-12904 at NVD CVE-2019-13627 at SUSE CVE-2019-13627 at NVD CVE-2021-3345 at SUSE CVE-2021-3345 at NVD CVE-2021-33560 at SUSE CVE-2021-33560 at NVD cpe:/o:suse:sle-micro:5.5 libgmp10-6.1.2-4.9.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libgmp10-6.1.2-4.9.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-43618 at SUSE CVE-2021-43618 at NVD cpe:/o:suse:sle-micro:5.5 libgraphite2-3-1.3.11-150000.4.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libgraphite2-3-1.3.11-150000.4.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-1521 at SUSE CVE-2016-1521 at NVD CVE-2017-5436 at SUSE CVE-2017-5436 at NVD CVE-2018-7999 at SUSE CVE-2018-7999 at NVD cpe:/o:suse:sle-micro:5.5 libharfbuzz-gobject0-3.4.0-150400.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libharfbuzz-gobject0-3.4.0-150400.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-33068 at SUSE CVE-2022-33068 at NVD CVE-2023-25193 at SUSE CVE-2023-25193 at NVD cpe:/o:suse:sle-micro:5.5 libhogweed6-3.8.1-150500.2.25 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libhogweed6-3.8.1-150500.2.25 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-8803 at SUSE CVE-2015-8803 at NVD CVE-2015-8804 at SUSE CVE-2015-8804 at NVD CVE-2015-8805 at SUSE CVE-2015-8805 at NVD CVE-2016-6489 at SUSE CVE-2016-6489 at NVD CVE-2018-16869 at SUSE CVE-2018-16869 at NVD CVE-2021-20305 at SUSE CVE-2021-20305 at NVD CVE-2021-3580 at SUSE CVE-2021-3580 at NVD cpe:/o:suse:sle-micro:5.5 libidn2-0-2.2.0-3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libidn2-0-2.2.0-3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-2059 at SUSE CVE-2015-2059 at NVD CVE-2015-8948 at SUSE CVE-2015-8948 at NVD CVE-2016-6261 at SUSE CVE-2016-6261 at NVD CVE-2016-6262 at SUSE CVE-2016-6262 at NVD CVE-2016-6263 at SUSE CVE-2016-6263 at NVD CVE-2019-12290 at SUSE CVE-2019-12290 at NVD CVE-2019-18224 at SUSE CVE-2019-18224 at NVD cpe:/o:suse:sle-micro:5.5 libjansson4-2.14-150000.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libjansson4-2.14-150000.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-6401 at SUSE CVE-2013-6401 at NVD cpe:/o:suse:sle-micro:5.5 libjbig2-2.1-3.2.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libjbig2-2.1-3.2.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-6369 at SUSE CVE-2013-6369 at NVD cpe:/o:suse:sle-micro:5.5 libjpeg8-8.2.2-150400.15.9 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libjpeg8-8.2.2-150400.15.9 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9092 at SUSE CVE-2014-9092 at NVD CVE-2017-15232 at SUSE CVE-2017-15232 at NVD CVE-2018-1152 at SUSE CVE-2018-1152 at NVD CVE-2018-11813 at SUSE CVE-2018-11813 at NVD CVE-2018-14498 at SUSE CVE-2018-14498 at NVD CVE-2018-19644 at SUSE CVE-2018-19644 at NVD CVE-2018-19664 at SUSE CVE-2018-19664 at NVD CVE-2018-20330 at SUSE CVE-2018-20330 at NVD CVE-2019-2201 at SUSE CVE-2019-2201 at NVD CVE-2020-13790 at SUSE CVE-2020-13790 at NVD CVE-2020-17541 at SUSE CVE-2020-17541 at NVD cpe:/o:suse:sle-micro:5.5 libjson-c3-0.13-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libjson-c3-0.13-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-6370 at SUSE CVE-2013-6370 at NVD CVE-2013-6371 at SUSE CVE-2013-6371 at NVD CVE-2020-12762 at SUSE CVE-2020-12762 at NVD cpe:/o:suse:sle-micro:5.5 libksba8-1.3.5-150000.4.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libksba8-1.3.5-150000.4.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9087 at SUSE CVE-2014-9087 at NVD CVE-2016-4574 at SUSE CVE-2016-4574 at NVD CVE-2016-4579 at SUSE CVE-2016-4579 at NVD CVE-2022-3515 at SUSE CVE-2022-3515 at NVD CVE-2022-47629 at SUSE CVE-2022-47629 at NVD cpe:/o:suse:sle-micro:5.5 liblcms2-2-2.12-150400.1.10 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the liblcms2-2-2.12-150400.1.10 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-16435 at SUSE CVE-2018-16435 at NVD cpe:/o:suse:sle-micro:5.5 libldap-2_4-2-2.4.46-150200.14.17.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libldap-2_4-2-2.4.46-150200.14.17.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-1545 at SUSE CVE-2015-1545 at NVD CVE-2015-1546 at SUSE CVE-2015-1546 at NVD CVE-2015-6908 at SUSE CVE-2015-6908 at NVD CVE-2017-17740 at SUSE CVE-2017-17740 at NVD CVE-2019-13057 at SUSE CVE-2019-13057 at NVD CVE-2019-13565 at SUSE CVE-2019-13565 at NVD CVE-2020-12243 at SUSE CVE-2020-12243 at NVD CVE-2020-15719 at SUSE CVE-2020-15719 at NVD CVE-2020-25692 at SUSE CVE-2020-25692 at NVD CVE-2020-25709 at SUSE CVE-2020-25709 at NVD CVE-2020-25710 at SUSE CVE-2020-25710 at NVD CVE-2020-36221 at SUSE CVE-2020-36221 at NVD CVE-2020-36222 at SUSE CVE-2020-36222 at NVD CVE-2020-36223 at SUSE CVE-2020-36223 at NVD CVE-2020-36224 at SUSE CVE-2020-36224 at NVD CVE-2020-36225 at SUSE CVE-2020-36225 at NVD CVE-2020-36226 at SUSE CVE-2020-36226 at NVD CVE-2020-36227 at SUSE CVE-2020-36227 at NVD CVE-2020-36228 at SUSE CVE-2020-36228 at NVD CVE-2020-36229 at SUSE CVE-2020-36229 at NVD CVE-2020-36230 at SUSE CVE-2020-36230 at NVD CVE-2020-8023 at SUSE CVE-2020-8023 at NVD CVE-2020-8027 at SUSE CVE-2020-8027 at NVD CVE-2021-27212 at SUSE CVE-2021-27212 at NVD CVE-2022-29155 at SUSE CVE-2022-29155 at NVD CVE-2023-2953 at SUSE CVE-2023-2953 at NVD cpe:/o:suse:sle-micro:5.5 libldb2-2.6.2-150500.1.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libldb2-2.6.2-150500.1.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3223 at SUSE CVE-2015-3223 at NVD CVE-2015-5330 at SUSE CVE-2015-5330 at NVD CVE-2018-1140 at SUSE CVE-2018-1140 at NVD CVE-2019-3824 at SUSE CVE-2019-3824 at NVD CVE-2020-10700 at SUSE CVE-2020-10700 at NVD CVE-2020-10730 at SUSE CVE-2020-10730 at NVD CVE-2020-27840 at SUSE CVE-2020-27840 at NVD CVE-2021-20277 at SUSE CVE-2021-20277 at NVD CVE-2021-3670 at SUSE CVE-2021-3670 at NVD CVE-2022-2031 at SUSE CVE-2022-2031 at NVD CVE-2022-32744 at SUSE CVE-2022-32744 at NVD CVE-2022-32745 at SUSE CVE-2022-32745 at NVD CVE-2022-32746 at SUSE CVE-2022-32746 at NVD CVE-2023-0614 at SUSE CVE-2023-0614 at NVD cpe:/o:suse:sle-micro:5.5 liblua5_3-5-5.3.6-3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the liblua5_3-5-5.3.6-3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-6706 at SUSE CVE-2019-6706 at NVD CVE-2020-24370 at SUSE CVE-2020-24370 at NVD CVE-2020-24371 at SUSE CVE-2020-24371 at NVD cpe:/o:suse:sle-micro:5.5 liblz4-1-1.9.3-150400.1.7 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the liblz4-1-1.9.3-150400.1.7 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-17543 at SUSE CVE-2019-17543 at NVD CVE-2021-3520 at SUSE CVE-2021-3520 at NVD cpe:/o:suse:sle-micro:5.5 liblzo2-2-2.10-2.22 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the liblzo2-2-2.10-2.22 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-4607 at SUSE CVE-2014-4607 at NVD cpe:/o:suse:sle-micro:5.5 libmicrohttpd12-0.9.57-150000.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libmicrohttpd12-0.9.57-150000.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2023-27371 at SUSE CVE-2023-27371 at NVD cpe:/o:suse:sle-micro:5.5 libmpfr6-4.0.2-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libmpfr6-4.0.2-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9474 at SUSE CVE-2014-9474 at NVD cpe:/o:suse:sle-micro:5.5 libmspack0-0.6-3.14.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libmspack0-0.6-3.14.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9556 at SUSE CVE-2014-9556 at NVD CVE-2017-11423 at SUSE CVE-2017-11423 at NVD CVE-2017-6419 at SUSE CVE-2017-6419 at NVD CVE-2018-14679 at SUSE CVE-2018-14679 at NVD CVE-2018-14681 at SUSE CVE-2018-14681 at NVD CVE-2018-14682 at SUSE CVE-2018-14682 at NVD CVE-2018-18584 at SUSE CVE-2018-18584 at NVD CVE-2018-18585 at SUSE CVE-2018-18585 at NVD CVE-2018-18586 at SUSE CVE-2018-18586 at NVD CVE-2019-1010305 at SUSE CVE-2019-1010305 at NVD cpe:/o:suse:sle-micro:5.5 libncurses6-6.1-150000.5.15.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libncurses6-6.1-150000.5.15.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-19211 at SUSE CVE-2018-19211 at NVD CVE-2019-17594 at SUSE CVE-2019-17594 at NVD CVE-2019-17595 at SUSE CVE-2019-17595 at NVD CVE-2021-39537 at SUSE CVE-2021-39537 at NVD CVE-2022-29458 at SUSE CVE-2022-29458 at NVD CVE-2023-29491 at SUSE CVE-2023-29491 at NVD cpe:/o:suse:sle-micro:5.5 libndp0-1.6-1.26 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libndp0-1.6-1.26 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-3698 at SUSE CVE-2016-3698 at NVD cpe:/o:suse:sle-micro:5.5 libnghttp2-14-1.40.0-6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libnghttp2-14-1.40.0-6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-1544 at SUSE CVE-2016-1544 at NVD CVE-2018-1000168 at SUSE CVE-2018-1000168 at NVD CVE-2019-18802 at SUSE CVE-2019-18802 at NVD CVE-2019-9511 at SUSE CVE-2019-9511 at NVD CVE-2019-9513 at SUSE CVE-2019-9513 at NVD CVE-2020-11080 at SUSE CVE-2020-11080 at NVD cpe:/o:suse:sle-micro:5.5 libonig4-6.7.0-150000.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libonig4-6.7.0-150000.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-13224 at SUSE CVE-2019-13224 at NVD CVE-2019-16163 at SUSE CVE-2019-16163 at NVD CVE-2019-19203 at SUSE CVE-2019-19203 at NVD CVE-2019-19204 at SUSE CVE-2019-19204 at NVD CVE-2019-19246 at SUSE CVE-2019-19246 at NVD CVE-2020-26159 at SUSE CVE-2020-26159 at NVD cpe:/o:suse:sle-micro:5.5 libopenssl-1_1-devel-1.1.1l-150500.17.15.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libopenssl-1_1-devel-1.1.1l-150500.17.15.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2002-20001 at SUSE CVE-2002-20001 at NVD CVE-2014-3513 at SUSE CVE-2014-3513 at NVD CVE-2014-3567 at SUSE CVE-2014-3567 at NVD CVE-2014-3568 at SUSE CVE-2014-3568 at NVD CVE-2014-3569 at SUSE CVE-2014-3569 at NVD CVE-2014-3570 at SUSE CVE-2014-3570 at NVD CVE-2014-3571 at SUSE CVE-2014-3571 at NVD CVE-2014-3572 at SUSE CVE-2014-3572 at NVD CVE-2014-8275 at SUSE CVE-2014-8275 at NVD CVE-2015-0204 at SUSE CVE-2015-0204 at NVD CVE-2015-0205 at SUSE CVE-2015-0205 at NVD CVE-2015-0206 at SUSE CVE-2015-0206 at NVD CVE-2015-0209 at SUSE CVE-2015-0209 at NVD CVE-2015-0286 at SUSE CVE-2015-0286 at NVD CVE-2015-0287 at SUSE CVE-2015-0287 at NVD CVE-2015-0288 at SUSE CVE-2015-0288 at NVD CVE-2015-0289 at SUSE CVE-2015-0289 at NVD CVE-2015-0293 at SUSE CVE-2015-0293 at NVD CVE-2015-1788 at SUSE CVE-2015-1788 at NVD CVE-2015-1789 at SUSE CVE-2015-1789 at NVD CVE-2015-1790 at SUSE CVE-2015-1790 at NVD CVE-2015-1791 at SUSE CVE-2015-1791 at NVD CVE-2015-1792 at SUSE CVE-2015-1792 at NVD CVE-2015-1793 at SUSE CVE-2015-1793 at NVD CVE-2015-1794 at SUSE CVE-2015-1794 at NVD CVE-2015-3193 at SUSE CVE-2015-3193 at NVD CVE-2015-3194 at SUSE CVE-2015-3194 at NVD CVE-2015-3195 at SUSE CVE-2015-3195 at NVD CVE-2015-3196 at SUSE CVE-2015-3196 at NVD CVE-2015-3197 at SUSE CVE-2015-3197 at NVD CVE-2016-0701 at SUSE CVE-2016-0701 at NVD CVE-2016-0702 at SUSE CVE-2016-0702 at NVD CVE-2016-0705 at SUSE CVE-2016-0705 at NVD CVE-2016-0797 at SUSE CVE-2016-0797 at NVD CVE-2016-0798 at SUSE CVE-2016-0798 at NVD CVE-2016-0800 at SUSE CVE-2016-0800 at NVD CVE-2016-2105 at SUSE CVE-2016-2105 at NVD CVE-2016-2106 at SUSE CVE-2016-2106 at NVD CVE-2016-2107 at SUSE CVE-2016-2107 at NVD CVE-2016-2109 at SUSE CVE-2016-2109 at NVD CVE-2016-2176 at SUSE CVE-2016-2176 at NVD CVE-2016-2177 at SUSE CVE-2016-2177 at NVD CVE-2016-2178 at SUSE CVE-2016-2178 at NVD CVE-2016-2179 at SUSE CVE-2016-2179 at NVD CVE-2016-2180 at SUSE CVE-2016-2180 at NVD CVE-2016-2181 at SUSE CVE-2016-2181 at NVD CVE-2016-2182 at SUSE CVE-2016-2182 at NVD CVE-2016-2183 at SUSE CVE-2016-2183 at NVD CVE-2016-6302 at SUSE CVE-2016-6302 at NVD CVE-2016-6303 at SUSE CVE-2016-6303 at NVD CVE-2016-6304 at SUSE CVE-2016-6304 at NVD CVE-2016-6306 at SUSE CVE-2016-6306 at NVD CVE-2016-7052 at SUSE CVE-2016-7052 at NVD CVE-2016-7055 at SUSE CVE-2016-7055 at NVD CVE-2016-7056 at SUSE CVE-2016-7056 at NVD CVE-2017-3731 at SUSE CVE-2017-3731 at NVD CVE-2017-3732 at SUSE CVE-2017-3732 at NVD CVE-2017-3735 at SUSE CVE-2017-3735 at NVD CVE-2017-3736 at SUSE CVE-2017-3736 at NVD CVE-2017-3738 at SUSE CVE-2017-3738 at NVD CVE-2018-0732 at SUSE CVE-2018-0732 at NVD CVE-2018-0734 at SUSE CVE-2018-0734 at NVD CVE-2018-0735 at SUSE CVE-2018-0735 at NVD CVE-2018-0737 at SUSE CVE-2018-0737 at NVD CVE-2018-0739 at SUSE CVE-2018-0739 at NVD CVE-2019-1543 at SUSE CVE-2019-1543 at NVD CVE-2019-1547 at SUSE CVE-2019-1547 at NVD CVE-2019-1549 at SUSE CVE-2019-1549 at NVD CVE-2019-1551 at SUSE CVE-2019-1551 at NVD CVE-2019-1563 at SUSE CVE-2019-1563 at NVD CVE-2020-1967 at SUSE CVE-2020-1967 at NVD CVE-2020-1971 at SUSE CVE-2020-1971 at NVD CVE-2021-23840 at SUSE CVE-2021-23840 at NVD CVE-2021-23841 at SUSE CVE-2021-23841 at NVD CVE-2021-3449 at SUSE CVE-2021-3449 at NVD CVE-2021-3450 at SUSE CVE-2021-3450 at NVD CVE-2021-3711 at SUSE CVE-2021-3711 at NVD CVE-2021-3712 at SUSE CVE-2021-3712 at NVD CVE-2022-0778 at SUSE CVE-2022-0778 at NVD CVE-2022-1292 at SUSE CVE-2022-1292 at NVD CVE-2022-2068 at SUSE CVE-2022-2068 at NVD CVE-2022-2097 at SUSE CVE-2022-2097 at NVD CVE-2022-4304 at SUSE CVE-2022-4304 at NVD CVE-2022-4450 at SUSE CVE-2022-4450 at NVD CVE-2023-0215 at SUSE CVE-2023-0215 at NVD CVE-2023-0286 at SUSE CVE-2023-0286 at NVD CVE-2023-0464 at SUSE CVE-2023-0464 at NVD CVE-2023-0465 at SUSE CVE-2023-0465 at NVD CVE-2023-0466 at SUSE CVE-2023-0466 at NVD CVE-2023-2650 at SUSE CVE-2023-2650 at NVD CVE-2023-3446 at SUSE CVE-2023-3446 at NVD CVE-2023-3817 at SUSE CVE-2023-3817 at NVD cpe:/o:suse:sle-micro:5.5 libopus0-1.3.1-150000.3.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libopus0-1.3.1-150000.3.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-0381 at SUSE CVE-2017-0381 at NVD cpe:/o:suse:sle-micro:5.5 libosinfo-1.10.0-150500.1.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libosinfo-1.10.0-150500.1.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-13313 at SUSE CVE-2019-13313 at NVD cpe:/o:suse:sle-micro:5.5 libp11-kit0-0.23.22-150500.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libp11-kit0-0.23.22-150500.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-29361 at SUSE CVE-2020-29361 at NVD CVE-2020-29362 at SUSE CVE-2020-29362 at NVD CVE-2020-29363 at SUSE CVE-2020-29363 at NVD cpe:/o:suse:sle-micro:5.5 libpango-1_0-0-1.50.4-150400.1.5 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpango-1_0-0-1.50.4-150400.1.5 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-15120 at SUSE CVE-2018-15120 at NVD cpe:/o:suse:sle-micro:5.5 libpcap1-1.10.1-150400.1.7 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpcap1-1.10.1-150400.1.7 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-16301 at SUSE CVE-2018-16301 at NVD CVE-2019-15161 at SUSE CVE-2019-15161 at NVD CVE-2019-15162 at SUSE CVE-2019-15162 at NVD CVE-2019-15163 at SUSE CVE-2019-15163 at NVD CVE-2019-15164 at SUSE CVE-2019-15164 at NVD CVE-2019-15165 at SUSE CVE-2019-15165 at NVD cpe:/o:suse:sle-micro:5.5 libpcre1-8.45-150000.20.13.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpcre1-8.45-150000.20.13.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8964 at SUSE CVE-2014-8964 at NVD CVE-2015-2325 at SUSE CVE-2015-2325 at NVD CVE-2015-2326 at SUSE CVE-2015-2326 at NVD CVE-2015-3217 at SUSE CVE-2015-3217 at NVD CVE-2016-1283 at SUSE CVE-2016-1283 at NVD CVE-2016-3191 at SUSE CVE-2016-3191 at NVD CVE-2017-6004 at SUSE CVE-2017-6004 at NVD CVE-2017-7186 at SUSE CVE-2017-7186 at NVD CVE-2017-7244 at SUSE CVE-2017-7244 at NVD CVE-2017-7245 at SUSE CVE-2017-7245 at NVD CVE-2017-7246 at SUSE CVE-2017-7246 at NVD CVE-2019-20838 at SUSE CVE-2019-20838 at NVD CVE-2020-14155 at SUSE CVE-2020-14155 at NVD CVE-2022-1586 at SUSE CVE-2022-1586 at NVD cpe:/o:suse:sle-micro:5.5 libpcre2-8-0-10.39-150400.4.9.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpcre2-8-0-10.39-150400.4.9.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8964 at SUSE CVE-2014-8964 at NVD CVE-2015-2325 at SUSE CVE-2015-2325 at NVD CVE-2015-2326 at SUSE CVE-2015-2326 at NVD CVE-2016-3191 at SUSE CVE-2016-3191 at NVD CVE-2017-7186 at SUSE CVE-2017-7186 at NVD CVE-2017-8786 at SUSE CVE-2017-8786 at NVD CVE-2022-1586 at SUSE CVE-2022-1586 at NVD CVE-2022-1587 at SUSE CVE-2022-1587 at NVD CVE-2022-41409 at SUSE CVE-2022-41409 at NVD cpe:/o:suse:sle-micro:5.5 libpcsclite1-1.9.4-150400.1.9 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpcsclite1-1.9.4-150400.1.9 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-10109 at SUSE CVE-2016-10109 at NVD cpe:/o:suse:sle-micro:5.5 libpixman-1-0-0.40.0-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpixman-1-0-0.40.0-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-44638 at SUSE CVE-2022-44638 at NVD cpe:/o:suse:sle-micro:5.5 libpng16-16-1.6.34-3.9.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpng16-16-1.6.34-3.9.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-8126 at SUSE CVE-2015-8126 at NVD CVE-2016-10087 at SUSE CVE-2016-10087 at NVD CVE-2016-5735 at SUSE CVE-2016-5735 at NVD CVE-2017-12652 at SUSE CVE-2017-12652 at NVD CVE-2018-13785 at SUSE CVE-2018-13785 at NVD CVE-2019-7317 at SUSE CVE-2019-7317 at NVD cpe:/o:suse:sle-micro:5.5 libpolkit-agent-1-0-121-150500.1.6 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpolkit-agent-1-0-121-150500.1.6 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3218 at SUSE CVE-2015-3218 at NVD CVE-2015-3255 at SUSE CVE-2015-3255 at NVD CVE-2015-3256 at SUSE CVE-2015-3256 at NVD CVE-2015-4625 at SUSE CVE-2015-4625 at NVD CVE-2018-1116 at SUSE CVE-2018-1116 at NVD CVE-2018-19788 at SUSE CVE-2018-19788 at NVD CVE-2019-6133 at SUSE CVE-2019-6133 at NVD CVE-2021-3560 at SUSE CVE-2021-3560 at NVD CVE-2021-4034 at SUSE CVE-2021-4034 at NVD CVE-2021-4115 at SUSE CVE-2021-4115 at NVD cpe:/o:suse:sle-micro:5.5 libprocps7-3.3.15-150000.7.34.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libprocps7-3.3.15-150000.7.34.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-1122 at SUSE CVE-2018-1122 at NVD CVE-2018-1123 at SUSE CVE-2018-1123 at NVD CVE-2018-1124 at SUSE CVE-2018-1124 at NVD CVE-2018-1125 at SUSE CVE-2018-1125 at NVD CVE-2018-1126 at SUSE CVE-2018-1126 at NVD CVE-2023-4016 at SUSE CVE-2023-4016 at NVD cpe:/o:suse:sle-micro:5.5 libprotobuf-lite20-3.9.2-150200.4.21.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libprotobuf-lite20-3.9.2-150200.4.21.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-22569 at SUSE CVE-2021-22569 at NVD CVE-2021-22570 at SUSE CVE-2021-22570 at NVD CVE-2022-1941 at SUSE CVE-2022-1941 at NVD CVE-2022-3171 at SUSE CVE-2022-3171 at NVD cpe:/o:suse:sle-micro:5.5 libproxy1-0.4.17-150400.1.8 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libproxy1-0.4.17-150400.1.8 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-25219 at SUSE CVE-2020-25219 at NVD CVE-2020-26154 at SUSE CVE-2020-26154 at NVD cpe:/o:suse:sle-micro:5.5 libpython3_6m1_0-3.6.15-150300.10.48.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libpython3_6m1_0-3.6.15-150300.10.48.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2007-4559 at SUSE CVE-2007-4559 at NVD CVE-2014-4650 at SUSE CVE-2014-4650 at NVD CVE-2015-20107 at SUSE CVE-2015-20107 at NVD CVE-2016-0772 at SUSE CVE-2016-0772 at NVD CVE-2016-1000110 at SUSE CVE-2016-1000110 at NVD CVE-2016-5636 at SUSE CVE-2016-5636 at NVD CVE-2016-5699 at SUSE CVE-2016-5699 at NVD CVE-2017-18207 at SUSE CVE-2017-18207 at NVD CVE-2018-1000802 at SUSE CVE-2018-1000802 at NVD CVE-2018-1060 at SUSE CVE-2018-1060 at NVD CVE-2018-1061 at SUSE CVE-2018-1061 at NVD CVE-2018-14647 at SUSE CVE-2018-14647 at NVD CVE-2018-20406 at SUSE CVE-2018-20406 at NVD CVE-2018-20852 at SUSE CVE-2018-20852 at NVD CVE-2019-10160 at SUSE CVE-2019-10160 at NVD CVE-2019-15903 at SUSE CVE-2019-15903 at NVD CVE-2019-16056 at SUSE CVE-2019-16056 at NVD CVE-2019-16935 at SUSE CVE-2019-16935 at NVD CVE-2019-18348 at SUSE CVE-2019-18348 at NVD CVE-2019-20907 at SUSE CVE-2019-20907 at NVD CVE-2019-20916 at SUSE CVE-2019-20916 at NVD CVE-2019-5010 at SUSE CVE-2019-5010 at NVD CVE-2019-9636 at SUSE CVE-2019-9636 at NVD CVE-2019-9674 at SUSE CVE-2019-9674 at NVD CVE-2019-9947 at SUSE CVE-2019-9947 at NVD CVE-2020-10735 at SUSE CVE-2020-10735 at NVD CVE-2020-14422 at SUSE CVE-2020-14422 at NVD CVE-2020-26116 at SUSE CVE-2020-26116 at NVD CVE-2020-27619 at SUSE CVE-2020-27619 at NVD CVE-2020-8492 at SUSE CVE-2020-8492 at NVD CVE-2021-23336 at SUSE CVE-2021-23336 at NVD CVE-2021-28861 at SUSE CVE-2021-28861 at NVD CVE-2021-3177 at SUSE CVE-2021-3177 at NVD CVE-2021-3426 at SUSE CVE-2021-3426 at NVD CVE-2021-3572 at SUSE CVE-2021-3572 at NVD CVE-2021-3733 at SUSE CVE-2021-3733 at NVD CVE-2021-3737 at SUSE CVE-2021-3737 at NVD CVE-2022-25236 at SUSE CVE-2022-25236 at NVD CVE-2022-37454 at SUSE CVE-2022-37454 at NVD CVE-2022-45061 at SUSE CVE-2022-45061 at NVD CVE-2023-24329 at SUSE CVE-2023-24329 at NVD cpe:/o:suse:sle-micro:5.5 librados2-16.2.11.58+g38d6afd3b78-150400.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the librados2-16.2.11.58+g38d6afd3b78-150400.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-16818 at SUSE CVE-2017-16818 at NVD CVE-2018-10861 at SUSE CVE-2018-10861 at NVD CVE-2018-1128 at SUSE CVE-2018-1128 at NVD CVE-2018-1129 at SUSE CVE-2018-1129 at NVD CVE-2018-16889 at SUSE CVE-2018-16889 at NVD CVE-2019-10222 at SUSE CVE-2019-10222 at NVD CVE-2019-3821 at SUSE CVE-2019-3821 at NVD CVE-2020-10736 at SUSE CVE-2020-10736 at NVD CVE-2020-1759 at SUSE CVE-2020-1759 at NVD CVE-2020-1760 at SUSE CVE-2020-1760 at NVD CVE-2020-25660 at SUSE CVE-2020-25660 at NVD CVE-2020-25678 at SUSE CVE-2020-25678 at NVD CVE-2020-27781 at SUSE CVE-2020-27781 at NVD CVE-2020-27839 at SUSE CVE-2020-27839 at NVD CVE-2021-20288 at SUSE CVE-2021-20288 at NVD CVE-2021-3509 at SUSE CVE-2021-3509 at NVD CVE-2021-3524 at SUSE CVE-2021-3524 at NVD CVE-2021-3531 at SUSE CVE-2021-3531 at NVD CVE-2021-3979 at SUSE CVE-2021-3979 at NVD CVE-2022-0670 at SUSE CVE-2022-0670 at NVD CVE-2022-3650 at SUSE CVE-2022-3650 at NVD CVE-2022-3854 at SUSE CVE-2022-3854 at NVD cpe:/o:suse:sle-micro:5.5 libseccomp2-2.5.3-150400.2.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libseccomp2-2.5.3-150400.2.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-9893 at SUSE CVE-2019-9893 at NVD cpe:/o:suse:sle-micro:5.5 libsepol2-3.4-150500.1.18 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsepol2-3.4-150500.1.18 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-36085 at SUSE CVE-2021-36085 at NVD CVE-2021-36086 at SUSE CVE-2021-36086 at NVD CVE-2021-36087 at SUSE CVE-2021-36087 at NVD cpe:/o:suse:sle-micro:5.5 libsha1detectcoll1-1.0.3-2.18 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsha1detectcoll1-1.0.3-2.18 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2005-4900 at SUSE CVE-2005-4900 at NVD cpe:/o:suse:sle-micro:5.5 libslirp0-4.7.0+44-150500.2.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libslirp0-4.7.0+44-150500.2.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-10756 at SUSE CVE-2020-10756 at NVD CVE-2020-1983 at SUSE CVE-2020-1983 at NVD CVE-2021-3592 at SUSE CVE-2021-3592 at NVD CVE-2021-3593 at SUSE CVE-2021-3593 at NVD CVE-2021-3594 at SUSE CVE-2021-3594 at NVD CVE-2021-3595 at SUSE CVE-2021-3595 at NVD cpe:/o:suse:sle-micro:5.5 libsnmp40-5.9.3-150300.15.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsnmp40-5.9.3-150300.15.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-5621 at SUSE CVE-2015-5621 at NVD CVE-2018-18065 at SUSE CVE-2018-18065 at NVD CVE-2020-15862 at SUSE CVE-2020-15862 at NVD CVE-2022-24805 at SUSE CVE-2022-24805 at NVD CVE-2022-24806 at SUSE CVE-2022-24806 at NVD CVE-2022-24807 at SUSE CVE-2022-24807 at NVD CVE-2022-24808 at SUSE CVE-2022-24808 at NVD CVE-2022-24809 at SUSE CVE-2022-24809 at NVD CVE-2022-24810 at SUSE CVE-2022-24810 at NVD CVE-2022-44792 at SUSE CVE-2022-44792 at NVD CVE-2022-44793 at SUSE CVE-2022-44793 at NVD cpe:/o:suse:sle-micro:5.5 libsolv-tools-0.7.24-150400.3.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsolv-tools-0.7.24-150400.3.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-20532 at SUSE CVE-2018-20532 at NVD CVE-2018-20533 at SUSE CVE-2018-20533 at NVD CVE-2018-20534 at SUSE CVE-2018-20534 at NVD cpe:/o:suse:sle-micro:5.5 libsoup-2_4-1-2.74.2-150400.1.6 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsoup-2_4-1-2.74.2-150400.1.6 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-2885 at SUSE CVE-2017-2885 at NVD CVE-2018-12910 at SUSE CVE-2018-12910 at NVD cpe:/o:suse:sle-micro:5.5 libspice-server1-0.15.0-150400.2.8 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libspice-server1-0.15.0-150400.2.8 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-4282 at SUSE CVE-2013-4282 at NVD CVE-2015-3247 at SUSE CVE-2015-3247 at NVD CVE-2015-5260 at SUSE CVE-2015-5260 at NVD CVE-2015-5261 at SUSE CVE-2015-5261 at NVD CVE-2016-0749 at SUSE CVE-2016-0749 at NVD CVE-2016-2150 at SUSE CVE-2016-2150 at NVD CVE-2016-9577 at SUSE CVE-2016-9577 at NVD CVE-2016-9578 at SUSE CVE-2016-9578 at NVD CVE-2018-10873 at SUSE CVE-2018-10873 at NVD CVE-2018-10893 at SUSE CVE-2018-10893 at NVD CVE-2019-3813 at SUSE CVE-2019-3813 at NVD CVE-2020-14355 at SUSE CVE-2020-14355 at NVD CVE-2021-20201 at SUSE CVE-2021-20201 at NVD cpe:/o:suse:sle-micro:5.5 libsqlite3-0-3.39.3-150000.3.20.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsqlite3-0-3.39.3-150000.3.20.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3414 at SUSE CVE-2015-3414 at NVD CVE-2015-3415 at SUSE CVE-2015-3415 at NVD CVE-2018-20346 at SUSE CVE-2018-20346 at NVD CVE-2018-8740 at SUSE CVE-2018-8740 at NVD CVE-2019-16168 at SUSE CVE-2019-16168 at NVD CVE-2019-19244 at SUSE CVE-2019-19244 at NVD CVE-2019-19317 at SUSE CVE-2019-19317 at NVD CVE-2019-19603 at SUSE CVE-2019-19603 at NVD CVE-2019-19645 at SUSE CVE-2019-19645 at NVD CVE-2019-19646 at SUSE CVE-2019-19646 at NVD CVE-2019-19880 at SUSE CVE-2019-19880 at NVD CVE-2019-19923 at SUSE CVE-2019-19923 at NVD CVE-2019-19924 at SUSE CVE-2019-19924 at NVD CVE-2019-19925 at SUSE CVE-2019-19925 at NVD CVE-2019-19926 at SUSE CVE-2019-19926 at NVD CVE-2019-19959 at SUSE CVE-2019-19959 at NVD CVE-2019-20218 at SUSE CVE-2019-20218 at NVD CVE-2019-9936 at SUSE CVE-2019-9936 at NVD CVE-2019-9937 at SUSE CVE-2019-9937 at NVD CVE-2020-13434 at SUSE CVE-2020-13434 at NVD CVE-2020-13435 at SUSE CVE-2020-13435 at NVD CVE-2020-13630 at SUSE CVE-2020-13630 at NVD CVE-2020-13631 at SUSE CVE-2020-13631 at NVD CVE-2020-13632 at SUSE CVE-2020-13632 at NVD CVE-2020-15358 at SUSE CVE-2020-15358 at NVD CVE-2020-9327 at SUSE CVE-2020-9327 at NVD CVE-2021-36690 at SUSE CVE-2021-36690 at NVD CVE-2022-35737 at SUSE CVE-2022-35737 at NVD CVE-2022-46908 at SUSE CVE-2022-46908 at NVD cpe:/o:suse:sle-micro:5.5 libssh-config-0.9.6-150400.1.5 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libssh-config-0.9.6-150400.1.5 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8132 at SUSE CVE-2014-8132 at NVD CVE-2015-3146 at SUSE CVE-2015-3146 at NVD CVE-2018-10933 at SUSE CVE-2018-10933 at NVD CVE-2019-14889 at SUSE CVE-2019-14889 at NVD CVE-2020-16135 at SUSE CVE-2020-16135 at NVD CVE-2020-1730 at SUSE CVE-2020-1730 at NVD CVE-2021-3634 at SUSE CVE-2021-3634 at NVD cpe:/o:suse:sle-micro:5.5 libssh2-1-1.9.0-150000.4.16.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libssh2-1-1.9.0-150000.4.16.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-1782 at SUSE CVE-2015-1782 at NVD CVE-2016-0787 at SUSE CVE-2016-0787 at NVD CVE-2019-17498 at SUSE CVE-2019-17498 at NVD CVE-2019-3855 at SUSE CVE-2019-3855 at NVD CVE-2019-3856 at SUSE CVE-2019-3856 at NVD CVE-2019-3857 at SUSE CVE-2019-3857 at NVD CVE-2019-3858 at SUSE CVE-2019-3858 at NVD CVE-2019-3859 at SUSE CVE-2019-3859 at NVD CVE-2019-3860 at SUSE CVE-2019-3860 at NVD CVE-2019-3861 at SUSE CVE-2019-3861 at NVD CVE-2019-3862 at SUSE CVE-2019-3862 at NVD CVE-2019-3863 at SUSE CVE-2019-3863 at NVD CVE-2020-22218 at SUSE CVE-2020-22218 at NVD cpe:/o:suse:sle-micro:5.5 libsss_certmap0-2.5.2-150500.10.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsss_certmap0-2.5.2-150500.10.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-12173 at SUSE CVE-2017-12173 at NVD CVE-2018-10852 at SUSE CVE-2018-10852 at NVD CVE-2018-16838 at SUSE CVE-2018-16838 at NVD CVE-2019-3811 at SUSE CVE-2019-3811 at NVD CVE-2021-3621 at SUSE CVE-2021-3621 at NVD cpe:/o:suse:sle-micro:5.5 libsystemd0-249.16-150400.8.33.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libsystemd0-249.16-150400.8.33.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-7510 at SUSE CVE-2015-7510 at NVD CVE-2016-10156 at SUSE CVE-2016-10156 at NVD CVE-2017-15908 at SUSE CVE-2017-15908 at NVD CVE-2017-18078 at SUSE CVE-2017-18078 at NVD CVE-2017-9445 at SUSE CVE-2017-9445 at NVD CVE-2018-15686 at SUSE CVE-2018-15686 at NVD CVE-2018-15687 at SUSE CVE-2018-15687 at NVD CVE-2018-15688 at SUSE CVE-2018-15688 at NVD CVE-2018-16864 at SUSE CVE-2018-16864 at NVD CVE-2018-16865 at SUSE CVE-2018-16865 at NVD CVE-2018-21029 at SUSE CVE-2018-21029 at NVD CVE-2018-6954 at SUSE CVE-2018-6954 at NVD CVE-2019-20386 at SUSE CVE-2019-20386 at NVD CVE-2019-3842 at SUSE CVE-2019-3842 at NVD CVE-2019-3843 at SUSE CVE-2019-3843 at NVD CVE-2019-3844 at SUSE CVE-2019-3844 at NVD CVE-2019-6454 at SUSE CVE-2019-6454 at NVD CVE-2020-13529 at SUSE CVE-2020-13529 at NVD CVE-2020-1712 at SUSE CVE-2020-1712 at NVD CVE-2021-33910 at SUSE CVE-2021-33910 at NVD CVE-2021-3997 at SUSE CVE-2021-3997 at NVD CVE-2022-3821 at SUSE CVE-2022-3821 at NVD CVE-2022-4415 at SUSE CVE-2022-4415 at NVD cpe:/o:suse:sle-micro:5.5 libtasn1-4.13-150000.4.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libtasn1-4.13-150000.4.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-2806 at SUSE CVE-2015-2806 at NVD CVE-2015-3622 at SUSE CVE-2015-3622 at NVD CVE-2016-4008 at SUSE CVE-2016-4008 at NVD CVE-2018-1000654 at SUSE CVE-2018-1000654 at NVD CVE-2018-6003 at SUSE CVE-2018-6003 at NVD CVE-2021-46848 at SUSE CVE-2021-46848 at NVD cpe:/o:suse:sle-micro:5.5 libtiff5-4.0.9-150000.45.28.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libtiff5-4.0.9-150000.45.28.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2012-4564 at SUSE CVE-2012-4564 at NVD CVE-2013-1960 at SUSE CVE-2013-1960 at NVD CVE-2013-1961 at SUSE CVE-2013-1961 at NVD CVE-2013-4231 at SUSE CVE-2013-4231 at NVD CVE-2013-4232 at SUSE CVE-2013-4232 at NVD CVE-2013-4243 at SUSE CVE-2013-4243 at NVD CVE-2013-4244 at SUSE CVE-2013-4244 at NVD CVE-2014-8127 at SUSE CVE-2014-8127 at NVD CVE-2014-8128 at SUSE CVE-2014-8128 at NVD CVE-2014-8129 at SUSE CVE-2014-8129 at NVD CVE-2014-8130 at SUSE CVE-2014-8130 at NVD CVE-2014-9655 at SUSE CVE-2014-9655 at NVD CVE-2015-1547 at SUSE CVE-2015-1547 at NVD CVE-2015-7554 at SUSE CVE-2015-7554 at NVD CVE-2015-8665 at SUSE CVE-2015-8665 at NVD CVE-2015-8683 at SUSE CVE-2015-8683 at NVD CVE-2015-8781 at SUSE CVE-2015-8781 at NVD CVE-2015-8782 at SUSE CVE-2015-8782 at NVD CVE-2015-8783 at SUSE CVE-2015-8783 at NVD CVE-2016-10092 at SUSE CVE-2016-10092 at NVD CVE-2016-10093 at SUSE CVE-2016-10093 at NVD CVE-2016-10094 at SUSE CVE-2016-10094 at NVD CVE-2016-10095 at SUSE CVE-2016-10095 at NVD CVE-2016-10266 at SUSE CVE-2016-10266 at NVD CVE-2016-10267 at SUSE CVE-2016-10267 at NVD CVE-2016-10268 at SUSE CVE-2016-10268 at NVD CVE-2016-10269 at SUSE CVE-2016-10269 at NVD CVE-2016-10270 at SUSE CVE-2016-10270 at NVD CVE-2016-10271 at SUSE CVE-2016-10271 at NVD CVE-2016-10272 at SUSE CVE-2016-10272 at NVD CVE-2016-10371 at SUSE CVE-2016-10371 at NVD CVE-2016-3186 at SUSE CVE-2016-3186 at NVD CVE-2016-3622 at SUSE CVE-2016-3622 at NVD CVE-2016-3623 at SUSE CVE-2016-3623 at NVD CVE-2016-3658 at SUSE CVE-2016-3658 at NVD CVE-2016-3945 at SUSE CVE-2016-3945 at NVD CVE-2016-3990 at SUSE CVE-2016-3990 at NVD CVE-2016-3991 at SUSE CVE-2016-3991 at NVD CVE-2016-5314 at SUSE CVE-2016-5314 at NVD CVE-2016-5316 at SUSE CVE-2016-5316 at NVD CVE-2016-5317 at SUSE CVE-2016-5317 at NVD CVE-2016-5318 at SUSE CVE-2016-5318 at NVD CVE-2016-5320 at SUSE CVE-2016-5320 at NVD CVE-2016-5321 at SUSE CVE-2016-5321 at NVD CVE-2016-5323 at SUSE CVE-2016-5323 at NVD CVE-2016-5652 at SUSE CVE-2016-5652 at NVD CVE-2016-5875 at SUSE CVE-2016-5875 at NVD CVE-2016-6223 at SUSE CVE-2016-6223 at NVD CVE-2016-9273 at SUSE CVE-2016-9273 at NVD CVE-2016-9297 at SUSE CVE-2016-9297 at NVD CVE-2016-9448 at SUSE CVE-2016-9448 at NVD CVE-2016-9453 at SUSE CVE-2016-9453 at NVD CVE-2016-9538 at SUSE CVE-2016-9538 at NVD CVE-2017-11613 at SUSE CVE-2017-11613 at NVD CVE-2017-12944 at SUSE CVE-2017-12944 at NVD CVE-2017-16232 at SUSE CVE-2017-16232 at NVD CVE-2017-17095 at SUSE CVE-2017-17095 at NVD CVE-2017-18013 at SUSE CVE-2017-18013 at NVD CVE-2017-5225 at SUSE CVE-2017-5225 at NVD CVE-2017-7592 at SUSE CVE-2017-7592 at NVD CVE-2017-7593 at SUSE CVE-2017-7593 at NVD CVE-2017-7594 at SUSE CVE-2017-7594 at NVD CVE-2017-7595 at SUSE CVE-2017-7595 at NVD CVE-2017-7596 at SUSE CVE-2017-7596 at NVD CVE-2017-7597 at SUSE CVE-2017-7597 at NVD CVE-2017-7598 at SUSE CVE-2017-7598 at NVD CVE-2017-7599 at SUSE CVE-2017-7599 at NVD CVE-2017-7600 at SUSE CVE-2017-7600 at NVD CVE-2017-7601 at SUSE CVE-2017-7601 at NVD CVE-2017-7602 at SUSE CVE-2017-7602 at NVD CVE-2017-9403 at SUSE CVE-2017-9403 at NVD CVE-2017-9404 at SUSE CVE-2017-9404 at NVD CVE-2017-9935 at SUSE CVE-2017-9935 at NVD CVE-2017-9936 at SUSE CVE-2017-9936 at NVD CVE-2018-10779 at SUSE CVE-2018-10779 at NVD CVE-2018-10963 at SUSE CVE-2018-10963 at NVD CVE-2018-12900 at SUSE CVE-2018-12900 at NVD CVE-2018-16335 at SUSE CVE-2018-16335 at NVD CVE-2018-17000 at SUSE CVE-2018-17000 at NVD CVE-2018-17100 at SUSE CVE-2018-17100 at NVD CVE-2018-17101 at SUSE CVE-2018-17101 at NVD CVE-2018-17795 at SUSE CVE-2018-17795 at NVD CVE-2018-18557 at SUSE CVE-2018-18557 at NVD CVE-2018-18661 at SUSE CVE-2018-18661 at NVD CVE-2018-19210 at SUSE CVE-2018-19210 at NVD CVE-2018-5784 at SUSE CVE-2018-5784 at NVD CVE-2018-7456 at SUSE CVE-2018-7456 at NVD CVE-2018-8905 at SUSE CVE-2018-8905 at NVD CVE-2019-14973 at SUSE CVE-2019-14973 at NVD CVE-2019-17546 at SUSE CVE-2019-17546 at NVD CVE-2019-6128 at SUSE CVE-2019-6128 at NVD CVE-2019-7663 at SUSE CVE-2019-7663 at NVD CVE-2020-19131 at SUSE CVE-2020-19131 at NVD CVE-2020-35521 at SUSE CVE-2020-35521 at NVD CVE-2020-35522 at SUSE CVE-2020-35522 at NVD CVE-2020-35523 at SUSE CVE-2020-35523 at NVD CVE-2020-35524 at SUSE CVE-2020-35524 at NVD CVE-2022-0561 at SUSE CVE-2022-0561 at NVD CVE-2022-0562 at SUSE CVE-2022-0562 at NVD CVE-2022-0865 at SUSE CVE-2022-0865 at NVD CVE-2022-0891 at SUSE CVE-2022-0891 at NVD CVE-2022-0908 at SUSE CVE-2022-0908 at NVD CVE-2022-0909 at SUSE CVE-2022-0909 at NVD CVE-2022-0924 at SUSE CVE-2022-0924 at NVD CVE-2022-1056 at SUSE CVE-2022-1056 at NVD CVE-2022-2056 at SUSE CVE-2022-2056 at NVD CVE-2022-2057 at SUSE CVE-2022-2057 at NVD CVE-2022-2058 at SUSE CVE-2022-2058 at NVD CVE-2022-22844 at SUSE CVE-2022-22844 at NVD CVE-2022-2519 at SUSE CVE-2022-2519 at NVD CVE-2022-2520 at SUSE CVE-2022-2520 at NVD CVE-2022-2521 at SUSE CVE-2022-2521 at NVD CVE-2022-2867 at SUSE CVE-2022-2867 at NVD CVE-2022-2868 at SUSE CVE-2022-2868 at NVD CVE-2022-2869 at SUSE CVE-2022-2869 at NVD CVE-2022-34266 at SUSE CVE-2022-34266 at NVD CVE-2022-34526 at SUSE CVE-2022-34526 at NVD CVE-2022-3570 at SUSE CVE-2022-3570 at NVD CVE-2022-3597 at SUSE CVE-2022-3597 at NVD CVE-2022-3598 at SUSE CVE-2022-3598 at NVD CVE-2022-3599 at SUSE CVE-2022-3599 at NVD CVE-2022-3626 at SUSE CVE-2022-3626 at NVD CVE-2022-3627 at SUSE CVE-2022-3627 at NVD CVE-2022-3970 at SUSE CVE-2022-3970 at NVD CVE-2022-48281 at SUSE CVE-2022-48281 at NVD CVE-2023-0795 at SUSE CVE-2023-0795 at NVD CVE-2023-0796 at SUSE CVE-2023-0796 at NVD CVE-2023-0797 at SUSE CVE-2023-0797 at NVD CVE-2023-0798 at SUSE CVE-2023-0798 at NVD CVE-2023-0799 at SUSE CVE-2023-0799 at NVD CVE-2023-0800 at SUSE CVE-2023-0800 at NVD CVE-2023-0801 at SUSE CVE-2023-0801 at NVD CVE-2023-0802 at SUSE CVE-2023-0802 at NVD CVE-2023-0803 at SUSE CVE-2023-0803 at NVD CVE-2023-0804 at SUSE CVE-2023-0804 at NVD cpe:/o:suse:sle-micro:5.5 libtirpc-netconfig-1.2.6-150300.3.17.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libtirpc-netconfig-1.2.6-150300.3.17.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-4429 at SUSE CVE-2016-4429 at NVD CVE-2021-46828 at SUSE CVE-2021-46828 at NVD cpe:/o:suse:sle-micro:5.5 libtpms0-0.8.2-150300.3.9.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libtpms0-0.8.2-150300.3.9.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-3446 at SUSE CVE-2021-3446 at NVD CVE-2021-3505 at SUSE CVE-2021-3505 at NVD CVE-2021-3623 at SUSE CVE-2021-3623 at NVD CVE-2021-3746 at SUSE CVE-2021-3746 at NVD CVE-2023-1017 at SUSE CVE-2023-1017 at NVD CVE-2023-1018 at SUSE CVE-2023-1018 at NVD cpe:/o:suse:sle-micro:5.5 libtss2-esys0-3.1.0-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libtss2-esys0-3.1.0-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-24455 at SUSE CVE-2020-24455 at NVD CVE-2023-22745 at SUSE CVE-2023-22745 at NVD cpe:/o:suse:sle-micro:5.5 libudisks2-0-2.9.2-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libudisks2-0-2.9.2-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-17336 at SUSE CVE-2018-17336 at NVD CVE-2021-3802 at SUSE CVE-2021-3802 at NVD cpe:/o:suse:sle-micro:5.5 libunwind-1.5.0-4.5.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libunwind-1.5.0-4.5.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3239 at SUSE CVE-2015-3239 at NVD cpe:/o:suse:sle-micro:5.5 libvirglrenderer1-0.9.1-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libvirglrenderer1-0.9.1-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-10214 at SUSE CVE-2016-10214 at NVD CVE-2017-5937 at SUSE CVE-2017-5937 at NVD CVE-2017-5957 at SUSE CVE-2017-5957 at NVD CVE-2017-5993 at SUSE CVE-2017-5993 at NVD CVE-2017-5994 at SUSE CVE-2017-5994 at NVD CVE-2017-6386 at SUSE CVE-2017-6386 at NVD CVE-2019-18388 at SUSE CVE-2019-18388 at NVD CVE-2019-18389 at SUSE CVE-2019-18389 at NVD CVE-2019-18390 at SUSE CVE-2019-18390 at NVD CVE-2019-18391 at SUSE CVE-2019-18391 at NVD CVE-2019-18392 at SUSE CVE-2019-18392 at NVD CVE-2020-8002 at SUSE CVE-2020-8002 at NVD CVE-2020-8003 at SUSE CVE-2020-8003 at NVD CVE-2022-0135 at SUSE CVE-2022-0135 at NVD CVE-2022-0175 at SUSE CVE-2022-0175 at NVD cpe:/o:suse:sle-micro:5.5 libvirt-client-9.0.0-150500.6.11.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libvirt-client-9.0.0-150500.6.11.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-7823 at SUSE CVE-2014-7823 at NVD CVE-2014-8131 at SUSE CVE-2014-8131 at NVD CVE-2015-0236 at SUSE CVE-2015-0236 at NVD CVE-2015-5247 at SUSE CVE-2015-5247 at NVD CVE-2015-5313 at SUSE CVE-2015-5313 at NVD CVE-2017-1000256 at SUSE CVE-2017-1000256 at NVD CVE-2017-2635 at SUSE CVE-2017-2635 at NVD CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2018-1064 at SUSE CVE-2018-1064 at NVD CVE-2018-12126 at SUSE CVE-2018-12126 at NVD CVE-2018-12127 at SUSE CVE-2018-12127 at NVD CVE-2018-12130 at SUSE CVE-2018-12130 at NVD CVE-2018-3639 at SUSE CVE-2018-3639 at NVD CVE-2018-5748 at SUSE CVE-2018-5748 at NVD CVE-2019-10132 at SUSE CVE-2019-10132 at NVD CVE-2019-10161 at SUSE CVE-2019-10161 at NVD CVE-2019-10166 at SUSE CVE-2019-10166 at NVD CVE-2019-10167 at SUSE CVE-2019-10167 at NVD CVE-2019-10168 at SUSE CVE-2019-10168 at NVD CVE-2019-11091 at SUSE CVE-2019-11091 at NVD CVE-2019-11135 at SUSE CVE-2019-11135 at NVD CVE-2019-3886 at SUSE CVE-2019-3886 at NVD CVE-2020-10701 at SUSE CVE-2020-10701 at NVD CVE-2020-12430 at SUSE CVE-2020-12430 at NVD CVE-2020-14339 at SUSE CVE-2020-14339 at NVD CVE-2020-15708 at SUSE CVE-2020-15708 at NVD CVE-2020-25637 at SUSE CVE-2020-25637 at NVD CVE-2021-3631 at SUSE CVE-2021-3631 at NVD CVE-2021-3667 at SUSE CVE-2021-3667 at NVD CVE-2021-4147 at SUSE CVE-2021-4147 at NVD CVE-2022-0897 at SUSE CVE-2022-0897 at NVD CVE-2023-2700 at SUSE CVE-2023-2700 at NVD CVE-2023-3750 at SUSE CVE-2023-3750 at NVD cpe:/o:suse:sle-micro:5.5 libvmtools0-12.2.0-150300.33.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libvmtools0-12.2.0-150300.33.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-5191 at SUSE CVE-2015-5191 at NVD CVE-2022-31676 at SUSE CVE-2022-31676 at NVD CVE-2023-20867 at SUSE CVE-2023-20867 at NVD CVE-2023-20900 at SUSE CVE-2023-20900 at NVD cpe:/o:suse:sle-micro:5.5 libvorbis0-1.3.6-150000.4.5.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libvorbis0-1.3.6-150000.4.5.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-14160 at SUSE CVE-2017-14160 at NVD CVE-2017-14632 at SUSE CVE-2017-14632 at NVD CVE-2017-14633 at SUSE CVE-2017-14633 at NVD CVE-2018-10392 at SUSE CVE-2018-10392 at NVD CVE-2018-10393 at SUSE CVE-2018-10393 at NVD CVE-2018-5146 at SUSE CVE-2018-5146 at NVD cpe:/o:suse:sle-micro:5.5 libxkbcommon0-1.3.0-150400.1.13 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libxkbcommon0-1.3.0-150400.1.13 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-15853 at SUSE CVE-2018-15853 at NVD CVE-2018-15854 at SUSE CVE-2018-15854 at NVD CVE-2018-15855 at SUSE CVE-2018-15855 at NVD CVE-2018-15856 at SUSE CVE-2018-15856 at NVD CVE-2018-15857 at SUSE CVE-2018-15857 at NVD CVE-2018-15858 at SUSE CVE-2018-15858 at NVD CVE-2018-15859 at SUSE CVE-2018-15859 at NVD CVE-2018-15861 at SUSE CVE-2018-15861 at NVD CVE-2018-15862 at SUSE CVE-2018-15862 at NVD CVE-2018-15863 at SUSE CVE-2018-15863 at NVD CVE-2018-15864 at SUSE CVE-2018-15864 at NVD cpe:/o:suse:sle-micro:5.5 libxml2-2-2.10.3-150500.5.5.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libxml2-2-2.10.3-150500.5.5.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-0191 at SUSE CVE-2014-0191 at NVD CVE-2014-3660 at SUSE CVE-2014-3660 at NVD CVE-2015-1819 at SUSE CVE-2015-1819 at NVD CVE-2015-5312 at SUSE CVE-2015-5312 at NVD CVE-2015-7497 at SUSE CVE-2015-7497 at NVD CVE-2015-7498 at SUSE CVE-2015-7498 at NVD CVE-2015-7499 at SUSE CVE-2015-7499 at NVD CVE-2015-7500 at SUSE CVE-2015-7500 at NVD CVE-2015-7941 at SUSE CVE-2015-7941 at NVD CVE-2015-7942 at SUSE CVE-2015-7942 at NVD CVE-2015-8035 at SUSE CVE-2015-8035 at NVD CVE-2015-8242 at SUSE CVE-2015-8242 at NVD CVE-2016-1762 at SUSE CVE-2016-1762 at NVD CVE-2016-1833 at SUSE CVE-2016-1833 at NVD CVE-2016-1834 at SUSE CVE-2016-1834 at NVD CVE-2016-1835 at SUSE CVE-2016-1835 at NVD CVE-2016-1836 at SUSE CVE-2016-1836 at NVD CVE-2016-1837 at SUSE CVE-2016-1837 at NVD CVE-2016-1838 at SUSE CVE-2016-1838 at NVD CVE-2016-1839 at SUSE CVE-2016-1839 at NVD CVE-2016-1840 at SUSE CVE-2016-1840 at NVD CVE-2016-3627 at SUSE CVE-2016-3627 at NVD CVE-2016-3705 at SUSE CVE-2016-3705 at NVD CVE-2016-4483 at SUSE CVE-2016-4483 at NVD CVE-2016-4658 at SUSE CVE-2016-4658 at NVD CVE-2017-0663 at SUSE CVE-2017-0663 at NVD CVE-2017-5969 at SUSE CVE-2017-5969 at NVD CVE-2017-9047 at SUSE CVE-2017-9047 at NVD CVE-2017-9048 at SUSE CVE-2017-9048 at NVD CVE-2017-9049 at SUSE CVE-2017-9049 at NVD CVE-2018-14404 at SUSE CVE-2018-14404 at NVD CVE-2018-14567 at SUSE CVE-2018-14567 at NVD CVE-2018-9251 at SUSE CVE-2018-9251 at NVD CVE-2019-19956 at SUSE CVE-2019-19956 at NVD CVE-2019-20388 at SUSE CVE-2019-20388 at NVD CVE-2020-24977 at SUSE CVE-2020-24977 at NVD CVE-2020-7595 at SUSE CVE-2020-7595 at NVD CVE-2021-3516 at SUSE CVE-2021-3516 at NVD CVE-2021-3517 at SUSE CVE-2021-3517 at NVD CVE-2021-3518 at SUSE CVE-2021-3518 at NVD CVE-2021-3537 at SUSE CVE-2021-3537 at NVD CVE-2021-3541 at SUSE CVE-2021-3541 at NVD CVE-2022-2309 at SUSE CVE-2022-2309 at NVD CVE-2022-23308 at SUSE CVE-2022-23308 at NVD CVE-2022-29824 at SUSE CVE-2022-29824 at NVD CVE-2022-40303 at SUSE CVE-2022-40303 at NVD CVE-2022-40304 at SUSE CVE-2022-40304 at NVD CVE-2023-28484 at SUSE CVE-2023-28484 at NVD CVE-2023-29469 at SUSE CVE-2023-29469 at NVD cpe:/o:suse:sle-micro:5.5 libxslt1-1.1.34-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libxslt1-1.1.34-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-7995 at SUSE CVE-2015-7995 at NVD CVE-2015-9019 at SUSE CVE-2015-9019 at NVD CVE-2016-4738 at SUSE CVE-2016-4738 at NVD CVE-2017-5029 at SUSE CVE-2017-5029 at NVD CVE-2019-11068 at SUSE CVE-2019-11068 at NVD CVE-2019-13117 at SUSE CVE-2019-13117 at NVD CVE-2019-13118 at SUSE CVE-2019-13118 at NVD CVE-2019-18197 at SUSE CVE-2019-18197 at NVD CVE-2021-30560 at SUSE CVE-2021-30560 at NVD cpe:/o:suse:sle-micro:5.5 libyajl2-2.1.0-150000.4.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libyajl2-2.1.0-150000.4.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-24795 at SUSE CVE-2022-24795 at NVD CVE-2023-33460 at SUSE CVE-2023-33460 at NVD cpe:/o:suse:sle-micro:5.5 libyaml-cpp0_6-0.6.3-150400.4.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libyaml-cpp0_6-0.6.3-150400.4.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-5950 at SUSE CVE-2017-5950 at NVD CVE-2018-20573 at SUSE CVE-2018-20573 at NVD CVE-2018-20574 at SUSE CVE-2018-20574 at NVD CVE-2019-6285 at SUSE CVE-2019-6285 at NVD CVE-2019-6292 at SUSE CVE-2019-6292 at NVD cpe:/o:suse:sle-micro:5.5 libz1-1.2.13-150500.2.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libz1-1.2.13-150500.2.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9843 at SUSE CVE-2016-9843 at NVD CVE-2018-25032 at SUSE CVE-2018-25032 at NVD CVE-2022-37434 at SUSE CVE-2022-37434 at NVD cpe:/o:suse:sle-micro:5.5 libzmq5-4.2.3-3.15.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libzmq5-4.2.3-3.15.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-7202 at SUSE CVE-2014-7202 at NVD CVE-2014-7203 at SUSE CVE-2014-7203 at NVD CVE-2014-9721 at SUSE CVE-2014-9721 at NVD CVE-2019-13132 at SUSE CVE-2019-13132 at NVD CVE-2019-6250 at SUSE CVE-2019-6250 at NVD CVE-2020-15166 at SUSE CVE-2020-15166 at NVD cpe:/o:suse:sle-micro:5.5 libzstd1-1.5.0-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libzstd1-1.5.0-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-11922 at SUSE CVE-2019-11922 at NVD CVE-2022-4899 at SUSE CVE-2022-4899 at NVD cpe:/o:suse:sle-micro:5.5 libzypp-17.31.20-150400.3.40.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the libzypp-17.31.20-150400.3.40.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-7435 at SUSE CVE-2017-7435 at NVD CVE-2017-7436 at SUSE CVE-2017-7436 at NVD CVE-2017-9269 at SUSE CVE-2017-9269 at NVD CVE-2017-9271 at SUSE CVE-2017-9271 at NVD CVE-2018-7685 at SUSE CVE-2018-7685 at NVD CVE-2019-18900 at SUSE CVE-2019-18900 at NVD cpe:/o:suse:sle-micro:5.5 login_defs-4.8.1-150500.1.10 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the login_defs-4.8.1-150500.1.10 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-7169 at SUSE CVE-2018-7169 at NVD cpe:/o:suse:sle-micro:5.5 logrotate-3.18.1-150400.3.7.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the logrotate-3.18.1-150400.3.7.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-3864 at SUSE CVE-2021-3864 at NVD CVE-2022-1348 at SUSE CVE-2022-1348 at NVD cpe:/o:suse:sle-micro:5.5 mozilla-nspr-4.35-150000.3.29.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the mozilla-nspr-4.35-150000.3.29.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-7183 at SUSE CVE-2015-7183 at NVD cpe:/o:suse:sle-micro:5.5 nfs-client-2.1.1-150500.20.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the nfs-client-2.1.1-150500.20.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-3689 at SUSE CVE-2019-3689 at NVD cpe:/o:suse:sle-micro:5.5 opensc-0.22.0-150400.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the opensc-0.22.0-150400.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-16391 at SUSE CVE-2018-16391 at NVD CVE-2018-16392 at SUSE CVE-2018-16392 at NVD CVE-2018-16393 at SUSE CVE-2018-16393 at NVD CVE-2018-16418 at SUSE CVE-2018-16418 at NVD CVE-2018-16419 at SUSE CVE-2018-16419 at NVD CVE-2018-16420 at SUSE CVE-2018-16420 at NVD CVE-2018-16421 at SUSE CVE-2018-16421 at NVD CVE-2018-16422 at SUSE CVE-2018-16422 at NVD CVE-2018-16423 at SUSE CVE-2018-16423 at NVD CVE-2018-16424 at SUSE CVE-2018-16424 at NVD CVE-2018-16425 at SUSE CVE-2018-16425 at NVD CVE-2018-16426 at SUSE CVE-2018-16426 at NVD CVE-2018-16427 at SUSE CVE-2018-16427 at NVD CVE-2019-15945 at SUSE CVE-2019-15945 at NVD CVE-2019-15946 at SUSE CVE-2019-15946 at NVD CVE-2019-19479 at SUSE CVE-2019-19479 at NVD CVE-2019-19480 at SUSE CVE-2019-19480 at NVD CVE-2019-20792 at SUSE CVE-2019-20792 at NVD CVE-2019-6502 at SUSE CVE-2019-6502 at NVD CVE-2020-26570 at SUSE CVE-2020-26570 at NVD CVE-2020-26571 at SUSE CVE-2020-26571 at NVD CVE-2020-26572 at SUSE CVE-2020-26572 at NVD CVE-2021-42779 at SUSE CVE-2021-42779 at NVD CVE-2021-42780 at SUSE CVE-2021-42780 at NVD CVE-2021-42781 at SUSE CVE-2021-42781 at NVD CVE-2021-42782 at SUSE CVE-2021-42782 at NVD CVE-2023-2977 at SUSE CVE-2023-2977 at NVD cpe:/o:suse:sle-micro:5.5 openslp-2.0.0-6.15.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the openslp-2.0.0-6.15.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-4912 at SUSE CVE-2016-4912 at NVD CVE-2016-7567 at SUSE CVE-2016-7567 at NVD CVE-2017-17833 at SUSE CVE-2017-17833 at NVD cpe:/o:suse:sle-micro:5.5 openssh-8.4p1-150300.3.22.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the openssh-8.4p1-150300.3.22.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-8325 at SUSE CVE-2015-8325 at NVD CVE-2016-0777 at SUSE CVE-2016-0777 at NVD CVE-2016-0778 at SUSE CVE-2016-0778 at NVD CVE-2016-10009 at SUSE CVE-2016-10009 at NVD CVE-2016-10010 at SUSE CVE-2016-10010 at NVD CVE-2016-10011 at SUSE CVE-2016-10011 at NVD CVE-2016-10012 at SUSE CVE-2016-10012 at NVD CVE-2016-6210 at SUSE CVE-2016-6210 at NVD CVE-2016-6515 at SUSE CVE-2016-6515 at NVD CVE-2016-8858 at SUSE CVE-2016-8858 at NVD CVE-2018-20685 at SUSE CVE-2018-20685 at NVD CVE-2019-6109 at SUSE CVE-2019-6109 at NVD CVE-2019-6110 at SUSE CVE-2019-6110 at NVD CVE-2019-6111 at SUSE CVE-2019-6111 at NVD CVE-2021-28041 at SUSE CVE-2021-28041 at NVD CVE-2021-41617 at SUSE CVE-2021-41617 at NVD CVE-2023-38408 at SUSE CVE-2023-38408 at NVD cpe:/o:suse:sle-micro:5.5 openssl-1.1.1l-150400.1.5 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the openssl-1.1.1l-150400.1.5 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3513 at SUSE CVE-2014-3513 at NVD CVE-2014-3567 at SUSE CVE-2014-3567 at NVD CVE-2014-3568 at SUSE CVE-2014-3568 at NVD CVE-2014-3569 at SUSE CVE-2014-3569 at NVD CVE-2014-3570 at SUSE CVE-2014-3570 at NVD CVE-2014-3571 at SUSE CVE-2014-3571 at NVD CVE-2014-3572 at SUSE CVE-2014-3572 at NVD CVE-2014-8275 at SUSE CVE-2014-8275 at NVD CVE-2015-0204 at SUSE CVE-2015-0204 at NVD CVE-2015-0205 at SUSE CVE-2015-0205 at NVD CVE-2015-0206 at SUSE CVE-2015-0206 at NVD CVE-2015-0209 at SUSE CVE-2015-0209 at NVD CVE-2015-0286 at SUSE CVE-2015-0286 at NVD CVE-2015-0287 at SUSE CVE-2015-0287 at NVD CVE-2015-0288 at SUSE CVE-2015-0288 at NVD CVE-2015-0289 at SUSE CVE-2015-0289 at NVD CVE-2015-0293 at SUSE CVE-2015-0293 at NVD CVE-2015-1788 at SUSE CVE-2015-1788 at NVD CVE-2015-1789 at SUSE CVE-2015-1789 at NVD CVE-2015-1790 at SUSE CVE-2015-1790 at NVD CVE-2015-1791 at SUSE CVE-2015-1791 at NVD CVE-2015-1792 at SUSE CVE-2015-1792 at NVD CVE-2015-1793 at SUSE CVE-2015-1793 at NVD CVE-2015-1794 at SUSE CVE-2015-1794 at NVD CVE-2015-3193 at SUSE CVE-2015-3193 at NVD CVE-2015-3194 at SUSE CVE-2015-3194 at NVD CVE-2015-3195 at SUSE CVE-2015-3195 at NVD CVE-2015-3196 at SUSE CVE-2015-3196 at NVD CVE-2015-3197 at SUSE CVE-2015-3197 at NVD CVE-2016-0701 at SUSE CVE-2016-0701 at NVD CVE-2016-0702 at SUSE CVE-2016-0702 at NVD CVE-2016-0705 at SUSE CVE-2016-0705 at NVD CVE-2016-0797 at SUSE CVE-2016-0797 at NVD CVE-2016-0798 at SUSE CVE-2016-0798 at NVD CVE-2016-0800 at SUSE CVE-2016-0800 at NVD CVE-2016-2105 at SUSE CVE-2016-2105 at NVD CVE-2016-2106 at SUSE CVE-2016-2106 at NVD CVE-2016-2107 at SUSE CVE-2016-2107 at NVD CVE-2016-2109 at SUSE CVE-2016-2109 at NVD CVE-2016-2176 at SUSE CVE-2016-2176 at NVD CVE-2016-2177 at SUSE CVE-2016-2177 at NVD CVE-2016-2178 at SUSE CVE-2016-2178 at NVD CVE-2016-2179 at SUSE CVE-2016-2179 at NVD CVE-2016-2180 at SUSE CVE-2016-2180 at NVD CVE-2016-2181 at SUSE CVE-2016-2181 at NVD CVE-2016-2182 at SUSE CVE-2016-2182 at NVD CVE-2016-2183 at SUSE CVE-2016-2183 at NVD CVE-2016-6302 at SUSE CVE-2016-6302 at NVD CVE-2016-6303 at SUSE CVE-2016-6303 at NVD CVE-2016-6304 at SUSE CVE-2016-6304 at NVD CVE-2016-6306 at SUSE CVE-2016-6306 at NVD CVE-2016-7052 at SUSE CVE-2016-7052 at NVD CVE-2016-7055 at SUSE CVE-2016-7055 at NVD CVE-2016-7056 at SUSE CVE-2016-7056 at NVD CVE-2017-3731 at SUSE CVE-2017-3731 at NVD CVE-2017-3732 at SUSE CVE-2017-3732 at NVD cpe:/o:suse:sle-micro:5.5 pam-1.3.0-150000.6.61.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the pam-1.3.0-150000.6.61.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3238 at SUSE CVE-2015-3238 at NVD CVE-2018-17953 at SUSE CVE-2018-17953 at NVD cpe:/o:suse:sle-micro:5.5 pam_u2f-1.2.0-150400.2.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the pam_u2f-1.2.0-150400.2.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-12209 at SUSE CVE-2019-12209 at NVD CVE-2019-12210 at SUSE CVE-2019-12210 at NVD CVE-2021-31924 at SUSE CVE-2021-31924 at NVD cpe:/o:suse:sle-micro:5.5 perl-5.26.1-150300.17.14.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the perl-5.26.1-150300.17.14.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-12837 at SUSE CVE-2017-12837 at NVD CVE-2017-12883 at SUSE CVE-2017-12883 at NVD CVE-2017-6512 at SUSE CVE-2017-6512 at NVD CVE-2018-12015 at SUSE CVE-2018-12015 at NVD CVE-2018-18311 at SUSE CVE-2018-18311 at NVD CVE-2018-18312 at SUSE CVE-2018-18312 at NVD CVE-2018-18313 at SUSE CVE-2018-18313 at NVD CVE-2018-18314 at SUSE CVE-2018-18314 at NVD CVE-2020-10543 at SUSE CVE-2020-10543 at NVD CVE-2020-10878 at SUSE CVE-2020-10878 at NVD CVE-2020-12723 at SUSE CVE-2020-12723 at NVD CVE-2023-31484 at SUSE CVE-2023-31484 at NVD cpe:/o:suse:sle-micro:5.5 perl-ExtUtils-MakeMaker-7.62-150400.1.5 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the perl-ExtUtils-MakeMaker-7.62-150400.1.5 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-1238 at SUSE CVE-2016-1238 at NVD cpe:/o:suse:sle-micro:5.5 permissions-20201225-150400.5.16.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the permissions-20201225-150400.5.16.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-3687 at SUSE CVE-2019-3687 at NVD CVE-2019-3688 at SUSE CVE-2019-3688 at NVD CVE-2019-3690 at SUSE CVE-2019-3690 at NVD CVE-2020-8013 at SUSE CVE-2020-8013 at NVD CVE-2020-8025 at SUSE CVE-2020-8025 at NVD CVE-2022-31252 at SUSE CVE-2022-31252 at NVD cpe:/o:suse:sle-micro:5.5 podman-4.4.4-150500.1.4 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the podman-4.4.4-150500.1.4 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-10856 at SUSE CVE-2018-10856 at NVD CVE-2019-10152 at SUSE CVE-2019-10152 at NVD CVE-2019-10214 at SUSE CVE-2019-10214 at NVD CVE-2020-14370 at SUSE CVE-2020-14370 at NVD CVE-2020-1726 at SUSE CVE-2020-1726 at NVD CVE-2021-20199 at SUSE CVE-2021-20199 at NVD CVE-2021-20206 at SUSE CVE-2021-20206 at NVD CVE-2021-4024 at SUSE CVE-2021-4024 at NVD CVE-2021-41190 at SUSE CVE-2021-41190 at NVD CVE-2022-1227 at SUSE CVE-2022-1227 at NVD CVE-2022-21698 at SUSE CVE-2022-21698 at NVD CVE-2022-27191 at SUSE CVE-2022-27191 at NVD CVE-2022-27649 at SUSE CVE-2022-27649 at NVD CVE-2022-2989 at SUSE CVE-2022-2989 at NVD CVE-2023-0778 at SUSE CVE-2023-0778 at NVD cpe:/o:suse:sle-micro:5.5 policycoreutils-3.4-150500.1.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the policycoreutils-3.4-150500.1.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-7545 at SUSE CVE-2016-7545 at NVD CVE-2018-1063 at SUSE CVE-2018-1063 at NVD cpe:/o:suse:sle-micro:5.5 powerpc-utils-1.3.11-150500.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the powerpc-utils-1.3.11-150500.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-4040 at SUSE CVE-2014-4040 at NVD cpe:/o:suse:sle-micro:5.5 ppp-2.4.7-150000.5.10.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the ppp-2.4.7-150000.5.10.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-3310 at SUSE CVE-2015-3310 at NVD CVE-2020-8597 at SUSE CVE-2020-8597 at NVD cpe:/o:suse:sle-micro:5.5 procmail-3.22-2.34 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the procmail-3.22-2.34 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3618 at SUSE CVE-2014-3618 at NVD CVE-2017-16844 at SUSE CVE-2017-16844 at NVD cpe:/o:suse:sle-micro:5.5 python3-Babel-2.8.0-3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-Babel-2.8.0-3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2021-42771 at SUSE CVE-2021-42771 at NVD cpe:/o:suse:sle-micro:5.5 python3-Jinja2-2.10.1-3.10.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-Jinja2-2.10.1-3.10.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-10745 at SUSE CVE-2016-10745 at NVD CVE-2019-10906 at SUSE CVE-2019-10906 at NVD CVE-2019-8341 at SUSE CVE-2019-8341 at NVD CVE-2020-28493 at SUSE CVE-2020-28493 at NVD cpe:/o:suse:sle-micro:5.5 python3-M2Crypto-0.38.0-150400.7.64 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-M2Crypto-0.38.0-150400.7.64 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-25657 at SUSE CVE-2020-25657 at NVD cpe:/o:suse:sle-micro:5.5 python3-PyYAML-5.4.1-1.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-PyYAML-5.4.1-1.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-18342 at SUSE CVE-2017-18342 at NVD CVE-2020-14343 at SUSE CVE-2020-14343 at NVD cpe:/o:suse:sle-micro:5.5 python3-certifi-2018.1.18-150000.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-certifi-2018.1.18-150000.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-23491 at SUSE CVE-2022-23491 at NVD cpe:/o:suse:sle-micro:5.5 python3-configobj-5.0.6-150000.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-configobj-5.0.6-150000.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2023-26112 at SUSE CVE-2023-26112 at NVD cpe:/o:suse:sle-micro:5.5 python3-cryptography-3.3.2-150400.16.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-cryptography-3.3.2-150400.16.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-25659 at SUSE CVE-2020-25659 at NVD CVE-2020-36242 at SUSE CVE-2020-36242 at NVD CVE-2023-23931 at SUSE CVE-2023-23931 at NVD cpe:/o:suse:sle-micro:5.5 python3-future-0.18.2-150300.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-future-0.18.2-150300.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2022-40899 at SUSE CVE-2022-40899 at NVD cpe:/o:suse:sle-micro:5.5 python3-lxml-4.9.1-150500.1.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-lxml-4.9.1-150500.1.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-19787 at SUSE CVE-2018-19787 at NVD CVE-2020-27783 at SUSE CVE-2020-27783 at NVD CVE-2021-28957 at SUSE CVE-2021-28957 at NVD CVE-2021-43818 at SUSE CVE-2021-43818 at NVD CVE-2022-2309 at SUSE CVE-2022-2309 at NVD cpe:/o:suse:sle-micro:5.5 python3-py-1.10.0-150100.5.12.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-py-1.10.0-150100.5.12.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-29651 at SUSE CVE-2020-29651 at NVD CVE-2022-42969 at SUSE CVE-2022-42969 at NVD cpe:/o:suse:sle-micro:5.5 python3-requests-2.24.0-150300.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-requests-2.24.0-150300.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-2296 at SUSE CVE-2015-2296 at NVD CVE-2018-18074 at SUSE CVE-2018-18074 at NVD CVE-2023-32681 at SUSE CVE-2023-32681 at NVD cpe:/o:suse:sle-micro:5.5 python3-rsa-3.4.2-150000.3.7.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-rsa-3.4.2-150000.3.7.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-13757 at SUSE CVE-2020-13757 at NVD CVE-2020-25658 at SUSE CVE-2020-25658 at NVD cpe:/o:suse:sle-micro:5.5 python3-salt-3006.0-150500.4.12.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-salt-3006.0-150500.4.12.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-1866 at SUSE CVE-2016-1866 at NVD CVE-2016-9639 at SUSE CVE-2016-9639 at NVD CVE-2017-12791 at SUSE CVE-2017-12791 at NVD CVE-2017-14695 at SUSE CVE-2017-14695 at NVD CVE-2017-14696 at SUSE CVE-2017-14696 at NVD CVE-2018-15750 at SUSE CVE-2018-15750 at NVD CVE-2018-15751 at SUSE CVE-2018-15751 at NVD CVE-2019-17361 at SUSE CVE-2019-17361 at NVD CVE-2019-18897 at SUSE CVE-2019-18897 at NVD CVE-2020-11651 at SUSE CVE-2020-11651 at NVD CVE-2020-11652 at SUSE CVE-2020-11652 at NVD CVE-2020-16846 at SUSE CVE-2020-16846 at NVD CVE-2020-17490 at SUSE CVE-2020-17490 at NVD CVE-2020-25592 at SUSE CVE-2020-25592 at NVD CVE-2020-28243 at SUSE CVE-2020-28243 at NVD CVE-2020-28972 at SUSE CVE-2020-28972 at NVD CVE-2020-35662 at SUSE CVE-2020-35662 at NVD CVE-2021-21996 at SUSE CVE-2021-21996 at NVD CVE-2021-25281 at SUSE CVE-2021-25281 at NVD CVE-2021-25282 at SUSE CVE-2021-25282 at NVD CVE-2021-25283 at SUSE CVE-2021-25283 at NVD CVE-2021-25284 at SUSE CVE-2021-25284 at NVD CVE-2021-25315 at SUSE CVE-2021-25315 at NVD CVE-2021-3144 at SUSE CVE-2021-3144 at NVD CVE-2021-3148 at SUSE CVE-2021-3148 at NVD CVE-2021-31607 at SUSE CVE-2021-31607 at NVD CVE-2021-3197 at SUSE CVE-2021-3197 at NVD CVE-2022-22934 at SUSE CVE-2022-22934 at NVD CVE-2022-22935 at SUSE CVE-2022-22935 at NVD CVE-2022-22936 at SUSE CVE-2022-22936 at NVD CVE-2022-22941 at SUSE CVE-2022-22941 at NVD CVE-2022-22967 at SUSE CVE-2022-22967 at NVD CVE-2023-28370 at SUSE CVE-2023-28370 at NVD cpe:/o:suse:sle-micro:5.5 python3-setuptools-44.1.1-150400.9.3.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-setuptools-44.1.1-150400.9.3.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-20916 at SUSE CVE-2019-20916 at NVD cpe:/o:suse:sle-micro:5.5 python3-tornado-4.5.3-150000.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-tornado-4.5.3-150000.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2023-28370 at SUSE CVE-2023-28370 at NVD cpe:/o:suse:sle-micro:5.5 python3-urllib3-1.25.10-4.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the python3-urllib3-1.25.10-4.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9015 at SUSE CVE-2016-9015 at NVD CVE-2018-20060 at SUSE CVE-2018-20060 at NVD CVE-2019-11236 at SUSE CVE-2019-11236 at NVD CVE-2019-11324 at SUSE CVE-2019-11324 at NVD CVE-2019-9740 at SUSE CVE-2019-9740 at NVD CVE-2020-26137 at SUSE CVE-2020-26137 at NVD CVE-2021-33503 at SUSE CVE-2021-33503 at NVD cpe:/o:suse:sle-micro:5.5 qemu-7.1.0-150500.49.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the qemu-7.1.0-150500.49.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-0222 at SUSE CVE-2014-0222 at NVD CVE-2014-0223 at SUSE CVE-2014-0223 at NVD CVE-2014-3461 at SUSE CVE-2014-3461 at NVD CVE-2014-3640 at SUSE CVE-2014-3640 at NVD CVE-2014-7840 at SUSE CVE-2014-7840 at NVD CVE-2014-8106 at SUSE CVE-2014-8106 at NVD CVE-2015-1779 at SUSE CVE-2015-1779 at NVD CVE-2015-3209 at SUSE CVE-2015-3209 at NVD CVE-2015-3456 at SUSE CVE-2015-3456 at NVD CVE-2015-4037 at SUSE CVE-2015-4037 at NVD CVE-2015-5154 at SUSE CVE-2015-5154 at NVD CVE-2015-5225 at SUSE CVE-2015-5225 at NVD CVE-2015-5278 at SUSE CVE-2015-5278 at NVD CVE-2015-5279 at SUSE CVE-2015-5279 at NVD CVE-2015-5745 at SUSE CVE-2015-5745 at NVD CVE-2015-6815 at SUSE CVE-2015-6815 at NVD CVE-2015-6855 at SUSE CVE-2015-6855 at NVD CVE-2015-7295 at SUSE CVE-2015-7295 at NVD CVE-2015-7512 at SUSE CVE-2015-7512 at NVD CVE-2015-7549 at SUSE CVE-2015-7549 at NVD CVE-2015-8345 at SUSE CVE-2015-8345 at NVD CVE-2015-8504 at SUSE CVE-2015-8504 at NVD CVE-2015-8558 at SUSE CVE-2015-8558 at NVD CVE-2015-8567 at SUSE CVE-2015-8567 at NVD CVE-2015-8568 at SUSE CVE-2015-8568 at NVD CVE-2015-8613 at SUSE CVE-2015-8613 at NVD CVE-2015-8619 at SUSE CVE-2015-8619 at NVD CVE-2015-8743 at SUSE CVE-2015-8743 at NVD CVE-2015-8744 at SUSE CVE-2015-8744 at NVD CVE-2015-8745 at SUSE CVE-2015-8745 at NVD CVE-2016-10028 at SUSE CVE-2016-10028 at NVD CVE-2016-10155 at SUSE CVE-2016-10155 at NVD CVE-2016-1568 at SUSE CVE-2016-1568 at NVD CVE-2016-1714 at SUSE CVE-2016-1714 at NVD CVE-2016-1922 at SUSE CVE-2016-1922 at NVD CVE-2016-1981 at SUSE CVE-2016-1981 at NVD CVE-2016-2198 at SUSE CVE-2016-2198 at NVD CVE-2016-3710 at SUSE CVE-2016-3710 at NVD CVE-2016-3712 at SUSE CVE-2016-3712 at NVD CVE-2016-4002 at SUSE CVE-2016-4002 at NVD CVE-2016-4020 at SUSE CVE-2016-4020 at NVD CVE-2016-4439 at SUSE CVE-2016-4439 at NVD CVE-2016-4441 at SUSE CVE-2016-4441 at NVD CVE-2016-4453 at SUSE CVE-2016-4453 at NVD CVE-2016-4454 at SUSE CVE-2016-4454 at NVD CVE-2016-4952 at SUSE CVE-2016-4952 at NVD CVE-2016-4964 at SUSE CVE-2016-4964 at NVD CVE-2016-5105 at SUSE CVE-2016-5105 at NVD CVE-2016-5106 at SUSE CVE-2016-5106 at NVD CVE-2016-5107 at SUSE CVE-2016-5107 at NVD CVE-2016-5126 at SUSE CVE-2016-5126 at NVD CVE-2016-5238 at SUSE CVE-2016-5238 at NVD CVE-2016-5337 at SUSE CVE-2016-5337 at NVD CVE-2016-5338 at SUSE CVE-2016-5338 at NVD CVE-2016-5403 at SUSE CVE-2016-5403 at NVD CVE-2016-6351 at SUSE CVE-2016-6351 at NVD CVE-2016-6490 at SUSE CVE-2016-6490 at NVD CVE-2016-6833 at SUSE CVE-2016-6833 at NVD CVE-2016-6836 at SUSE CVE-2016-6836 at NVD CVE-2016-6888 at SUSE CVE-2016-6888 at NVD CVE-2016-7116 at SUSE CVE-2016-7116 at NVD CVE-2016-7155 at SUSE CVE-2016-7155 at NVD CVE-2016-7156 at SUSE CVE-2016-7156 at NVD CVE-2016-7157 at SUSE CVE-2016-7157 at NVD CVE-2016-7161 at SUSE CVE-2016-7161 at NVD CVE-2016-7170 at SUSE CVE-2016-7170 at NVD CVE-2016-7421 at SUSE CVE-2016-7421 at NVD CVE-2016-7422 at SUSE CVE-2016-7422 at NVD CVE-2016-7423 at SUSE CVE-2016-7423 at NVD CVE-2016-7466 at SUSE CVE-2016-7466 at NVD CVE-2016-7907 at SUSE CVE-2016-7907 at NVD CVE-2016-7908 at SUSE CVE-2016-7908 at NVD CVE-2016-7909 at SUSE CVE-2016-7909 at NVD CVE-2016-7994 at SUSE CVE-2016-7994 at NVD CVE-2016-7995 at SUSE CVE-2016-7995 at NVD CVE-2016-8576 at SUSE CVE-2016-8576 at NVD CVE-2016-8577 at SUSE CVE-2016-8577 at NVD CVE-2016-8578 at SUSE CVE-2016-8578 at NVD CVE-2016-8667 at SUSE CVE-2016-8667 at NVD CVE-2016-8668 at SUSE CVE-2016-8668 at NVD CVE-2016-8669 at SUSE CVE-2016-8669 at NVD CVE-2016-8909 at SUSE CVE-2016-8909 at NVD CVE-2016-8910 at SUSE CVE-2016-8910 at NVD CVE-2016-9101 at SUSE CVE-2016-9101 at NVD CVE-2016-9102 at SUSE CVE-2016-9102 at NVD CVE-2016-9103 at SUSE CVE-2016-9103 at NVD CVE-2016-9104 at SUSE CVE-2016-9104 at NVD CVE-2016-9105 at SUSE CVE-2016-9105 at NVD CVE-2016-9106 at SUSE CVE-2016-9106 at NVD CVE-2016-9381 at SUSE CVE-2016-9381 at NVD CVE-2016-9602 at SUSE CVE-2016-9602 at NVD CVE-2016-9776 at SUSE CVE-2016-9776 at NVD CVE-2016-9845 at SUSE CVE-2016-9845 at NVD CVE-2016-9846 at SUSE CVE-2016-9846 at NVD CVE-2016-9907 at SUSE CVE-2016-9907 at NVD CVE-2016-9908 at SUSE CVE-2016-9908 at NVD CVE-2016-9911 at SUSE CVE-2016-9911 at NVD CVE-2016-9912 at SUSE CVE-2016-9912 at NVD CVE-2016-9913 at SUSE CVE-2016-9913 at NVD CVE-2016-9921 at SUSE CVE-2016-9921 at NVD CVE-2016-9922 at SUSE CVE-2016-9922 at NVD CVE-2016-9923 at SUSE CVE-2016-9923 at NVD CVE-2017-10664 at SUSE CVE-2017-10664 at NVD CVE-2017-10806 at SUSE CVE-2017-10806 at NVD CVE-2017-11334 at SUSE CVE-2017-11334 at NVD CVE-2017-11434 at SUSE CVE-2017-11434 at NVD CVE-2017-13672 at SUSE CVE-2017-13672 at NVD CVE-2017-13673 at SUSE CVE-2017-13673 at NVD CVE-2017-13711 at SUSE CVE-2017-13711 at NVD CVE-2017-14167 at SUSE CVE-2017-14167 at NVD CVE-2017-15038 at SUSE CVE-2017-15038 at NVD CVE-2017-15118 at SUSE CVE-2017-15118 at NVD CVE-2017-15119 at SUSE CVE-2017-15119 at NVD CVE-2017-15268 at SUSE CVE-2017-15268 at NVD CVE-2017-15289 at SUSE CVE-2017-15289 at NVD CVE-2017-2615 at SUSE CVE-2017-2615 at NVD CVE-2017-2620 at SUSE CVE-2017-2620 at NVD CVE-2017-2630 at SUSE CVE-2017-2630 at NVD CVE-2017-2633 at SUSE CVE-2017-2633 at NVD CVE-2017-5525 at SUSE CVE-2017-5525 at NVD CVE-2017-5526 at SUSE CVE-2017-5526 at NVD CVE-2017-5552 at SUSE CVE-2017-5552 at NVD CVE-2017-5578 at SUSE CVE-2017-5578 at NVD CVE-2017-5579 at SUSE CVE-2017-5579 at NVD CVE-2017-5667 at SUSE CVE-2017-5667 at NVD CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2017-5856 at SUSE CVE-2017-5856 at NVD CVE-2017-5857 at SUSE CVE-2017-5857 at NVD CVE-2017-5898 at SUSE CVE-2017-5898 at NVD CVE-2017-5931 at SUSE CVE-2017-5931 at NVD CVE-2017-5973 at SUSE CVE-2017-5973 at NVD CVE-2017-5987 at SUSE CVE-2017-5987 at NVD CVE-2017-6058 at SUSE CVE-2017-6058 at NVD CVE-2017-6505 at SUSE CVE-2017-6505 at NVD CVE-2017-7471 at SUSE CVE-2017-7471 at NVD CVE-2017-7493 at SUSE CVE-2017-7493 at NVD CVE-2017-8112 at SUSE CVE-2017-8112 at NVD CVE-2017-8309 at SUSE CVE-2017-8309 at NVD CVE-2017-8379 at SUSE CVE-2017-8379 at NVD CVE-2017-8380 at SUSE CVE-2017-8380 at NVD CVE-2017-9503 at SUSE CVE-2017-9503 at NVD CVE-2017-9524 at SUSE CVE-2017-9524 at NVD CVE-2018-10839 at SUSE CVE-2018-10839 at NVD CVE-2018-11806 at SUSE CVE-2018-11806 at NVD CVE-2018-12126 at SUSE CVE-2018-12126 at NVD CVE-2018-12127 at SUSE CVE-2018-12127 at NVD CVE-2018-12130 at SUSE CVE-2018-12130 at NVD CVE-2018-12207 at SUSE CVE-2018-12207 at NVD CVE-2018-12617 at SUSE CVE-2018-12617 at NVD CVE-2018-15746 at SUSE CVE-2018-15746 at NVD CVE-2018-16847 at SUSE CVE-2018-16847 at NVD CVE-2018-16872 at SUSE CVE-2018-16872 at NVD CVE-2018-17958 at SUSE CVE-2018-17958 at NVD CVE-2018-17962 at SUSE CVE-2018-17962 at NVD CVE-2018-17963 at SUSE CVE-2018-17963 at NVD CVE-2018-18849 at SUSE CVE-2018-18849 at NVD CVE-2018-20123 at SUSE CVE-2018-20123 at NVD CVE-2018-20124 at SUSE CVE-2018-20124 at NVD CVE-2018-20125 at SUSE CVE-2018-20125 at NVD CVE-2018-20126 at SUSE CVE-2018-20126 at NVD CVE-2018-20191 at SUSE CVE-2018-20191 at NVD CVE-2018-20216 at SUSE CVE-2018-20216 at NVD CVE-2018-20815 at SUSE CVE-2018-20815 at NVD CVE-2018-3639 at SUSE CVE-2018-3639 at NVD CVE-2018-7550 at SUSE CVE-2018-7550 at NVD CVE-2018-7858 at SUSE CVE-2018-7858 at NVD CVE-2019-11091 at SUSE CVE-2019-11091 at NVD CVE-2019-11135 at SUSE CVE-2019-11135 at NVD CVE-2019-12068 at SUSE CVE-2019-12068 at NVD CVE-2019-12155 at SUSE CVE-2019-12155 at NVD CVE-2019-13164 at SUSE CVE-2019-13164 at NVD CVE-2019-14378 at SUSE CVE-2019-14378 at NVD CVE-2019-15890 at SUSE CVE-2019-15890 at NVD CVE-2019-5008 at SUSE CVE-2019-5008 at NVD CVE-2019-6778 at SUSE CVE-2019-6778 at NVD CVE-2019-8934 at SUSE CVE-2019-8934 at NVD CVE-2019-9824 at SUSE CVE-2019-9824 at NVD CVE-2020-10702 at SUSE CVE-2020-10702 at NVD CVE-2020-10717 at SUSE CVE-2020-10717 at NVD CVE-2020-10761 at SUSE CVE-2020-10761 at NVD CVE-2020-11102 at SUSE CVE-2020-11102 at NVD CVE-2020-11869 at SUSE CVE-2020-11869 at NVD CVE-2020-13361 at SUSE CVE-2020-13361 at NVD CVE-2020-13362 at SUSE CVE-2020-13362 at NVD CVE-2020-13659 at SUSE CVE-2020-13659 at NVD CVE-2020-13800 at SUSE CVE-2020-13800 at NVD CVE-2020-14364 at SUSE CVE-2020-14364 at NVD CVE-2020-15863 at SUSE CVE-2020-15863 at NVD CVE-2020-16092 at SUSE CVE-2020-16092 at NVD CVE-2020-1711 at SUSE CVE-2020-1711 at NVD CVE-2020-17380 at SUSE CVE-2020-17380 at NVD CVE-2020-1983 at SUSE CVE-2020-1983 at NVD CVE-2020-24352 at SUSE CVE-2020-24352 at NVD CVE-2020-25085 at SUSE CVE-2020-25085 at NVD CVE-2020-25707 at SUSE CVE-2020-25707 at NVD CVE-2020-25723 at SUSE CVE-2020-25723 at NVD CVE-2020-27821 at SUSE CVE-2020-27821 at NVD CVE-2020-29129 at SUSE CVE-2020-29129 at NVD CVE-2020-29130 at SUSE CVE-2020-29130 at NVD CVE-2020-35503 at SUSE CVE-2020-35503 at NVD CVE-2020-7039 at SUSE CVE-2020-7039 at NVD CVE-2020-8608 at SUSE CVE-2020-8608 at NVD CVE-2021-20181 at SUSE CVE-2021-20181 at NVD CVE-2021-20203 at SUSE CVE-2021-20203 at NVD CVE-2021-20221 at SUSE CVE-2021-20221 at NVD CVE-2021-20257 at SUSE CVE-2021-20257 at NVD CVE-2021-20263 at SUSE CVE-2021-20263 at NVD CVE-2021-3409 at SUSE CVE-2021-3409 at NVD CVE-2021-3416 at SUSE CVE-2021-3416 at NVD CVE-2021-3419 at SUSE CVE-2021-3419 at NVD CVE-2021-3527 at SUSE CVE-2021-3527 at NVD CVE-2021-3544 at SUSE CVE-2021-3544 at NVD CVE-2021-3545 at SUSE CVE-2021-3545 at NVD CVE-2021-3546 at SUSE CVE-2021-3546 at NVD CVE-2021-3582 at SUSE CVE-2021-3582 at NVD CVE-2021-3607 at SUSE CVE-2021-3607 at NVD CVE-2021-3608 at SUSE CVE-2021-3608 at NVD CVE-2021-3682 at SUSE CVE-2021-3682 at NVD CVE-2021-3713 at SUSE CVE-2021-3713 at NVD CVE-2021-3748 at SUSE CVE-2021-3748 at NVD CVE-2021-3929 at SUSE CVE-2021-3929 at NVD CVE-2021-4158 at SUSE CVE-2021-4158 at NVD CVE-2021-4206 at SUSE CVE-2021-4206 at NVD CVE-2021-4207 at SUSE CVE-2021-4207 at NVD CVE-2022-0216 at SUSE CVE-2022-0216 at NVD CVE-2022-0358 at SUSE CVE-2022-0358 at NVD CVE-2022-1050 at SUSE CVE-2022-1050 at NVD CVE-2022-26353 at SUSE CVE-2022-26353 at NVD CVE-2022-26354 at SUSE CVE-2022-26354 at NVD CVE-2022-2962 at SUSE CVE-2022-2962 at NVD CVE-2022-3165 at SUSE CVE-2022-3165 at NVD CVE-2022-35414 at SUSE CVE-2022-35414 at NVD CVE-2022-4144 at SUSE CVE-2022-4144 at NVD CVE-2022-4172 at SUSE CVE-2022-4172 at NVD CVE-2023-0330 at SUSE CVE-2023-0330 at NVD CVE-2023-2861 at SUSE CVE-2023-2861 at NVD CVE-2023-3255 at SUSE CVE-2023-3255 at NVD CVE-2023-3301 at SUSE CVE-2023-3301 at NVD cpe:/o:suse:sle-micro:5.5 qemu-ovmf-x86_64-202208-150500.4.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the qemu-ovmf-x86_64-202208-150500.4.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-5731 at SUSE CVE-2017-5731 at NVD CVE-2017-5732 at SUSE CVE-2017-5732 at NVD CVE-2017-5733 at SUSE CVE-2017-5733 at NVD CVE-2017-5734 at SUSE CVE-2017-5734 at NVD CVE-2017-5735 at SUSE CVE-2017-5735 at NVD CVE-2018-0739 at SUSE CVE-2018-0739 at NVD CVE-2018-12178 at SUSE CVE-2018-12178 at NVD CVE-2018-12180 at SUSE CVE-2018-12180 at NVD CVE-2018-12181 at SUSE CVE-2018-12181 at NVD CVE-2018-3613 at SUSE CVE-2018-3613 at NVD CVE-2018-3630 at SUSE CVE-2018-3630 at NVD CVE-2019-0160 at SUSE CVE-2019-0160 at NVD CVE-2019-0161 at SUSE CVE-2019-0161 at NVD CVE-2019-14553 at SUSE CVE-2019-14553 at NVD CVE-2019-14558 at SUSE CVE-2019-14558 at NVD CVE-2019-14559 at SUSE CVE-2019-14559 at NVD CVE-2019-14560 at SUSE CVE-2019-14560 at NVD CVE-2019-14562 at SUSE CVE-2019-14562 at NVD CVE-2019-14563 at SUSE CVE-2019-14563 at NVD CVE-2019-14575 at SUSE CVE-2019-14575 at NVD CVE-2019-14584 at SUSE CVE-2019-14584 at NVD CVE-2019-14586 at SUSE CVE-2019-14586 at NVD CVE-2019-14587 at SUSE CVE-2019-14587 at NVD CVE-2021-28210 at SUSE CVE-2021-28210 at NVD CVE-2021-28211 at SUSE CVE-2021-28211 at NVD CVE-2021-38578 at SUSE CVE-2021-38578 at NVD cpe:/o:suse:sle-micro:5.5 rpcbind-0.2.3-5.9.2 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the rpcbind-0.2.3-5.9.2 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-7236 at SUSE CVE-2015-7236 at NVD CVE-2017-8779 at SUSE CVE-2017-8779 at NVD cpe:/o:suse:sle-micro:5.5 rpm-4.14.3-150300.55.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the rpm-4.14.3-150300.55.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-7500 at SUSE CVE-2017-7500 at NVD CVE-2021-20266 at SUSE CVE-2021-20266 at NVD CVE-2021-20271 at SUSE CVE-2021-20271 at NVD CVE-2021-3421 at SUSE CVE-2021-3421 at NVD cpe:/o:suse:sle-micro:5.5 rsync-3.2.3-150400.3.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the rsync-3.2.3-150400.3.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8242 at SUSE CVE-2014-8242 at NVD CVE-2014-9512 at SUSE CVE-2014-9512 at NVD CVE-2017-16548 at SUSE CVE-2017-16548 at NVD CVE-2018-5764 at SUSE CVE-2018-5764 at NVD CVE-2020-14387 at SUSE CVE-2020-14387 at NVD CVE-2022-29154 at SUSE CVE-2022-29154 at NVD cpe:/o:suse:sle-micro:5.5 runc-1.1.7-150000.46.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the runc-1.1.7-150000.46.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-9962 at SUSE CVE-2016-9962 at NVD CVE-2018-16873 at SUSE CVE-2018-16873 at NVD CVE-2018-16874 at SUSE CVE-2018-16874 at NVD CVE-2018-16875 at SUSE CVE-2018-16875 at NVD CVE-2019-16884 at SUSE CVE-2019-16884 at NVD CVE-2019-19921 at SUSE CVE-2019-19921 at NVD CVE-2019-5736 at SUSE CVE-2019-5736 at NVD CVE-2021-30465 at SUSE CVE-2021-30465 at NVD CVE-2021-43784 at SUSE CVE-2021-43784 at NVD CVE-2022-29162 at SUSE CVE-2022-29162 at NVD CVE-2023-25809 at SUSE CVE-2023-25809 at NVD CVE-2023-27561 at SUSE CVE-2023-27561 at NVD CVE-2023-28642 at SUSE CVE-2023-28642 at NVD cpe:/o:suse:sle-micro:5.5 samba-client-libs-4.17.9+git.387.ca59f91f61-150500.3.8.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the samba-client-libs-4.17.9+git.387.ca59f91f61-150500.3.8.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-8143 at SUSE CVE-2014-8143 at NVD CVE-2015-0240 at SUSE CVE-2015-0240 at NVD CVE-2015-3223 at SUSE CVE-2015-3223 at NVD CVE-2015-5252 at SUSE CVE-2015-5252 at NVD CVE-2015-5296 at SUSE CVE-2015-5296 at NVD CVE-2015-5299 at SUSE CVE-2015-5299 at NVD CVE-2015-5330 at SUSE CVE-2015-5330 at NVD CVE-2015-5370 at SUSE CVE-2015-5370 at NVD CVE-2015-7560 at SUSE CVE-2015-7560 at NVD CVE-2015-8467 at SUSE CVE-2015-8467 at NVD CVE-2015-8543 at SUSE CVE-2015-8543 at NVD CVE-2016-0771 at SUSE CVE-2016-0771 at NVD CVE-2016-2110 at SUSE CVE-2016-2110 at NVD CVE-2016-2111 at SUSE CVE-2016-2111 at NVD CVE-2016-2112 at SUSE CVE-2016-2112 at NVD CVE-2016-2113 at SUSE CVE-2016-2113 at NVD CVE-2016-2115 at SUSE CVE-2016-2115 at NVD CVE-2016-2118 at SUSE CVE-2016-2118 at NVD CVE-2016-2119 at SUSE CVE-2016-2119 at NVD CVE-2016-2123 at SUSE CVE-2016-2123 at NVD CVE-2016-2124 at SUSE CVE-2016-2124 at NVD CVE-2016-2125 at SUSE CVE-2016-2125 at NVD CVE-2016-2126 at SUSE CVE-2016-2126 at NVD CVE-2017-11103 at SUSE CVE-2017-11103 at NVD CVE-2017-12150 at SUSE CVE-2017-12150 at NVD CVE-2017-12151 at SUSE CVE-2017-12151 at NVD CVE-2017-12163 at SUSE CVE-2017-12163 at NVD CVE-2017-14746 at SUSE CVE-2017-14746 at NVD CVE-2017-15275 at SUSE CVE-2017-15275 at NVD CVE-2017-2619 at SUSE CVE-2017-2619 at NVD CVE-2017-7494 at SUSE CVE-2017-7494 at NVD CVE-2018-1050 at SUSE CVE-2018-1050 at NVD CVE-2018-1057 at SUSE CVE-2018-1057 at NVD CVE-2018-10858 at SUSE CVE-2018-10858 at NVD CVE-2018-10918 at SUSE CVE-2018-10918 at NVD CVE-2018-10919 at SUSE CVE-2018-10919 at NVD CVE-2018-1139 at SUSE CVE-2018-1139 at NVD CVE-2018-1140 at SUSE CVE-2018-1140 at NVD CVE-2018-14629 at SUSE CVE-2018-14629 at NVD CVE-2018-16841 at SUSE CVE-2018-16841 at NVD CVE-2018-16851 at SUSE CVE-2018-16851 at NVD CVE-2018-16852 at SUSE CVE-2018-16852 at NVD CVE-2018-16853 at SUSE CVE-2018-16853 at NVD CVE-2018-16857 at SUSE CVE-2018-16857 at NVD CVE-2018-16860 at SUSE CVE-2018-16860 at NVD CVE-2019-10197 at SUSE CVE-2019-10197 at NVD CVE-2019-10218 at SUSE CVE-2019-10218 at NVD CVE-2019-12435 at SUSE CVE-2019-12435 at NVD CVE-2019-12436 at SUSE CVE-2019-12436 at NVD CVE-2019-14833 at SUSE CVE-2019-14833 at NVD CVE-2019-14847 at SUSE CVE-2019-14847 at NVD CVE-2019-14861 at SUSE CVE-2019-14861 at NVD CVE-2019-14870 at SUSE CVE-2019-14870 at NVD CVE-2019-14902 at SUSE CVE-2019-14902 at NVD CVE-2019-14907 at SUSE CVE-2019-14907 at NVD CVE-2019-19344 at SUSE CVE-2019-19344 at NVD CVE-2019-3824 at SUSE CVE-2019-3824 at NVD CVE-2019-3870 at SUSE CVE-2019-3870 at NVD CVE-2019-3880 at SUSE CVE-2019-3880 at NVD CVE-2020-10700 at SUSE CVE-2020-10700 at NVD CVE-2020-10704 at SUSE CVE-2020-10704 at NVD CVE-2020-10730 at SUSE CVE-2020-10730 at NVD CVE-2020-10745 at SUSE CVE-2020-10745 at NVD CVE-2020-10760 at SUSE CVE-2020-10760 at NVD CVE-2020-14303 at SUSE CVE-2020-14303 at NVD CVE-2020-14318 at SUSE CVE-2020-14318 at NVD CVE-2020-14323 at SUSE CVE-2020-14323 at NVD CVE-2020-14383 at SUSE CVE-2020-14383 at NVD CVE-2020-1472 at SUSE CVE-2020-1472 at NVD CVE-2020-17049 at SUSE CVE-2020-17049 at NVD CVE-2020-25717 at SUSE CVE-2020-25717 at NVD CVE-2020-25718 at SUSE CVE-2020-25718 at NVD CVE-2020-25719 at SUSE CVE-2020-25719 at NVD CVE-2020-25720 at SUSE CVE-2020-25720 at NVD CVE-2020-25721 at SUSE CVE-2020-25721 at NVD CVE-2020-25722 at SUSE CVE-2020-25722 at NVD CVE-2020-27840 at SUSE CVE-2020-27840 at NVD CVE-2021-20251 at SUSE CVE-2021-20251 at NVD CVE-2021-20254 at SUSE CVE-2021-20254 at NVD CVE-2021-20277 at SUSE CVE-2021-20277 at NVD CVE-2021-23192 at SUSE CVE-2021-23192 at NVD CVE-2021-3738 at SUSE CVE-2021-3738 at NVD CVE-2021-44141 at SUSE CVE-2021-44141 at NVD CVE-2021-44142 at SUSE CVE-2021-44142 at NVD CVE-2022-0336 at SUSE CVE-2022-0336 at NVD CVE-2022-1615 at SUSE CVE-2022-1615 at NVD CVE-2022-2031 at SUSE CVE-2022-2031 at NVD CVE-2022-2127 at SUSE CVE-2022-2127 at NVD CVE-2022-32742 at SUSE CVE-2022-32742 at NVD CVE-2022-32743 at SUSE CVE-2022-32743 at NVD CVE-2022-32744 at SUSE CVE-2022-32744 at NVD CVE-2022-32745 at SUSE CVE-2022-32745 at NVD CVE-2022-32746 at SUSE CVE-2022-32746 at NVD CVE-2022-3437 at SUSE CVE-2022-3437 at NVD CVE-2022-3592 at SUSE CVE-2022-3592 at NVD CVE-2022-37966 at SUSE CVE-2022-37966 at NVD CVE-2022-37967 at SUSE CVE-2022-37967 at NVD CVE-2022-38023 at SUSE CVE-2022-38023 at NVD CVE-2022-42898 at SUSE CVE-2022-42898 at NVD CVE-2022-44640 at SUSE CVE-2022-44640 at NVD CVE-2023-0225 at SUSE CVE-2023-0225 at NVD CVE-2023-0614 at SUSE CVE-2023-0614 at NVD CVE-2023-0922 at SUSE CVE-2023-0922 at NVD CVE-2023-3347 at SUSE CVE-2023-3347 at NVD CVE-2023-34966 at SUSE CVE-2023-34966 at NVD CVE-2023-34967 at SUSE CVE-2023-34967 at NVD CVE-2023-34968 at SUSE CVE-2023-34968 at NVD cpe:/o:suse:sle-micro:5.5 shim-15.7-150300.4.16.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the shim-15.7-150300.4.16.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3675 at SUSE CVE-2014-3675 at NVD CVE-2014-3676 at SUSE CVE-2014-3676 at NVD CVE-2014-3677 at SUSE CVE-2014-3677 at NVD CVE-2019-14584 at SUSE CVE-2019-14584 at NVD CVE-2022-28737 at SUSE CVE-2022-28737 at NVD cpe:/o:suse:sle-micro:5.5 skopeo-1.12.0-150300.11.5.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the skopeo-1.12.0-150300.11.5.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-14992 at SUSE CVE-2017-14992 at NVD CVE-2019-10214 at SUSE CVE-2019-10214 at NVD cpe:/o:suse:sle-micro:5.5 slirp4netns-1.2.0-150500.1.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the slirp4netns-1.2.0-150500.1.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-6778 at SUSE CVE-2019-6778 at NVD CVE-2020-10756 at SUSE CVE-2020-10756 at NVD CVE-2020-1983 at SUSE CVE-2020-1983 at NVD CVE-2020-29130 at SUSE CVE-2020-29130 at NVD cpe:/o:suse:sle-micro:5.5 socat-1.7.3.2-4.10 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the socat-1.7.3.2-4.10 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-3571 at SUSE CVE-2013-3571 at NVD CVE-2014-0019 at SUSE CVE-2014-0019 at NVD CVE-2015-4000 at SUSE CVE-2015-4000 at NVD cpe:/o:suse:sle-micro:5.5 squashfs-4.4-1.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the squashfs-4.4-1.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-4645 at SUSE CVE-2015-4645 at NVD CVE-2015-4646 at SUSE CVE-2015-4646 at NVD cpe:/o:suse:sle-micro:5.5 sudo-1.9.12p1-150500.5.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the sudo-1.9.12p1-150500.5.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-9680 at SUSE CVE-2014-9680 at NVD CVE-2016-7032 at SUSE CVE-2016-7032 at NVD CVE-2016-7076 at SUSE CVE-2016-7076 at NVD CVE-2017-1000367 at SUSE CVE-2017-1000367 at NVD CVE-2017-1000368 at SUSE CVE-2017-1000368 at NVD CVE-2019-14287 at SUSE CVE-2019-14287 at NVD CVE-2019-18634 at SUSE CVE-2019-18634 at NVD CVE-2021-23239 at SUSE CVE-2021-23239 at NVD CVE-2021-23240 at SUSE CVE-2021-23240 at NVD CVE-2021-3156 at SUSE CVE-2021-3156 at NVD CVE-2022-43995 at SUSE CVE-2022-43995 at NVD CVE-2023-22809 at SUSE CVE-2023-22809 at NVD CVE-2023-27320 at SUSE CVE-2023-27320 at NVD CVE-2023-28486 at SUSE CVE-2023-28486 at NVD CVE-2023-28487 at SUSE CVE-2023-28487 at NVD cpe:/o:suse:sle-micro:5.5 supportutils-3.1.21-150300.7.35.18.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the supportutils-3.1.21-150300.7.35.18.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-19637 at SUSE CVE-2018-19637 at NVD CVE-2018-19638 at SUSE CVE-2018-19638 at NVD CVE-2018-19639 at SUSE CVE-2018-19639 at NVD CVE-2018-19640 at SUSE CVE-2018-19640 at NVD cpe:/o:suse:sle-micro:5.5 swtpm-0.7.3-150500.2.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the swtpm-0.7.3-150500.2.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2020-28407 at SUSE CVE-2020-28407 at NVD CVE-2022-23645 at SUSE CVE-2022-23645 at NVD cpe:/o:suse:sle-micro:5.5 sysstat-12.0.2-3.33.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the sysstat-12.0.2-3.33.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-19416 at SUSE CVE-2018-19416 at NVD CVE-2018-19517 at SUSE CVE-2018-19517 at NVD CVE-2019-16167 at SUSE CVE-2019-16167 at NVD CVE-2019-19725 at SUSE CVE-2019-19725 at NVD cpe:/o:suse:sle-micro:5.5 tar-1.34-150000.3.31.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the tar-1.34-150000.3.31.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2016-6321 at SUSE CVE-2016-6321 at NVD CVE-2018-20482 at SUSE CVE-2018-20482 at NVD CVE-2019-9923 at SUSE CVE-2019-9923 at NVD CVE-2021-20193 at SUSE CVE-2021-20193 at NVD CVE-2022-48303 at SUSE CVE-2022-48303 at NVD cpe:/o:suse:sle-micro:5.5 tpm2.0-tools-5.2-150400.4.6 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the tpm2.0-tools-5.2-150400.4.6 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-7524 at SUSE CVE-2017-7524 at NVD CVE-2021-3565 at SUSE CVE-2021-3565 at NVD cpe:/o:suse:sle-micro:5.5 trousers-0.3.15-150400.1.10 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the trousers-0.3.15-150400.1.10 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-18898 at SUSE CVE-2019-18898 at NVD CVE-2020-24330 at SUSE CVE-2020-24330 at NVD CVE-2020-24331 at SUSE CVE-2020-24331 at NVD CVE-2020-24332 at SUSE CVE-2020-24332 at NVD cpe:/o:suse:sle-micro:5.5 u-boot-rpiarm64-2021.10-150400.4.11.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the u-boot-rpiarm64-2021.10-150400.4.11.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2018-18439 at SUSE CVE-2018-18439 at NVD CVE-2018-18440 at SUSE CVE-2018-18440 at NVD CVE-2020-10648 at SUSE CVE-2020-10648 at NVD CVE-2020-8432 at SUSE CVE-2020-8432 at NVD CVE-2022-30552 at SUSE CVE-2022-30552 at NVD CVE-2022-30767 at SUSE CVE-2022-30767 at NVD CVE-2022-30790 at SUSE CVE-2022-30790 at NVD CVE-2022-33103 at SUSE CVE-2022-33103 at NVD CVE-2022-33967 at SUSE CVE-2022-33967 at NVD CVE-2022-34835 at SUSE CVE-2022-34835 at NVD cpe:/o:suse:sle-micro:5.5 ucode-intel-20230808-150200.27.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the ucode-intel-20230808-150200.27.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2018-12126 at SUSE CVE-2018-12126 at NVD CVE-2018-12127 at SUSE CVE-2018-12127 at NVD CVE-2018-12130 at SUSE CVE-2018-12130 at NVD CVE-2018-3639 at SUSE CVE-2018-3639 at NVD CVE-2018-3640 at SUSE CVE-2018-3640 at NVD CVE-2019-11091 at SUSE CVE-2019-11091 at NVD CVE-2019-11135 at SUSE CVE-2019-11135 at NVD CVE-2019-11139 at SUSE CVE-2019-11139 at NVD CVE-2020-0543 at SUSE CVE-2020-0543 at NVD CVE-2020-0548 at SUSE CVE-2020-0548 at NVD CVE-2020-0549 at SUSE CVE-2020-0549 at NVD CVE-2020-24489 at SUSE CVE-2020-24489 at NVD CVE-2020-24511 at SUSE CVE-2020-24511 at NVD CVE-2020-24512 at SUSE CVE-2020-24512 at NVD CVE-2020-24513 at SUSE CVE-2020-24513 at NVD CVE-2020-8695 at SUSE CVE-2020-8695 at NVD CVE-2020-8696 at SUSE CVE-2020-8696 at NVD CVE-2020-8698 at SUSE CVE-2020-8698 at NVD CVE-2021-0127 at SUSE CVE-2021-0127 at NVD CVE-2021-0145 at SUSE CVE-2021-0145 at NVD CVE-2021-0146 at SUSE CVE-2021-0146 at NVD CVE-2021-33120 at SUSE CVE-2021-33120 at NVD CVE-2022-21151 at SUSE CVE-2022-21151 at NVD CVE-2022-21216 at SUSE CVE-2022-21216 at NVD CVE-2022-21233 at SUSE CVE-2022-21233 at NVD CVE-2022-33196 at SUSE CVE-2022-33196 at NVD CVE-2022-33972 at SUSE CVE-2022-33972 at NVD CVE-2022-38090 at SUSE CVE-2022-38090 at NVD CVE-2022-40982 at SUSE CVE-2022-40982 at NVD CVE-2022-41804 at SUSE CVE-2022-41804 at NVD CVE-2023-23908 at SUSE CVE-2023-23908 at NVD cpe:/o:suse:sle-micro:5.5 update-alternatives-1.19.0.4-150000.4.4.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the update-alternatives-1.19.0.4-150000.4.4.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2015-0840 at SUSE CVE-2015-0840 at NVD cpe:/o:suse:sle-micro:5.5 vim-data-common-9.0.1632-150500.20.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the vim-data-common-9.0.1632-150500.20.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2009-0316 at SUSE CVE-2009-0316 at NVD CVE-2017-1000382 at SUSE CVE-2017-1000382 at NVD CVE-2017-17087 at SUSE CVE-2017-17087 at NVD CVE-2017-5953 at SUSE CVE-2017-5953 at NVD CVE-2017-6349 at SUSE CVE-2017-6349 at NVD CVE-2017-6350 at SUSE CVE-2017-6350 at NVD CVE-2019-12735 at SUSE CVE-2019-12735 at NVD CVE-2019-20807 at SUSE CVE-2019-20807 at NVD CVE-2021-3778 at SUSE CVE-2021-3778 at NVD CVE-2021-3796 at SUSE CVE-2021-3796 at NVD CVE-2021-3872 at SUSE CVE-2021-3872 at NVD CVE-2021-3875 at SUSE CVE-2021-3875 at NVD CVE-2021-3903 at SUSE CVE-2021-3903 at NVD CVE-2021-3927 at SUSE CVE-2021-3927 at NVD CVE-2021-3928 at SUSE CVE-2021-3928 at NVD CVE-2021-3968 at SUSE CVE-2021-3968 at NVD CVE-2021-3973 at SUSE CVE-2021-3973 at NVD CVE-2021-3974 at SUSE CVE-2021-3974 at NVD CVE-2021-3984 at SUSE CVE-2021-3984 at NVD CVE-2021-4019 at SUSE CVE-2021-4019 at NVD CVE-2021-4069 at SUSE CVE-2021-4069 at NVD CVE-2021-4136 at SUSE CVE-2021-4136 at NVD CVE-2021-4166 at SUSE CVE-2021-4166 at NVD CVE-2021-4192 at SUSE CVE-2021-4192 at NVD CVE-2021-4193 at SUSE CVE-2021-4193 at NVD CVE-2021-46059 at SUSE CVE-2021-46059 at NVD CVE-2022-0128 at SUSE CVE-2022-0128 at NVD CVE-2022-0213 at SUSE CVE-2022-0213 at NVD CVE-2022-0261 at SUSE CVE-2022-0261 at NVD CVE-2022-0318 at SUSE CVE-2022-0318 at NVD CVE-2022-0319 at SUSE CVE-2022-0319 at NVD CVE-2022-0351 at SUSE CVE-2022-0351 at NVD CVE-2022-0359 at SUSE CVE-2022-0359 at NVD CVE-2022-0361 at SUSE CVE-2022-0361 at NVD CVE-2022-0392 at SUSE CVE-2022-0392 at NVD CVE-2022-0407 at SUSE CVE-2022-0407 at NVD CVE-2022-0413 at SUSE CVE-2022-0413 at NVD CVE-2022-0696 at SUSE CVE-2022-0696 at NVD CVE-2022-1381 at SUSE CVE-2022-1381 at NVD CVE-2022-1420 at SUSE CVE-2022-1420 at NVD CVE-2022-1616 at SUSE CVE-2022-1616 at NVD CVE-2022-1619 at SUSE CVE-2022-1619 at NVD CVE-2022-1620 at SUSE CVE-2022-1620 at NVD CVE-2022-1720 at SUSE CVE-2022-1720 at NVD CVE-2022-1733 at SUSE CVE-2022-1733 at NVD CVE-2022-1735 at SUSE CVE-2022-1735 at NVD CVE-2022-1771 at SUSE CVE-2022-1771 at NVD CVE-2022-1785 at SUSE CVE-2022-1785 at NVD CVE-2022-1796 at SUSE CVE-2022-1796 at NVD CVE-2022-1851 at SUSE CVE-2022-1851 at NVD CVE-2022-1897 at SUSE CVE-2022-1897 at NVD CVE-2022-1898 at SUSE CVE-2022-1898 at NVD CVE-2022-1927 at SUSE CVE-2022-1927 at NVD CVE-2022-1968 at SUSE CVE-2022-1968 at NVD CVE-2022-2124 at SUSE CVE-2022-2124 at NVD CVE-2022-2125 at SUSE CVE-2022-2125 at NVD CVE-2022-2126 at SUSE CVE-2022-2126 at NVD CVE-2022-2129 at SUSE CVE-2022-2129 at NVD CVE-2022-2175 at SUSE CVE-2022-2175 at NVD CVE-2022-2182 at SUSE CVE-2022-2182 at NVD CVE-2022-2183 at SUSE CVE-2022-2183 at NVD CVE-2022-2206 at SUSE CVE-2022-2206 at NVD CVE-2022-2207 at SUSE CVE-2022-2207 at NVD CVE-2022-2208 at SUSE CVE-2022-2208 at NVD CVE-2022-2210 at SUSE CVE-2022-2210 at NVD CVE-2022-2231 at SUSE CVE-2022-2231 at NVD CVE-2022-2257 at SUSE CVE-2022-2257 at NVD CVE-2022-2264 at SUSE CVE-2022-2264 at NVD CVE-2022-2284 at SUSE CVE-2022-2284 at NVD CVE-2022-2285 at SUSE CVE-2022-2285 at NVD CVE-2022-2286 at SUSE CVE-2022-2286 at NVD CVE-2022-2287 at SUSE CVE-2022-2287 at NVD CVE-2022-2304 at SUSE CVE-2022-2304 at NVD CVE-2022-2343 at SUSE CVE-2022-2343 at NVD CVE-2022-2344 at SUSE CVE-2022-2344 at NVD CVE-2022-2345 at SUSE CVE-2022-2345 at NVD CVE-2022-2522 at SUSE CVE-2022-2522 at NVD CVE-2022-2571 at SUSE CVE-2022-2571 at NVD CVE-2022-2580 at SUSE CVE-2022-2580 at NVD CVE-2022-2581 at SUSE CVE-2022-2581 at NVD CVE-2022-2598 at SUSE CVE-2022-2598 at NVD CVE-2022-2816 at SUSE CVE-2022-2816 at NVD CVE-2022-2817 at SUSE CVE-2022-2817 at NVD CVE-2022-2819 at SUSE CVE-2022-2819 at NVD CVE-2022-2845 at SUSE CVE-2022-2845 at NVD CVE-2022-2849 at SUSE CVE-2022-2849 at NVD CVE-2022-2862 at SUSE CVE-2022-2862 at NVD CVE-2022-2874 at SUSE CVE-2022-2874 at NVD CVE-2022-2889 at SUSE CVE-2022-2889 at NVD CVE-2022-2923 at SUSE CVE-2022-2923 at NVD CVE-2022-2946 at SUSE CVE-2022-2946 at NVD CVE-2022-2980 at SUSE CVE-2022-2980 at NVD CVE-2022-2982 at SUSE CVE-2022-2982 at NVD CVE-2022-3016 at SUSE CVE-2022-3016 at NVD CVE-2022-3037 at SUSE CVE-2022-3037 at NVD CVE-2022-3099 at SUSE CVE-2022-3099 at NVD CVE-2022-3134 at SUSE CVE-2022-3134 at NVD CVE-2022-3153 at SUSE CVE-2022-3153 at NVD CVE-2022-3234 at SUSE CVE-2022-3234 at NVD CVE-2022-3235 at SUSE CVE-2022-3235 at NVD CVE-2022-3278 at SUSE CVE-2022-3278 at NVD CVE-2022-3296 at SUSE CVE-2022-3296 at NVD CVE-2022-3297 at SUSE CVE-2022-3297 at NVD CVE-2022-3324 at SUSE CVE-2022-3324 at NVD CVE-2022-3352 at SUSE CVE-2022-3352 at NVD CVE-2022-3491 at SUSE CVE-2022-3491 at NVD CVE-2022-3520 at SUSE CVE-2022-3520 at NVD CVE-2022-3591 at SUSE CVE-2022-3591 at NVD CVE-2022-3705 at SUSE CVE-2022-3705 at NVD CVE-2022-4141 at SUSE CVE-2022-4141 at NVD CVE-2022-4292 at SUSE CVE-2022-4292 at NVD CVE-2022-4293 at SUSE CVE-2022-4293 at NVD CVE-2023-0049 at SUSE CVE-2023-0049 at NVD CVE-2023-0051 at SUSE CVE-2023-0051 at NVD CVE-2023-0054 at SUSE CVE-2023-0054 at NVD CVE-2023-0288 at SUSE CVE-2023-0288 at NVD CVE-2023-0433 at SUSE CVE-2023-0433 at NVD CVE-2023-0512 at SUSE CVE-2023-0512 at NVD CVE-2023-1127 at SUSE CVE-2023-1127 at NVD CVE-2023-1170 at SUSE CVE-2023-1170 at NVD CVE-2023-1175 at SUSE CVE-2023-1175 at NVD CVE-2023-1264 at SUSE CVE-2023-1264 at NVD CVE-2023-1355 at SUSE CVE-2023-1355 at NVD CVE-2023-2426 at SUSE CVE-2023-2426 at NVD CVE-2023-2609 at SUSE CVE-2023-2609 at NVD CVE-2023-2610 at SUSE CVE-2023-2610 at NVD cpe:/o:suse:sle-micro:5.5 virt-install-4.1.0-150500.3.3.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the virt-install-4.1.0-150500.3.3.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-10183 at SUSE CVE-2019-10183 at NVD cpe:/o:suse:sle-micro:5.5 wicked-0.6.73-150500.3.10.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the wicked-0.6.73-150500.3.10.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2019-18902 at SUSE CVE-2019-18902 at NVD CVE-2019-18903 at SUSE CVE-2019-18903 at NVD CVE-2020-7216 at SUSE CVE-2020-7216 at NVD CVE-2020-7217 at SUSE CVE-2020-7217 at NVD cpe:/o:suse:sle-micro:5.5 wpa_supplicant-2.10-150500.1.3 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the wpa_supplicant-2.10-150500.1.3 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2014-3686 at SUSE CVE-2014-3686 at NVD CVE-2015-1863 at SUSE CVE-2015-1863 at NVD CVE-2015-4141 at SUSE CVE-2015-4141 at NVD CVE-2015-4142 at SUSE CVE-2015-4142 at NVD CVE-2015-4143 at SUSE CVE-2015-4143 at NVD CVE-2015-4144 at SUSE CVE-2015-4144 at NVD CVE-2015-4145 at SUSE CVE-2015-4145 at NVD CVE-2015-4146 at SUSE CVE-2015-4146 at NVD CVE-2015-5310 at SUSE CVE-2015-5310 at NVD CVE-2015-5315 at SUSE CVE-2015-5315 at NVD CVE-2015-5316 at SUSE CVE-2015-5316 at NVD CVE-2015-8041 at SUSE CVE-2015-8041 at NVD CVE-2016-4476 at SUSE CVE-2016-4476 at NVD CVE-2016-4477 at SUSE CVE-2016-4477 at NVD CVE-2017-13077 at SUSE CVE-2017-13077 at NVD CVE-2017-13078 at SUSE CVE-2017-13078 at NVD CVE-2017-13079 at SUSE CVE-2017-13079 at NVD CVE-2017-13080 at SUSE CVE-2017-13080 at NVD CVE-2017-13081 at SUSE CVE-2017-13081 at NVD CVE-2017-13082 at SUSE CVE-2017-13082 at NVD CVE-2017-13086 at SUSE CVE-2017-13086 at NVD CVE-2017-13087 at SUSE CVE-2017-13087 at NVD CVE-2017-13088 at SUSE CVE-2017-13088 at NVD CVE-2018-14526 at SUSE CVE-2018-14526 at NVD CVE-2019-11555 at SUSE CVE-2019-11555 at NVD CVE-2019-13377 at SUSE CVE-2019-13377 at NVD CVE-2019-16275 at SUSE CVE-2019-16275 at NVD CVE-2019-9494 at SUSE CVE-2019-9494 at NVD CVE-2019-9495 at SUSE CVE-2019-9495 at NVD CVE-2019-9497 at SUSE CVE-2019-9497 at NVD CVE-2019-9498 at SUSE CVE-2019-9498 at NVD CVE-2019-9499 at SUSE CVE-2019-9499 at NVD CVE-2021-0326 at SUSE CVE-2021-0326 at NVD CVE-2021-27803 at SUSE CVE-2021-27803 at NVD CVE-2021-30004 at SUSE CVE-2021-30004 at NVD CVE-2022-23303 at SUSE CVE-2022-23303 at NVD CVE-2022-23304 at SUSE CVE-2022-23304 at NVD cpe:/o:suse:sle-micro:5.5 xen-libs-4.17.2_02-150500.3.6.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the xen-libs-4.17.2_02-150500.3.6.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2013-3495 at SUSE CVE-2013-3495 at NVD CVE-2013-4533 at SUSE CVE-2013-4533 at NVD CVE-2013-4534 at SUSE CVE-2013-4534 at NVD CVE-2013-4537 at SUSE CVE-2013-4537 at NVD CVE-2013-4538 at SUSE CVE-2013-4538 at NVD CVE-2013-4539 at SUSE CVE-2013-4539 at NVD CVE-2013-4540 at SUSE CVE-2013-4540 at NVD CVE-2014-0222 at SUSE CVE-2014-0222 at NVD CVE-2014-3640 at SUSE CVE-2014-3640 at NVD CVE-2014-3672 at SUSE CVE-2014-3672 at NVD CVE-2014-7815 at SUSE CVE-2014-7815 at NVD CVE-2015-1779 at SUSE CVE-2015-1779 at NVD CVE-2015-3259 at SUSE CVE-2015-3259 at NVD CVE-2015-3340 at SUSE CVE-2015-3340 at NVD CVE-2015-3456 at SUSE CVE-2015-3456 at NVD CVE-2015-4037 at SUSE CVE-2015-4037 at NVD CVE-2015-4103 at SUSE CVE-2015-4103 at NVD CVE-2015-4104 at SUSE CVE-2015-4104 at NVD CVE-2015-4105 at SUSE CVE-2015-4105 at NVD CVE-2015-4106 at SUSE CVE-2015-4106 at NVD CVE-2015-5154 at SUSE CVE-2015-5154 at NVD CVE-2015-5239 at SUSE CVE-2015-5239 at NVD CVE-2015-5278 at SUSE CVE-2015-5278 at NVD CVE-2015-5307 at SUSE CVE-2015-5307 at NVD CVE-2015-6815 at SUSE CVE-2015-6815 at NVD CVE-2015-6855 at SUSE CVE-2015-6855 at NVD CVE-2015-7311 at SUSE CVE-2015-7311 at NVD CVE-2015-7504 at SUSE CVE-2015-7504 at NVD CVE-2015-7512 at SUSE CVE-2015-7512 at NVD CVE-2015-7549 at SUSE CVE-2015-7549 at NVD CVE-2015-7835 at SUSE CVE-2015-7835 at NVD CVE-2015-7969 at SUSE CVE-2015-7969 at NVD CVE-2015-7970 at SUSE CVE-2015-7970 at NVD CVE-2015-7971 at SUSE CVE-2015-7971 at NVD CVE-2015-7972 at SUSE CVE-2015-7972 at NVD CVE-2015-8104 at SUSE CVE-2015-8104 at NVD CVE-2015-8339 at SUSE CVE-2015-8339 at NVD CVE-2015-8340 at SUSE CVE-2015-8340 at NVD CVE-2015-8341 at SUSE CVE-2015-8341 at NVD CVE-2015-8345 at SUSE CVE-2015-8345 at NVD CVE-2015-8504 at SUSE CVE-2015-8504 at NVD CVE-2015-8550 at SUSE CVE-2015-8550 at NVD CVE-2015-8554 at SUSE CVE-2015-8554 at NVD CVE-2015-8555 at SUSE CVE-2015-8555 at NVD CVE-2015-8558 at SUSE CVE-2015-8558 at NVD CVE-2015-8567 at SUSE CVE-2015-8567 at NVD CVE-2015-8568 at SUSE CVE-2015-8568 at NVD CVE-2015-8613 at SUSE CVE-2015-8613 at NVD CVE-2015-8615 at SUSE CVE-2015-8615 at NVD CVE-2015-8619 at SUSE CVE-2015-8619 at NVD CVE-2015-8743 at SUSE CVE-2015-8743 at NVD CVE-2015-8744 at SUSE CVE-2015-8744 at NVD CVE-2015-8745 at SUSE CVE-2015-8745 at NVD CVE-2016-10013 at SUSE CVE-2016-10013 at NVD CVE-2016-10024 at SUSE CVE-2016-10024 at NVD CVE-2016-10025 at SUSE CVE-2016-10025 at NVD CVE-2016-1568 at SUSE CVE-2016-1568 at NVD CVE-2016-1570 at SUSE CVE-2016-1570 at NVD CVE-2016-1571 at SUSE CVE-2016-1571 at NVD CVE-2016-1714 at SUSE CVE-2016-1714 at NVD CVE-2016-1922 at SUSE CVE-2016-1922 at NVD CVE-2016-1981 at SUSE CVE-2016-1981 at NVD CVE-2016-2198 at SUSE CVE-2016-2198 at NVD CVE-2016-2270 at SUSE CVE-2016-2270 at NVD CVE-2016-2271 at SUSE CVE-2016-2271 at NVD CVE-2016-2391 at SUSE CVE-2016-2391 at NVD CVE-2016-2392 at SUSE CVE-2016-2392 at NVD CVE-2016-2538 at SUSE CVE-2016-2538 at NVD CVE-2016-2841 at SUSE CVE-2016-2841 at NVD CVE-2016-4439 at SUSE CVE-2016-4439 at NVD CVE-2016-4441 at SUSE CVE-2016-4441 at NVD CVE-2016-5238 at SUSE CVE-2016-5238 at NVD CVE-2016-5338 at SUSE CVE-2016-5338 at NVD CVE-2016-6258 at SUSE CVE-2016-6258 at NVD CVE-2016-6259 at SUSE CVE-2016-6259 at NVD CVE-2016-6351 at SUSE CVE-2016-6351 at NVD CVE-2016-7092 at SUSE CVE-2016-7092 at NVD CVE-2016-7093 at SUSE CVE-2016-7093 at NVD CVE-2016-7094 at SUSE CVE-2016-7094 at NVD CVE-2016-7777 at SUSE CVE-2016-7777 at NVD CVE-2016-7908 at SUSE CVE-2016-7908 at NVD CVE-2016-7909 at SUSE CVE-2016-7909 at NVD CVE-2016-8667 at SUSE CVE-2016-8667 at NVD CVE-2016-8669 at SUSE CVE-2016-8669 at NVD CVE-2016-8910 at SUSE CVE-2016-8910 at NVD CVE-2016-9377 at SUSE CVE-2016-9377 at NVD CVE-2016-9378 at SUSE CVE-2016-9378 at NVD CVE-2016-9379 at SUSE CVE-2016-9379 at NVD CVE-2016-9380 at SUSE CVE-2016-9380 at NVD CVE-2016-9381 at SUSE CVE-2016-9381 at NVD CVE-2016-9382 at SUSE CVE-2016-9382 at NVD CVE-2016-9383 at SUSE CVE-2016-9383 at NVD CVE-2016-9384 at SUSE CVE-2016-9384 at NVD CVE-2016-9385 at SUSE CVE-2016-9385 at NVD CVE-2016-9386 at SUSE CVE-2016-9386 at NVD CVE-2016-9637 at SUSE CVE-2016-9637 at NVD CVE-2016-9921 at SUSE CVE-2016-9921 at NVD CVE-2016-9922 at SUSE CVE-2016-9922 at NVD CVE-2016-9932 at SUSE CVE-2016-9932 at NVD CVE-2017-12135 at SUSE CVE-2017-12135 at NVD CVE-2017-12136 at SUSE CVE-2017-12136 at NVD CVE-2017-12137 at SUSE CVE-2017-12137 at NVD CVE-2017-2615 at SUSE CVE-2017-2615 at NVD CVE-2017-2620 at SUSE CVE-2017-2620 at NVD CVE-2017-5715 at SUSE CVE-2017-5715 at NVD CVE-2017-5753 at SUSE CVE-2017-5753 at NVD CVE-2017-5754 at SUSE CVE-2017-5754 at NVD CVE-2017-6505 at SUSE CVE-2017-6505 at NVD CVE-2017-8309 at SUSE CVE-2017-8309 at NVD CVE-2017-9330 at SUSE CVE-2017-9330 at NVD CVE-2018-10471 at SUSE CVE-2018-10471 at NVD CVE-2018-10472 at SUSE CVE-2018-10472 at NVD CVE-2018-10981 at SUSE CVE-2018-10981 at NVD CVE-2018-10982 at SUSE CVE-2018-10982 at NVD CVE-2018-12126 at SUSE CVE-2018-12126 at NVD CVE-2018-12127 at SUSE CVE-2018-12127 at NVD CVE-2018-12130 at SUSE CVE-2018-12130 at NVD CVE-2018-12891 at SUSE CVE-2018-12891 at NVD CVE-2018-12892 at SUSE CVE-2018-12892 at NVD CVE-2018-12893 at SUSE CVE-2018-12893 at NVD CVE-2018-15468 at SUSE CVE-2018-15468 at NVD CVE-2018-15469 at SUSE CVE-2018-15469 at NVD CVE-2018-15470 at SUSE CVE-2018-15470 at NVD CVE-2018-18883 at SUSE CVE-2018-18883 at NVD CVE-2018-19961 at SUSE CVE-2018-19961 at NVD CVE-2018-19962 at SUSE CVE-2018-19962 at NVD CVE-2018-19963 at SUSE CVE-2018-19963 at NVD CVE-2018-19964 at SUSE CVE-2018-19964 at NVD CVE-2018-19965 at SUSE CVE-2018-19965 at NVD CVE-2018-19966 at SUSE CVE-2018-19966 at NVD CVE-2018-19967 at SUSE CVE-2018-19967 at NVD CVE-2018-3639 at SUSE CVE-2018-3639 at NVD CVE-2018-3646 at SUSE CVE-2018-3646 at NVD CVE-2018-3665 at SUSE CVE-2018-3665 at NVD CVE-2018-5244 at SUSE CVE-2018-5244 at NVD CVE-2018-7540 at SUSE CVE-2018-7540 at NVD CVE-2018-7541 at SUSE CVE-2018-7541 at NVD CVE-2018-7542 at SUSE CVE-2018-7542 at NVD CVE-2018-8897 at SUSE CVE-2018-8897 at NVD CVE-2019-11091 at SUSE CVE-2019-11091 at NVD CVE-2019-17349 at SUSE CVE-2019-17349 at NVD CVE-2020-0543 at SUSE CVE-2020-0543 at NVD CVE-2020-11739 at SUSE CVE-2020-11739 at NVD CVE-2020-11740 at SUSE CVE-2020-11740 at NVD CVE-2020-11741 at SUSE CVE-2020-11741 at NVD CVE-2020-11742 at SUSE CVE-2020-11742 at NVD CVE-2020-11743 at SUSE CVE-2020-11743 at NVD CVE-2020-15563 at SUSE CVE-2020-15563 at NVD CVE-2020-15565 at SUSE CVE-2020-15565 at NVD CVE-2020-15566 at SUSE CVE-2020-15566 at NVD CVE-2020-15567 at SUSE CVE-2020-15567 at NVD CVE-2020-25595 at SUSE CVE-2020-25595 at NVD CVE-2020-25596 at SUSE CVE-2020-25596 at NVD CVE-2020-25597 at SUSE CVE-2020-25597 at NVD CVE-2020-25598 at SUSE CVE-2020-25598 at NVD CVE-2020-25599 at SUSE CVE-2020-25599 at NVD CVE-2020-25600 at SUSE CVE-2020-25600 at NVD CVE-2020-25601 at SUSE CVE-2020-25601 at NVD CVE-2020-25602 at SUSE CVE-2020-25602 at NVD CVE-2020-25603 at SUSE CVE-2020-25603 at NVD CVE-2020-25604 at SUSE CVE-2020-25604 at NVD CVE-2020-27670 at SUSE CVE-2020-27670 at NVD CVE-2020-27671 at SUSE CVE-2020-27671 at NVD CVE-2020-27672 at SUSE CVE-2020-27672 at NVD CVE-2020-27674 at SUSE CVE-2020-27674 at NVD CVE-2020-28368 at SUSE CVE-2020-28368 at NVD CVE-2020-29040 at SUSE CVE-2020-29040 at NVD CVE-2020-29480 at SUSE CVE-2020-29480 at NVD CVE-2020-29481 at SUSE CVE-2020-29481 at NVD CVE-2020-29483 at SUSE CVE-2020-29483 at NVD CVE-2020-29484 at SUSE CVE-2020-29484 at NVD CVE-2020-29566 at SUSE CVE-2020-29566 at NVD CVE-2020-29567 at SUSE CVE-2020-29567 at NVD CVE-2020-29570 at SUSE CVE-2020-29570 at NVD CVE-2020-29571 at SUSE CVE-2020-29571 at NVD CVE-2021-0089 at SUSE CVE-2021-0089 at NVD CVE-2021-26401 at SUSE CVE-2021-26401 at NVD CVE-2021-28687 at SUSE CVE-2021-28687 at NVD CVE-2021-28690 at SUSE CVE-2021-28690 at NVD CVE-2021-28692 at SUSE CVE-2021-28692 at NVD CVE-2021-28693 at SUSE CVE-2021-28693 at NVD CVE-2021-28694 at SUSE CVE-2021-28694 at NVD CVE-2021-28695 at SUSE CVE-2021-28695 at NVD CVE-2021-28696 at SUSE CVE-2021-28696 at NVD CVE-2021-28697 at SUSE CVE-2021-28697 at NVD CVE-2021-28698 at SUSE CVE-2021-28698 at NVD CVE-2021-28699 at SUSE CVE-2021-28699 at NVD CVE-2021-28700 at SUSE CVE-2021-28700 at NVD CVE-2021-28701 at SUSE CVE-2021-28701 at NVD CVE-2022-0001 at SUSE CVE-2022-0001 at NVD CVE-2022-0002 at SUSE CVE-2022-0002 at NVD CVE-2022-21123 at SUSE CVE-2022-21123 at NVD CVE-2022-21125 at SUSE CVE-2022-21125 at NVD CVE-2022-21166 at SUSE CVE-2022-21166 at NVD CVE-2022-23033 at SUSE CVE-2022-23033 at NVD CVE-2022-23034 at SUSE CVE-2022-23034 at NVD CVE-2022-23035 at SUSE CVE-2022-23035 at NVD CVE-2022-23816 at SUSE CVE-2022-23816 at NVD CVE-2022-23825 at SUSE CVE-2022-23825 at NVD CVE-2022-26356 at SUSE CVE-2022-26356 at NVD CVE-2022-26357 at SUSE CVE-2022-26357 at NVD CVE-2022-26358 at SUSE CVE-2022-26358 at NVD CVE-2022-26359 at SUSE CVE-2022-26359 at NVD CVE-2022-26360 at SUSE CVE-2022-26360 at NVD CVE-2022-26361 at SUSE CVE-2022-26361 at NVD CVE-2022-26362 at SUSE CVE-2022-26362 at NVD CVE-2022-26363 at SUSE CVE-2022-26363 at NVD CVE-2022-26364 at SUSE CVE-2022-26364 at NVD CVE-2022-27672 at SUSE CVE-2022-27672 at NVD CVE-2022-29900 at SUSE CVE-2022-29900 at NVD CVE-2022-33745 at SUSE CVE-2022-33745 at NVD CVE-2022-33746 at SUSE CVE-2022-33746 at NVD CVE-2022-33747 at SUSE CVE-2022-33747 at NVD CVE-2022-33748 at SUSE CVE-2022-33748 at NVD CVE-2022-40982 at SUSE CVE-2022-40982 at NVD CVE-2022-42309 at SUSE CVE-2022-42309 at NVD CVE-2022-42310 at SUSE CVE-2022-42310 at NVD CVE-2022-42311 at SUSE CVE-2022-42311 at NVD CVE-2022-42312 at SUSE CVE-2022-42312 at NVD CVE-2022-42313 at SUSE CVE-2022-42313 at NVD CVE-2022-42314 at SUSE CVE-2022-42314 at NVD CVE-2022-42315 at SUSE CVE-2022-42315 at NVD CVE-2022-42316 at SUSE CVE-2022-42316 at NVD CVE-2022-42317 at SUSE CVE-2022-42317 at NVD CVE-2022-42318 at SUSE CVE-2022-42318 at NVD CVE-2022-42319 at SUSE CVE-2022-42319 at NVD CVE-2022-42320 at SUSE CVE-2022-42320 at NVD CVE-2022-42321 at SUSE CVE-2022-42321 at NVD CVE-2022-42322 at SUSE CVE-2022-42322 at NVD CVE-2022-42323 at SUSE CVE-2022-42323 at NVD CVE-2022-42325 at SUSE CVE-2022-42325 at NVD CVE-2022-42326 at SUSE CVE-2022-42326 at NVD CVE-2022-42327 at SUSE CVE-2022-42327 at NVD CVE-2022-42330 at SUSE CVE-2022-42330 at NVD CVE-2022-42331 at SUSE CVE-2022-42331 at NVD CVE-2022-42332 at SUSE CVE-2022-42332 at NVD CVE-2022-42333 at SUSE CVE-2022-42333 at NVD CVE-2022-42334 at SUSE CVE-2022-42334 at NVD CVE-2022-42335 at SUSE CVE-2022-42335 at NVD CVE-2022-42336 at SUSE CVE-2022-42336 at NVD CVE-2023-20569 at SUSE CVE-2023-20569 at NVD CVE-2023-20593 at SUSE CVE-2023-20593 at NVD cpe:/o:suse:sle-micro:5.5 zypper-1.14.63-150400.3.29.1 on GA media (Moderate) SUSE Linux Enterprise Micro 5.5 These are all security issues fixed in the zypper-1.14.63-150400.3.29.1 package on the GA media of SUSE Linux Enterprise Micro 5.5. Moderate CVE-2017-7436 at SUSE CVE-2017-7436 at NVD CVE-2017-9269 at SUSE CVE-2017-9269 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2023-3301: Fixed incorrect cleanup of the vdpa/vhost-net structures if peer nic is present (bsc#1213414). - CVE-2023-0330: Fixed reentrancy issues in the LSI controller (bsc#1207205). - CVE-2023-2861: Fixed opening special files in 9pfs (bsc#1212968). - CVE-2023-3255: Fixed infinite loop in inflate_buffer() leads to denial of service (bsc#1213001). Bugfixes: - hw/ide/piix: properly initialize the BMIBA register (bsc#bsc#1179993) - Fixed issue where Guest did not run on XEN SLES15SP2 (bsc#1181740). Important SUSE bug 1179993 SUSE bug 1181740 SUSE bug 1207205 SUSE bug 1212968 SUSE bug 1213001 SUSE bug 1213414 CVE-2023-0330 at SUSE CVE-2023-0330 at NVD CVE-2023-2861 at SUSE CVE-2023-2861 at NVD CVE-2023-3255 at SUSE CVE-2023-3255 at NVD CVE-2023-3301 at SUSE CVE-2023-3301 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768). Important SUSE bug 1214768 CVE-2023-39615 at SUSE CVE-2023-39615 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cups (Important) SUSE Linux Enterprise Micro 5.5 This update for cups fixes the following issues: - CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing (bsc#1215204). - CVE-2023-32360: Fixed Information leak through Cups-Get-Document operation (bsc#1214254). Important SUSE bug 1214254 SUSE bug 1215204 CVE-2023-32360 at SUSE CVE-2023-32360 at NVD CVE-2023-4504 at SUSE CVE-2023-4504 at NVD cpe:/o:suse:sle-micro:5.5 Security update for containerd (Important) SUSE Linux Enterprise Micro 5.5 This update of containerd fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). Important SUSE bug 1212475 cpe:/o:suse:sle-micro:5.5 Security update for supportutils (Moderate) SUSE Linux Enterprise Micro 5.5 This update for supportutils fixes the following issues: Security fixes: - CVE-2022-45154: Removed iSCSI passwords (bsc#1207598). Other Fixes: - Changes in version 3.1.26 + powerpc plugin to collect the slots and active memory (bsc#1210950) + A Cleartext Storage of Sensitive Information vulnerability CVE-2022-45154 + supportconfig: collect BPF information (pr#154) + Added additional iscsi information (pr#155) - Added run time detection (bsc#1213127) - Changes for supportutils version 3.1.25 + Removed iSCSI passwords CVE-2022-45154 (bsc#1207598) + powerpc: Collect lsslot,amsstat, and opal elogs (pr#149) + powerpc: collect invscout logs (pr#150) + powerpc: collect RMC status logs (pr#151) + Added missing nvme nbft commands (bsc#1211599) + Fixed invalid nvme commands (bsc#1211598) + Added missing podman information (PED-1703, bsc#1181477) + Removed dependency on sysfstools + Check for systool use (bsc#1210015) + Added selinux checking (bsc#1209979) + Updated SLES_VER matrix - Fixed missing status detail for apparmor (bsc#1196933) - Corrected invalid argument list in docker.txt (bsc#1206608) - Applies limit equally to sar data and text files (bsc#1207543) - Collects hwinfo hardware logs (bsc#1208928) - Collects lparnumascore logs (issue#148) - Add dependency to `numactl` on ppc64le and `s390x`, this enforces that `numactl --hardware` data is provided in supportconfigs - Changes to supportconfig.rc version 3.1.11-35 + Corrected _sanitize_file to include iscsi.conf and others (bsc#1206402) - Changes to supportconfig version 3.1.11-46.4 + Added plymouth_info - Changes to getappcore version 1.53.02 + The location of chkbin was updated earlier. This documents that change (bsc#1205533, bsc#1204942) Moderate SUSE bug 1181477 SUSE bug 1196933 SUSE bug 1204942 SUSE bug 1205533 SUSE bug 1206402 SUSE bug 1206608 SUSE bug 1207543 SUSE bug 1207598 SUSE bug 1208928 SUSE bug 1209979 SUSE bug 1210015 SUSE bug 1210950 SUSE bug 1211598 SUSE bug 1211599 SUSE bug 1213127 CVE-2022-45154 at SUSE CVE-2022-45154 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692). Important SUSE bug 1214692 CVE-2023-40217 at SUSE CVE-2023-40217 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Important) SUSE Linux Enterprise Micro 5.5 This update of runc fixes the following issues: - Update to runc v1.1.8. Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.1.8>. - rebuild the package with the go 1.21 security release (bsc#1212475). Important SUSE bug 1212475 cpe:/o:suse:sle-micro:5.5 Security update for libeconf (Important) SUSE Linux Enterprise Micro 5.5 This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econf_writeFile' function (bsc#1211078). - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'read_file' function. (bsc#1211078) Important SUSE bug 1211078 CVE-2023-22652 at SUSE CVE-2023-22652 at NVD CVE-2023-30078 at SUSE CVE-2023-30078 at NVD CVE-2023-30079 at SUSE CVE-2023-30079 at NVD CVE-2023-32181 at SUSE CVE-2023-32181 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libX11 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libX11 fixes the following issues: - CVE-2023-43786: Fixed stack exhaustion from infinite recursion in PutSubImage() (bsc#1215684). - CVE-2023-43787: Fixed integer overflow in XCreateImage() leading to a heap overflow (bsc#1215685). - CVE-2023-43785: Fixed out-of-bounds memory access in _XkbReadKeySyms() (bsc#1215683). Moderate SUSE bug 1215683 SUSE bug 1215684 SUSE bug 1215685 CVE-2023-43785 at SUSE CVE-2023-43785 at NVD CVE-2023-43786 at SUSE CVE-2023-43786 at NVD CVE-2023-43787 at SUSE CVE-2023-43787 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service (bsc#1203330). - CVE-2022-40133: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service (bsc#1203329). - CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel (bsc#1210448). - CVE-2023-20588: Fixed a division-by-zero error on some AMD processors that can potentially return speculative data resulting in loss of confidentiality (bsc#1213927). - CVE-2023-34319: Fixed buffer overrun triggered by unusual packet in xen/netback (XSA-432) (bsc#1213546). - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). - CVE-2023-37453: Fixed oversight in SuperSpeed initialization (bsc#1213123). - CVE-2023-3772: Fixed a flaw in XFRM subsystem that may have allowed a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer leading to a possible kernel crash and denial of service (bsc#1213666). - CVE-2023-3863: Fixed a use-after-free flaw was found in nfc_llcp_find_local that allowed a local user with special privileges to impact a kernel information leak issue (bsc#1213601). - CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb (bsc#1214233). - CVE-2023-4128: Fixed a use-after-free flaw in net/sched/cls_fw.c that allowed a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue (bsc#1214149). - CVE-2023-4133: Fixed use after free bugs caused by circular dependency problem in cxgb4 (bsc#1213970). - CVE-2023-4134: Fixed use-after-free in cyttsp4_watchdog_work() (bsc#1213971). - CVE-2023-4147: Fixed use-after-free in nf_tables_newrule (bsc#1213968). - CVE-2023-4194: Fixed a type confusion in net tun_chr_open() (bsc#1214019). - CVE-2023-4273: Fixed a flaw in the exFAT driver of the Linux kernel that alloawed a local privileged attacker to overflow the kernel stack (bsc#1214120). - CVE-2023-4387: Fixed use-after-free flaw in vmxnet3_rq_alloc_rx_buf that could allow a local attacker to crash the system due to a double-free (bsc#1214350). - CVE-2023-4459: Fixed a NULL pointer dereference flaw in vmxnet3_rq_cleanup that may have allowed a local attacker with normal user privilege to cause a denial of service (bsc#1214451). - CVE-2023-4563: Fixed use-after-free in nft_verdict_dump due to a race between set GC and transaction (bsc#1214727). - CVE-2023-4569: Fixed information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c (bsc#1214729). The following non-security bugs were fixed: - ACPI/IORT: Update SMMUv3 DeviceID support (bsc#1214305). - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily (git-fixes). - ACPI: processor: perflib: Use the 'no limit' frequency QoS (git-fixes). - ACPI: x86: s2idle: Fix a logic error parsing AMD constraints table (git-fixes). - ALSA: ac97: Fix possible error value of *rac97 (git-fixes). - ALSA: hda/cs8409: Support new Dell Dolphin Variants (git-fixes). - ALSA: hda/realtek - Remodified 3k pull low procedure (git-fixes). - ALSA: hda/realtek: Add quirk for HP Victus 16-d1xxx to enable mute LED (git-fixes). - ALSA: hda/realtek: Add quirk for mute LEDs on HP ENVY x360 15-eu0xxx (git-fixes). - ALSA: hda/realtek: Add quirks for HP G11 Laptops (git-fixes). - ALSA: hda/realtek: Switch Dell Oasis models to use SPI (git-fixes). - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl (git-fixes). - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces (git-fixes). - ALSA: usb-audio: Fix init call orders for UAC1 (git-fixes). - ALSA: ymfpci: Fix the missing snd_card_free() call at probe error (git-fixes). - ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings (git-fixes). - ARM: dts: imx6sll: fixup of operating points (git-fixes). - ARM: spear: Do not use timer namespace for timer_shutdown() function (bsc#1213970). - ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion (git-fixes). - ASoC: amd: yc: Fix a non-functional mic on Lenovo 82SJ (git-fixes). - ASoC: lower 'no backend DAIs enabled for ... Port' log severity (git-fixes). - ASoC: meson: axg-tdm-formatter: fix channel slot allocation (git-fixes). - ASoC: rt5665: add missed regulator_bulk_disable (git-fixes). - ASoC: stac9766: fix build errors with REGMAP_AC97 (git-fixes). - ASoC: tegra: Fix SFC conversion for few rates (git-fixes). - Bluetooth: Fix potential use-after-free when clear keys (git-fixes). - Bluetooth: L2CAP: Fix use-after-free (git-fixes). - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (git-fixes). - Bluetooth: Remove unused declaration amp_read_loc_info() (git-fixes). - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally (git-fixes). - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave() (git-fixes). - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe() (git-fixes). - CONFIG_NVME_VERBOSE_ERRORS=y gone with a82baa8083b - CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 gone with 7e152d55123 - Created new preempt kernel flavor Configs are cloned from the respective $arch/default configs. All changed configs appart from CONFIG_PREEMPT->y are a result of dependencies, namely many lock/unlock primitives are no longer inlined in the preempt kernel. TREE_RCU has been also changed to PREEMPT_RCU which is the default implementation for PREEMPT kernel. - Documentation: devices.txt: Fix minors for ttyCPM* (git-fixes). - Documentation: devices.txt: Remove ttyIOC* (git-fixes). - Documentation: devices.txt: Remove ttySIOC* (git-fixes). - Drivers: hv: Do not remap addresses that are above shared_gpa_boundary (bsc#1206453). - Drivers: hv: Enable vmbus driver for nested root partition (bsc#1206453). - Drivers: hv: Explicitly request decrypted in vmap_pfn() calls (bsc#1206453). - Drivers: hv: Setup synic registers in case of nested root partition (bsc#1206453). - Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (bsc#1206453). - Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages (bsc#1206453). - Drivers: hv: vmbus: Remove second way of mapping ring buffers (bsc#1206453). - Drivers: hv: vmbus: Remove the per-CPU post_msg_page (bsc#1206453). - Drop amdgpu patch causing spamming (bsc#1215523) - Drop cfg80211 lock fix patches that caused a regression (bsc#1213757) - Drop rtsx patch that caused a regression (bsc#1214397,bsc#1214428) - Enable Analog Devices Industrial Ethernet PHY driver (jsc#PED-4759) - HID: add quirk for 03f0:464a HP Elite Presenter Mouse (git-fixes). - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode() (git-fixes). - HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL Keyboard (git-fixes). - HID: multitouch: Correct devm device reference for hidinput input_dev name (git-fixes). - HID: wacom: remove the battery when the EKR is off (git-fixes). - HWPOISON: offline support: fix spelling in Documentation/ABI/ (git-fixes). - IB/hfi1: Fix possible panic during hotplug remove (git-fixes) - IB/uverbs: Fix an potential error pointer dereference (git-fixes) - Input: exc3000 - properly stop timer on shutdown (git-fixes). - KVM: s390: fix sthyi error handling (git-fixes bsc#1214370). - Kbuild: add -Wno-shift-negative-value where -Wextra is used (bsc#1214756). - Kbuild: move to -std=gnu11 (bsc#1214756). - PCI/ASPM: Avoid link retraining race (git-fixes). - PCI/ASPM: Factor out pcie_wait_for_retrain() (git-fixes). - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). - PCI: Mark NVIDIA T4 GPUs to avoid bus reset (git-fixes). - PCI: acpiphp: Reassign resources on bridge if necessary (git-fixes). - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus (git-fixes). - PCI: hv: Enable PCI pass-thru devices in Confidential VMs (bsc#1206453). - PCI: hv: Replace retarget_msi_interrupt_params with (bsc#1206453). - PCI: meson: Remove cast between incompatible function type (git-fixes). - PCI: microchip: Correct the DED and SEC interrupt bit offsets (git-fixes). - PCI: microchip: Remove cast between incompatible function type (git-fixes). - PCI: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). - PCI: rockchip: Remove writes to unused registers (git-fixes). - PCI: s390: Fix use-after-free of PCI resources with per-function hotplug (git-fixes). - PCI: tegra194: Fix possible array out of bounds access (git-fixes). - PM / devfreq: Fix leak in devfreq_dev_release() (git-fixes). - RDMA/bnxt_re: Fix error handling in probe failure path (git-fixes) - RDMA/bnxt_re: Fix max_qp count for virtual functions (git-fixes) - RDMA/efa: Fix wrong resources deallocation order (git-fixes) - RDMA/hns: Fix CQ and QP cache affinity (git-fixes) - RDMA/hns: Fix incorrect post-send with direct wqe of wr-list (git-fixes) - RDMA/hns: Fix port active speed (git-fixes) - RDMA/irdma: Prevent zero-length STAG registration (git-fixes) - RDMA/irdma: Replace one-element array with flexible-array member (git-fixes) - RDMA/mlx5: Return the firmware result upon destroying QP/RQ (git-fixes) - RDMA/qedr: Remove a duplicate assignment in irdma_query_ah() (git-fixes) - RDMA/siw: Balance the reference of cep->kref in the error path (git-fixes) - RDMA/siw: Correct wrong debug message (git-fixes) - RDMA/umem: Set iova in ODP flow (git-fixes) - README.BRANCH: Add Miroslav Franc as a SLE15-SP4 co-maintainer. - Revert 'IB/isert: Fix incorrect release of isert connection' (git-fixes) - Revert 'tracing: Add '(fault)' name injection to kernel probes' (git-fixes). - SMB3: Do not send lease break acknowledgment if all file handles have been closed (git-fixes). - Update patches.suse/cpufreq-intel_pstate-Fix-cpu-pstate.turbo_freq-initi.patch (git-fixes bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - amba: bus: fix refcount leak (git-fixes). - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux (git-fixes). - arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict (git-fixes). - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4 (git-fixes). - audit: fix possible soft lockup in __audit_inode_child() (git-fixes). - backlight/bd6107: Compare against struct fb_info.device (git-fixes). - backlight/gpio_backlight: Compare against struct fb_info.device (git-fixes). - backlight/lv5207lp: Compare against struct fb_info.device (git-fixes). - batman-adv: Do not get eth header before batadv_check_management_packet (git-fixes). - batman-adv: Do not increase MTU when set by user (git-fixes). - batman-adv: Fix TT global entry leak when client roamed back (git-fixes). - batman-adv: Fix batadv_v_ogm_aggr_send memory leak (git-fixes). - batman-adv: Hold rtnl lock during MTU update via netlink (git-fixes). - batman-adv: Trigger events for auto adjusted MTU (git-fixes). - bnx2x: fix page fault following EEH recovery (bsc#1214299). - bpf: Disable preemption in bpf_event_output (git-fixes). - bpftool: Print newline before '}' for struct with padding only fields (bsc#1211220 jsc#PED-3924). - bus: mhi: host: Skip MHI reset if device is in RDDM (git-fixes). - bus: ti-sysc: Fix build warning for 64-bit build (git-fixes). - bus: ti-sysc: Fix cast to enum warning (git-fixes). - bus: ti-sysc: Flush posted write on enable before reset (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM (git-fixes). - ceph: defer stopping mdsc delayed_work (bsc#1214392). - ceph: do not check for quotas on MDS stray dirs (bsc#1214238). - ceph: never send metrics if disable_send_metrics is set (bsc#1214180). - check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). gcc7 on SLE 15 does not support this while later gcc does. - cifs: add missing return value check for cifs_sb_tlink (bsc#1193629). - cifs: allow dumping keys for directories too (bsc#1193629). - cifs: fix mid leak during reconnection after timeout threshold (git-fixes). - cifs: if deferred close is disabled then close files immediately (git-fixes). - cifs: is_network_name_deleted should return a bool (bsc#1193629). - cifs: update internal module version number for cifs.ko (bsc#1193629). - clk: Fix slab-out-of-bounds error in devm_clk_release() (git-fixes). - clk: Fix undefined reference to `clk_rate_exclusive_{get,put}' (git-fixes). - clk: imx8mp: fix sai4 clock (git-fixes). - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op (git-fixes). - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz (git-fixes). - clk: qcom: camcc-sc7180: fix async resume during probe (git-fixes). - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock (git-fixes). - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src (git-fixes). - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src (git-fixes). - clk: sunxi-ng: Modify mismatched function name (git-fixes). - clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown() function (bsc#1213970). - clocksource/drivers/hyper-v: Rework clocksource and sched clock setup (bsc#1206453). - clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown() function (bsc#1213970). - clocksource: hyper-v: Add TSC page support for root partition (bsc#1206453). - clocksource: hyper-v: Introduce TSC PFN getter (bsc#1206453). - clocksource: hyper-v: Introduce a pointer to TSC page (bsc#1206453). - clocksource: hyper-v: Use TSC PFN getter to map vvar page (bsc#1206453). - clocksource: hyper-v: make sure Invariant-TSC is used if it is (bsc#1206453). - cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Remove topology_smt_supported() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Store the current/max number of threads (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpufreq: Fix the race condition while updating the transition_task of policy (git-fixes). - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids (bsc#1214659). - cpufreq: intel_pstate: Enable HWP IO boost for all servers (bsc#1208949 jsc#PED-6003 jsc#PED-6004). - cpufreq: intel_pstate: Fix scaling for hybrid-capable systems with disabled E-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - cpufreq: intel_pstate: Read all MSRs on the target CPU (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - cpufreq: intel_pstate: hybrid: Rework HWP calibration (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - crypto: caam - fix unchecked return value error (git-fixes). - crypto: stm32 - Properly handle pm_runtime_get failing (git-fixes). - define more Hyper-V related constants (bsc#1206453). - dma-buf/sw_sync: Avoid recursive lock during fence signal (git-fixes). - dma-buf/sync_file: Fix docs syntax (git-fixes). - dmaengine: idxd: Modify the dependence of attribute pasid_enabled (git-fixes). - dmaengine: mcf-edma: Fix a potential un-allocated memory access (git-fixes). - dmaengine: pl330: Return DMA_PAUSED when transaction is paused (git-fixes). - dmaengine: ste_dma40: Add missing IRQ check in d40_probe (git-fixes). - docs/process/howto: Replace C89 with C11 (bsc#1214756). - docs: kernel-parameters: Refer to the correct bitmap function (git-fixes). - docs: networking: replace skb_hwtstamp_tx with skb_tstamp_tx (git-fixes). - docs: printk-formats: Fix hex printing of signed values (git-fixes). - driver core: test_async: fix an error code (git-fixes). - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init() (git-fixes). - drivers: usb: smsusb: fix error handling code in smsusb_init_device (git-fixes). - drm/amd/display: Apply 60us prefetch for DCFCLK &lt;= 300Mhz (git-fixes). - drm/amd/display: Disable phantom OTG after enable for plane disable (git-fixes). - drm/amd/display: Do not set drr on pipe commit (git-fixes). - drm/amd/display: Enable dcn314 DPP RCO (git-fixes). - drm/amd/display: Ensure that planes are in the same order (git-fixes). - drm/amd/display: Implement workaround for writing to OTG_PIXEL_RATE_DIV register (git-fixes). - drm/amd/display: Retain phantom plane/stream if validation fails (git-fixes). - drm/amd/display: Skip DPP DTO update if root clock is gated (git-fixes). - drm/amd/display: Use update plane and stream routine for DCN32x (git-fixes). - drm/amd/display: check TG is non-null before checking if enabled (git-fixes). - drm/amd/display: check attr flag before set cursor degamma on DCN3+ (git-fixes). - drm/amd/display: disable RCO for DCN314 (git-fixes). - drm/amd/display: do not wait for mpc idle if tg is disabled (git-fixes). - drm/amd/display: fix access hdcp_workqueue assert (git-fixes). - drm/amd/display: fix the build when DRM_AMD_DC_DCN is not set (git-fixes). - drm/amd/display: limit DPIA link rate to HBR3 (git-fixes). - drm/amd/display: phase3 mst hdcp for multiple displays (git-fixes). - drm/amd/display: save restore hdcp state when display is unplugged from mst hub (git-fixes). - drm/amd/display: trigger timing sync only if TG is running (git-fixes). - drm/amd/pm/smu7: move variables to where they are used (git-fixes). - drm/amd/pm: avoid unintentional shutdown due to temperature momentary fluctuation (git-fixes). - drm/amd/pm: expose swctf threshold setting for legacy powerplay (git-fixes). - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create() (git-fixes). - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock settings (git-fixes). - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings (git-fixes). - drm/amd/pm: skip the RLC stop when S0i3 suspend for SMU v13.0.4/11 (git-fixes). - drm/amd: Disable S/G for APUs when 64GB or more host memory (git-fixes). - drm/amd: flush any delayed gfxoff on suspend entry (git-fixes). - drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7 (git-fixes). - drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (git-fixes). - drm/amdgpu: Fix potential fence use-after-free v2 (git-fixes). - drm/amdgpu: Remove unnecessary domain argument (git-fixes). - drm/amdgpu: Use RMW accessors for changing LNKCTL (git-fixes). - drm/amdgpu: add S/G display parameter (git-fixes). - drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-fixes). - drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar() (git-fixes). - drm/amdgpu: fix calltrace warning in amddrm_buddy_fini (git-fixes). - drm/amdgpu: fix memory leak in mes self test (git-fixes). - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() (git-fixes). - drm/amdgpu: install stub fence into potential unused fence pointers (git-fixes). - drm/amdgpu: keep irq count in amdgpu_irq_disable_all (git-fixes). - drm/amdgpu: skip fence GFX interrupts disable/enable for S0ix (git-fixes). - drm/armada: Fix off-by-one error in armada_overlay_get_property() (git-fixes). - drm/ast: Fix DRAM init on AST2200 (git-fixes). - drm/atomic-helper: Update reference to drm_crtc_force_disable_all() (git-fixes). - drm/bridge: anx7625: Drop device lock before drm_helper_hpd_irq_event() (git-fixes). - drm/bridge: anx7625: Use common macros for DP power sequencing commands (git-fixes). - drm/bridge: anx7625: Use common macros for HDCP capabilities (git-fixes). - drm/bridge: fix -Wunused-const-variable= warning (git-fixes). - drm/bridge: tc358764: Fix debug print parameter order (git-fixes). - drm/etnaviv: fix dumping of active MMU context (git-fixes). - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers (git-fixes). - drm/i915/sdvo: fix panel_type initialization (git-fixes). - drm/i915: Fix premature release of request's reusable memory (git-fixes). - drm/mediatek: Fix dereference before null check (git-fixes). - drm/mediatek: Fix potential memory leak if vmap() fail (git-fixes). - drm/mediatek: Remove freeing not dynamic allocated memory (git-fixes). - drm/msm/a2xx: Call adreno_gpu_init() earlier (git-fixes). - drm/msm/dpu: fix the irq index in dpu_encoder_phys_wb_wait_for_commit_done (git-fixes). - drm/msm/mdp5: Do not leak some plane state (git-fixes). - drm/msm: Update dev core dump to not print backwards (git-fixes). - drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() (git-fixes). - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (git-fixes). - drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create (bsc#1214073). - drm/nouveau/gr: enable memory loads on helper invocation on all channels (git-fixes). - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues (git-fixes). - drm/panel: simple: Add missing connector type and pixel format for AUO T215HVN01 (git-fixes). - drm/panel: simple: Fix AUO G121EAN01 panel timings according to the docs (git-fixes). - drm/qxl: fix UAF on handle creation (git-fixes). - drm/radeon: Use RMW accessors for changing LNKCTL (git-fixes). - drm/repaper: Reduce temporary buffer size in repaper_fb_dirty() (git-fixes). - drm/rockchip: Do not spam logs in atomic check (git-fixes). - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap() (git-fixes). - drm/stm: ltdc: fix late dereference check (git-fixes). - drm/tegra: dpaux: Fix incorrect return value of platform_get_irq (git-fixes). - drm/ttm: check null pointer before accessing when swapping (git-fixes). - drm/ttm: never consider pinned BOs for eviction&swap (git-fixes). - drm/vmwgfx: Fix shader stage validation (git-fixes). - drm: adv7511: Fix low refresh rate register for ADV7533/5 (git-fixes). - drm: rcar-du: remove R-Car H3 ES1.* workarounds (git-fixes). - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask (git-fixes). - dt-bindings: clock: xlnx,versal-clk: drop select:false (git-fixes). - dt-bindings: clocks: imx8mp: make sai4 a dummy clock (git-fixes). - dt-bindings: crypto: ti,sa2ul: make power-domains conditional (git-fixes). - e1000: Fix typos in comments (jsc#PED-5738). - e1000: Remove unnecessary use of kmap_atomic() (jsc#PED-5738). - e1000: switch to napi_build_skb() (jsc#PED-5738). - e1000: switch to napi_consume_skb() (jsc#PED-5738). - exfat: fix unexpected EOF while reading dir (bsc#1214000). - exfat: release s_lock before calling dir_emit() (bsc#1214000). - exfat_iterate(): do not open-code file_inode(file) (bsc#1214000). - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev (git-fixes). - fbdev: Fix sys_imageblit() for arbitrary image widths (git-fixes). - fbdev: Improve performance of sys_imageblit() (git-fixes). - fbdev: Update fbdev source file paths (git-fixes). - fbdev: fix potential OOB read in fast_imageblit() (git-fixes). - fbdev: mmp: fix value check in mmphw_probe() (git-fixes). - file: reinstate f_pos locking optimization for regular files (bsc#1213759). - firmware: arm_scmi: Drop OF node reference in the transport channel setup (git-fixes). - firmware: cs_dsp: Fix new control name check (git-fixes). - firmware: meson_sm: fix to avoid potential NULL pointer dereference (git-fixes). - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes). - fprobe: Release rethook after the ftrace_ops is unregistered (git-fixes). - fprobe: add unlock to match a succeeded ftrace_test_recursion_trylock (git-fixes). - fs/sysv: Null check to prevent null-ptr-deref bug (git-fixes). - fsi: aspeed: Reset master errors after CFAM reset (git-fixes). - fsi: master-ast-cf: Add MODULE_FIRMWARE macro (git-fixes). - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() (git-fixes). - gpio: mvebu: Make use of devm_pwmchip_add (git-fixes). - gpio: mvebu: fix irq domain leak (git-fixes). - gpio: tps68470: Make tps68470_gpio_output() always set the initial value (git-fixes). - hv_netvsc: Remove second mapping of send and recv buffers (bsc#1206453). - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100 (git-fixes). - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible() (git-fixes). - hwrng: iproc-rng200 - Implement suspend and resume calls (git-fixes). - hwrng: nomadik - keep clock enabled while hwrng is registered (git-fixes). - hwrng: pic32 - use devm_clk_get_enabled (git-fixes). - i2c: Delete error messages for failed memory allocations (git-fixes). - i2c: Improve size determinations (git-fixes). - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue (git-fixes). - i2c: designware: Correct length byte validation logic (git-fixes). - i2c: designware: Handle invalid SMBus block data response length value (git-fixes). - i2c: hisi: Only handle the interrupt of the driver's transfer (git-fixes). - i2c: nomadik: Remove a useless call in the remove function (git-fixes). - i2c: nomadik: Remove unnecessary goto label (git-fixes). - i2c: nomadik: Use devm_clk_get_enabled() (git-fixes). - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes). - iavf: fix potential races for FDIR filters (git-fixes). - ice: Fix RDMA VSI removal during queue rebuild (git-fixes). - ice: Fix crash by keep old cfg when update TCs more than queues (git-fixes). - ice: Fix max_rate check while configuring TX rate limits (git-fixes). - ice: Fix memory management in ice_ethtool_fdir.c (git-fixes). - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match (git-fixes). - iio: adc: stx104: Implement and utilize register structures (git-fixes). - iio: adc: stx104: Utilize iomap interface (git-fixes). - iio: cros_ec: Fix the allocation size for cros_ec_command (git-fixes). - intel/e1000:fix repeated words in comments (jsc#PED-5738). - intel: remove unused macros (jsc#PED-5738). - iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd: Add PCI segment support for ivrs_ commands (git-fixes). - iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support (bsc#1212423). - iommu/amd: Do not identity map v2 capable device when snp is enabled (git-fixes). - iommu/amd: Fix compile warning in init code (git-fixes). - iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options (git-fixes). - iommu/amd: Fix ivrs_acpihid cmdline parsing code (git-fixes). - iommu/amd: Fix pci device refcount leak in ppr_notifier() (git-fixes). - iommu/amd: use full 64-bit value in build_completion_wait() (git-fixes). - iommu/arm-smmu-v3: Make default domain type of HiSilicon PTT device to identity (git-fixes). - iommu/arm-smmu-v3: check return value after calling platform_get_resource() (git-fixes). - iommu/arm-smmu-v3: fix event handling soft lockup (git-fixes). - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() (git-fixes). - iommu/dart: Initialize DART_STREAMS_ENABLE (git-fixes). - iommu/dma: Fix incorrect error return on iommu deferred attach (git-fixes). - iommu/dma: Fix iova map result check bug (git-fixes). - iommu/dma: return error code from iommu_dma_map_sg() (git-fixes). - iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() (git-fixes). - iommu/io-pgtable-arm-v7s: Add a quirk to allow pgtable PA up to 35bit (git-fixes). - iommu/iova: Fix module config properly (git-fixes). - iommu/mediatek: Add error path for loop of mm_dts_parse (git-fixes). - iommu/mediatek: Add platform_device_put for recovering the device refcnt (git-fixes). - iommu/mediatek: Check return value after calling platform_get_resource() (git-fixes). - iommu/mediatek: Set dma_mask for PGTABLE_PA_35_EN (git-fixes). - iommu/mediatek: Use component_match_add (git-fixes). - iommu/mediatek: Validate number of phandles associated with 'mediatek,larbs' (git-fixes). - iommu/omap: Fix buffer overflow in debugfs (git-fixes). - iommu/rockchip: fix permission bits in page table entries v2 (git-fixes). - iommu/s390: Fix duplicate domain attachments (git-fixes). - iommu/sun50i: Consider all fault sources for reset (git-fixes). - iommu/sun50i: Fix R/W permission check (git-fixes). - iommu/sun50i: Fix flush size (git-fixes). - iommu/sun50i: Fix reset release (git-fixes). - iommu/sun50i: Implement .iotlb_sync_map (git-fixes). - iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY (git-fixes). - iommu/vt-d: Add RPLS to quirk list to skip TE disabling (git-fixes). - iommu/vt-d: Check correct capability for sagaw determination (git-fixes). - iommu/vt-d: Clean up si_domain in the init_dmars() error path (git-fixes). - iommu/vt-d: Correctly calculate sagaw value of IOMMU (git-fixes). - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() (git-fixes). - iommu/vt-d: Fix PCI device refcount leak in has_external_pci() (git-fixes). - iommu/vt-d: Fix kdump kernels boot failure with scalable mode (git-fixes). - iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging entries (git-fixes). - iommu/vt-d: Set SRE bit only when hardware has SRS cap (git-fixes). - ipmi:ssif: Add check for kstrdup (git-fixes). - ipmi:ssif: Fix a memory leak when scanning for an adapter (git-fixes). - ipmi_si: fix a memleak in try_smi_init() (git-fixes). - jffs2: correct logic when creating a hole in jffs2_write_begin (git-fixes). - kabi/severities: Ignore newly added SRSO mitigation functions - kabi: Allow extra bugsints (bsc#1213927). - kernel-binary: Common dependencies cleanup Common dependencies are copied to a subpackage, there is no need for copying defines or build dependencies there. - kernel-binary: Drop code for kerntypes support Kerntypes was a SUSE-specific feature dropped before SLE 12. - kunit: make kunit_test_timeout compatible with comment (git-fixes). - leds: Fix BUG_ON check for LED_COLOR_ID_MULTI that is always false (git-fixes). - leds: multicolor: Use rounded division when calculating color components (git-fixes). - leds: pwm: Fix error code in led_pwm_create_fwnode() (git-fixes). - leds: trigger: tty: Do not use LED_ON/OFF constants, use led_blink_set_oneshot instead (git-fixes). - leds: turris-omnia: Drop unnecessary mutex locking (git-fixes). - lib/test_meminit: allocate pages up to order MAX_ORDER (git-fixes). - lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test (git-fixes). - libbpf: Fix BTF-to-C converter's padding logic (bsc#1211220 jsc#PED-3924). - libbpf: Fix btf_dump's packed struct determination (bsc#1211220 jsc#PED-3924). - libbpf: Fix single-line struct definition output in btf_dump (bsc#1211220 jsc#PED-3924). - libceph: fix potential hang in ceph_osdc_notify() (bsc#1214393). - md/raid0: Factor out helper for mapping and submitting a bio (bsc#1213916). - md/raid0: Fix performance regression for large sequential writes (bsc#1213916). - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables (git-fixes). - media: cx24120: Add retval check for cx24120_message_send() (git-fixes). - media: dib7000p: Fix potential division by zero (git-fixes). - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() (git-fixes). - media: go7007: Remove redundant if statement (git-fixes). - media: i2c: ccs: Check rules is non-NULL (git-fixes). - media: i2c: rdacm21: Fix uninitialized value (git-fixes). - media: i2c: tvp5150: check return value of devm_kasprintf() (git-fixes). - media: ov2680: Add ov2680_fill_format() helper function (git-fixes). - media: ov2680: Do not take the lock for try_fmt calls (git-fixes). - media: ov2680: Fix ov2680_bayer_order() (git-fixes). - media: ov2680: Fix ov2680_set_fmt() which == V4L2_SUBDEV_FORMAT_TRY not working (git-fixes). - media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors (git-fixes). - media: ov2680: Fix vflip / hflip set functions (git-fixes). - media: ov2680: Remove VIDEO_V4L2_SUBDEV_API ifdef-s (git-fixes). - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi() (git-fixes). - media: rkvdec: increase max supported height for H.264 (git-fixes). - media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() (git-fixes). - media: v4l2-mem2mem: add lock to protect parameter num_rdy (git-fixes). - media: venus: hfi_venus: Only consider sys_idle_indicator on V1 (git-fixes). - media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking interrupts (git-fixes). - misc: rtsx: judge ASPM Mode to set PETXCFG Reg (git-fixes). - mkspec: Allow unsupported KMPs (bsc#1214386) - mlxsw: pci: Add shutdown method in PCI driver (git-fixes). - mmc: block: Fix in_flight[issue_type] value error (git-fixes). - mmc: moxart: read scr register without changing byte order (git-fixes). - mmc: wbsd: fix double mmc_free_host() in wbsd_init() (git-fixes). - module: avoid allocation if module is already present and ready (bsc#1213921). - module: extract patient module check into helper (bsc#1213921). - module: move check_modinfo() early to early_mod_check() (bsc#1213921). - module: move early sanity checks into a helper (bsc#1213921). - mtd: rawnand: brcmnand: Fix crash during the panic_write (git-fixes). - mtd: rawnand: brcmnand: Fix mtd oobsize (git-fixes). - mtd: rawnand: brcmnand: Fix potential false time out warning (git-fixes). - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write (git-fixes). - mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() (git-fixes). - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume() (git-fixes). - mtd: rawnand: omap_elm: Fix incorrect type in assignment (git-fixes). - mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts (git-fixes). - mtd: rawnand: rockchip: fix oobfree offset and description (git-fixes). - mtd: spi-nor: Check bus width while setting QE bit (git-fixes). - mtd: spinand: toshiba: Fix ecc_get_status (git-fixes). - n_tty: Rename tail to old_tail in n_tty_read() (git-fixes). - net: hns3: fix wrong bw weight of disabled tc issue (git-fixes). - net: ieee802154: at86rf230: Stop leaking skb's (git-fixes). - net: mana: Fix MANA VF unload when hardware is unresponsive (git-fixes). - net: phy: at803x: remove set/get wol callbacks for AR8032 (git-fixes). - net: phy: broadcom: stub c45 read/write for 54810 (git-fixes). - net: phy: fix IRQ-based wake-on-lan over hibernate / power off (git-fixes). - net: stmmac: tegra: Properly allocate clock bulk data (bsc#1213733) - net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs (git-fixes). - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb (git-fixes). - netfs: Fix lockdep warning from taking sb_writers whilst holding mmap_lock (bsc#1214742). - netfs: Fix missing xas_retry() calls in xarray iteration (bsc#1213946 bsc#1214404). - netfs: Fix missing xas_retry() calls in xarray iteration (bsc#1213946). - netfs: fix parameter of cleanup() (bsc#1214743). - nfsd: Remove incorrect check in nfsd4_validate_stateid (git-fixes). - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse (git-fixes). - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (git-fixes). - nvme-rdma: fix potential unbalanced freeze & unfreeze (bsc#1208902). - nvme-tcp: fix potential unbalanced freeze & unfreeze (bsc#1208902). - objtool/x86: Fix SRSO mess (git-fixes). - objtool/x86: Fixup frame-pointer vs rethunk (git-fixes). - objtool: Union instruction::{call_dest,jump_table} (git-fixes). - old-flavors: Drop 2.6 kernels. 2.6 based kernels are EOL, upgrading from them is no longer suported. - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (git-fixes). - phy/rockchip: inno-hdmi: do not power on rk3328 post pll on reg write (git-fixes). - phy/rockchip: inno-hdmi: round fractal pixclock in rk3328 recalc_rate (git-fixes). - phy/rockchip: inno-hdmi: use correct vco_div_5 macro on rk3328 (git-fixes). - phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend (git-fixes). - phy: qcom-snps-femto-v2: properly enable ref clock (git-fixes). - phy: qcom-snps: Use dev_err_probe() to simplify code (git-fixes). - phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc (git-fixes). - pinctrl: amd: Mask wake bits on probe again (git-fixes). - pinctrl: amd: Revert 'pinctrl: amd: disable and mask interrupts on probe' (git-fixes). - pinctrl: cherryview: fix address_space_handler() argument (git-fixes). - pinctrl: mcp23s08: check return value of devm_kasprintf() (git-fixes). - pinctrl: renesas: rza2: Add lock around pinctrl_generic{{add,remove}_group,{add,remove}_function} (git-fixes). - platform/x86: dell-sysman: Fix reference leak (git-fixes). - powerpc/64e: Fix kexec build error (bsc#1212091 ltc#199106). - powerpc/iommu: Fix iommu_table_in_use for a small default DMA window case (bsc#1212091 ltc#199106). - powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV device (bsc#1212091 ltc#199106). - powerpc/iommu: TCEs are incorrectly manipulated with DLPAR add/remove of memory (bsc#1212091 ltc#199106). - powerpc/iommu: do not set failed sg dma_address to DMA_MAPPING_ERROR (bsc#1212091 ltc#199106). - powerpc/iommu: return error code from .map_sg() ops (bsc#1212091 ltc#199106). - powerpc/kernel/iommu: Add new iommu_table_in_use() helper (bsc#1212091 ltc#199106). - powerpc/kexec: Fix build failure from uninitialised variable (bsc#1212091 ltc#199106). - powerpc/mm/altmap: Fix altmap boundary check (bsc#1120059 git-fixes). - powerpc/pseries/ddw: Do not try direct mapping with persistent memory and one window (bsc#1212091 ltc#199106). - powerpc/pseries/ddw: simplify enable_ddw() (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add ddw_list_new_entry() helper (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add ddw_property_create() and refactor enable_ddw() (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add iommu_pseries_alloc_table() helper (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add of_node_put() before break (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Allow DDW windows starting at 0x00 (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Check if the default window in use before removing it (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Create huge DMA window if no MMIO32 is present (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Find existing DDW with given property name (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Make use of DDW for indirect mapping (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Print ibm,query-pe-dma-windows parameters (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Rename 'direct window' to 'dma window' (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Reorganize iommu_table_setparms*() with new helper (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Replace hard-coded page shift (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Update remove_dma_window() to accept property name (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Use correct vfree for it_map (bsc#1212091 ltc#199106). - powerpc/pseries: Add __init attribute to eligible functions (bsc#1212091 ltc#199106). - powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - powerpc/pseries: Initialise CPU hotplug callbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - powerpc/rtas: block error injection when locked down (bsc#1023051). - powerpc/rtas: enture rtas_call is called with MMU enabled (bsc#1023051). - powerpc/rtas: mandate RTAS syscall filtering (bsc#1023051). - powerpc/rtas_flash: allow user copy to flash block cache objects (bsc#1194869). - powerpc/security: Fix Speculation_Store_Bypass reporting on Power10 (bsc#1188885 ltc#193722 git-fixes). - powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files. - powerpc: Move DMA64_PROPNAME define to a header (bsc#1214297 ltc#197503). - powerpc: fix typos in comments (bsc#1212091 ltc#199106). - pseries/iommu/ddw: Fix kdump to work in absence of ibm,dma-window (bsc#1214297 ltc#197503). - pstore/ram: Check start of empty przs during init (git-fixes). - pwm: Add a stub for devm_pwmchip_add() (git-fixes). - pwm: meson: Simplify duplicated per-channel tracking (git-fixes). - pwm: meson: fix handling of period/duty if greater than UINT_MAX (git-fixes). - qed: Fix scheduling in a tasklet while getting stats (git-fixes). - regmap: rbtree: Use alloc_flags for memory allocations (git-fixes). - ring-buffer: Do not swap cpu_buffer during resize process (git-fixes). - ring-buffer: Fix deadloop issue on reading trace_pipe (git-fixes). - ring-buffer: Fix wrong stat of cpu_buffer->read (git-fixes). - rpm/mkspec-dtb: support for nested subdirs - rpmsg: glink: Add check for kstrdup (git-fixes). - s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (bsc#1214976). - s390/purgatory: disable branch profiling (git-fixes bsc#1214372). - s390/zcrypt: fix reply buffer calculations for CCA replies (bsc#1213949). - sched/fair: Fix inaccurate tally of ttwu_move_affine (git fixes). - sched/fair: Use recent_used_cpu to test p->cpus_ptr (git fixes). - sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799). - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes). - scsi: 53c700: Check that command slot is not NULL (git-fixes). - scsi: RDMA/srp: Fix residual handling (git-fixes) - scsi: bsg: Increase number of devices (bsc#1210048). - scsi: core: Do not wait for quiesce in scsi_device_block() (bsc#1209284). - scsi: core: Do not wait for quiesce in scsi_stop_queue() (bsc#1209284). - scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes). - scsi: core: Fix possible memory leak if device_add() fails (git-fixes). - scsi: core: Improve warning message in scsi_device_block() (bsc#1209284). - scsi: core: Merge scsi_internal_device_block() and device_block() (bsc#1209284). - scsi: fnic: Replace return codes in fnic_clean_pending_aborts() (git-fixes). - scsi: qedf: Fix NULL dereference in error handling (git-fixes). - scsi: qedf: Fix firmware halt over suspend and resume (git-fixes). - scsi: qedi: Fix firmware halt over suspend and resume (git-fixes). - scsi: scsi_debug: Remove dead code (git-fixes). - scsi: sg: Increase number of devices (bsc#1210048). - scsi: snic: Fix double free in snic_tgt_create() (git-fixes). - scsi: snic: Fix possible memory leak if device_add() fails (git-fixes). - scsi: storvsc: Always set no_report_opcodes (git-fixes). - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (git-fixes). - scsi: storvsc: Handle SRB status value 0x30 (git-fixes). - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices (git-fixes). - scsi: zfcp: Defer fc_rport blocking until after ADISC response (git-fixes bsc#1214371). - selftests/bpf: Test btf dump for struct with padding only fields (bsc#1211220 jsc#PED-3924). - selftests/futex: Order calls to futex_lock_pi (git-fixes). - selftests/harness: Actually report SKIP for signal tests (git-fixes). - selftests/resctrl: Close perf value read fd on errors (git-fixes). - selftests/resctrl: Do not leak buffer in fill_cache() (git-fixes). - selftests/resctrl: Unmount resctrl FS if child fails to run benchmark (git-fixes). - selftests/rseq: check if libc rseq support is registered (git-fixes). - selftests: forwarding: Add a helper to skip test when using veth pairs (git-fixes). - selftests: forwarding: Skip test when no interfaces are specified (git-fixes). - selftests: forwarding: Switch off timeout (git-fixes). - selftests: forwarding: ethtool: Skip when using veth pairs (git-fixes). - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs (git-fixes). - selftests: forwarding: tc_actions: Use ncat instead of nc (git-fixes). - selftests: forwarding: tc_actions: cleanup temporary files when test is aborted (git-fixes). - selftests: forwarding: tc_flower: Relax success criterion (git-fixes). - selftests: mirror_gre_changes: Tighten up the TTL test match (git-fixes). - serial: sc16is7xx: fix broken port 0 uart init (git-fixes). - serial: sc16is7xx: fix bug when first setting GPIO direction (git-fixes). - serial: sprd: Assign sprd_port after initialized to avoid wrong access (git-fixes). - serial: sprd: Fix DMA buffer leak issue (git-fixes). - serial: tegra: handle clk prepare error in tegra_uart_hw_init() (git-fixes). - sfc: fix crash when reading stats while NIC is resetting (git-fixes). - smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request (bsc#1193629). - smb: client: Fix -Wstringop-overflow issues (bsc#1193629). - smb: client: fix dfs link mount against w2k8 (bsc#1212142). - smb: client: fix null auth (git-fixes). - soc: aspeed: socinfo: Add kfree for kstrdup (git-fixes). - soundwire: bus: pm_runtime_request_resume on peripheral attachment (git-fixes). - soundwire: fix enumeration completion (git-fixes). - spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe() (git-fixes). - supported.conf: fix typos for -!optional markers - swiotlb: Remove bounce buffer remapping for Hyper-V (bsc#1206453). - target: compare and write backend driver sense handling (bsc#1177719 bsc#1213026). - target_core_rbd: fix leak and reduce kmalloc calls (bsc#1212873). - target_core_rbd: fix rbd_img_request.snap_id assignment (bsc#1212857). - target_core_rbd: remove snapshot existence validation code (bsc#1212857). - thunderbolt: Read retimer NVM authentication status prior tb_retimer_set_inbound_sbtx() (git-fixes). - timers: Add shutdown mechanism to the internal functions (bsc#1213970). - timers: Provide timer_shutdown[_sync]() (bsc#1213970). - timers: Rename del_timer() to timer_delete() (bsc#1213970). - timers: Rename del_timer_sync() to timer_delete_sync() (bsc#1213970). - timers: Replace BUG_ON()s (bsc#1213970). - timers: Silently ignore timers with a NULL function (bsc#1213970). - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode (bsc#1213970). - timers: Update kernel-doc for various functions (bsc#1213970). - timers: Use del_timer_sync() even on UP (bsc#1213970). - tracing/histograms: Add histograms to hist_vars if they have referenced variables (git-fixes). - tracing/histograms: Return an error if we fail to add histogram to hist_vars list (git-fixes). - tracing/probes: Fix not to count error code to total length (git-fixes). - tracing/probes: Fix to avoid double count of the string length on the array (git-fixes). - tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if fails (git-fixes). - tracing/probes: Fix to update dynamic data counter if fetcharg uses it (git-fixes). - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed (git-fixes). - tracing: Fix memleak due to race between current_tracer and trace (git-fixes). - tracing: Fix memory leak of iter->temp when reading trace_pipe (git-fixes). - tracing: Fix null pointer dereference in tracing_err_log_open() (git-fixes). - tracing: Fix warning in trace_buffered_event_disable() (git-fixes). - tty: fix hang on tty device with no_room set (git-fixes). - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (git-fixes). - tty: serial: fsl_lpuart: Add i.MXRT1050 support (git-fixes). - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32 platforms (git-fixes). - tty: serial: fsl_lpuart: make rx_watermark configurable for different platforms (git-fixes). - tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A (git-fixes). - ubifs: Fix memleak when insert_old_idx() failed (git-fixes). - usb-storage: alauda: Fix uninit-value in alauda_check_media() (git-fixes). - usb: chipidea: imx: add missing USB PHY DPDM wakeup setting (git-fixes). - usb: chipidea: imx: do not request QoS for imx8ulp (git-fixes). - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0 (git-fixes). - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none (git-fixes). - usb: dwc3: Fix typos in gadget.c (git-fixes). - usb: dwc3: Properly handle processing of pending events (git-fixes). - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption (git-fixes). - usb: gadget: Fix the memory leak in raw_gadget driver (git-fixes). - usb: gadget: f_mass_storage: Fix unused variable warning (git-fixes). - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push (git-fixes). - usb: ohci-at91: Fix the unhandle interrupt when resume (git-fixes). - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host() (git-fixes). - usb: quirks: add quirk for Focusrite Scarlett (git-fixes). - usb: serial: option: add Quectel EC200A module support (git-fixes). - usb: serial: option: support Quectel EM060K_128 (git-fixes). - usb: serial: simple: add Kaufmann RKS+CAN VCP (git-fixes). - usb: serial: simple: sort driver entries (git-fixes). - usb: typec: altmodes/displayport: Signal hpd when configuring pin assignment (git-fixes). - usb: typec: tcpm: Fix response to vsafe0V event (git-fixes). - usb: typec: tcpm: set initial svdm version based on pd revision (git-fixes). - usb: zaurus: Add ID for A-300/B-500/C-700 (git-fixes). - watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub) (git-fixes). - wifi: ath10k: Use RMW accessors for changing LNKCTL (git-fixes). - wifi: ath11k: Use RMW accessors for changing LNKCTL (git-fixes). - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx (git-fixes). - wifi: ath9k: protect WMI command response buffer replacement with a lock (git-fixes). - wifi: ath9k: use IS_ERR() with debugfs_create_dir() (git-fixes). - wifi: cfg80211: Fix return value in scan logic (git-fixes). - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN (git-fixes). - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC) (git-fixes). - wifi: mt76: mt7915: fix power-limits while chan_switch (git-fixes). - wifi: mt76: mt7921: do not support one stream on secondary antenna only (git-fixes). - wifi: mt76: mt7921: fix non-PSC channel scan fail (git-fixes). - wifi: mt76: testmode: add nla_policy for MT76_TM_ATTR_TX_LENGTH (git-fixes). - wifi: mwifiex: Fix OOB and integer underflow when rx packets (git-fixes). - wifi: mwifiex: Fix missed return in oob checks failed path (git-fixes). - wifi: mwifiex: avoid possible NULL skb pointer dereference (git-fixes). - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management (git-fixes). - wifi: mwifiex: fix memory leak in mwifiex_histogram_read() (git-fixes). - wifi: nl80211/cfg80211: add forgotten nla_policy for BSS color attribute (git-fixes). - wifi: radiotap: fix kernel-doc notation warnings (git-fixes). - wifi: rtw89: debug: Fix error handling in rtw89_debug_priv_btc_manual_set() (git-fixes). - x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (git-fixes). - x86/alternative: Make custom return thunk unconditional (git-fixes). - x86/cpu/kvm: Provide UNTRAIN_RET_VM (git-fixes). - x86/cpu: Clean up SRSO return thunk mess (git-fixes). - x86/cpu: Cleanup the untrain mess (git-fixes). - x86/cpu: Fix __x86_return_thunk symbol type (git-fixes). - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (git-fixes). - x86/cpu: Rename original retbleed methods (git-fixes). - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (git-fixes). - x86/hyperv: Add an interface to do nested hypercalls (bsc#1206453). - x86/hyperv: Add support for detecting nested hypervisor (bsc#1206453). - x86/hyperv: Change vTOM handling to use standard coco mechanisms (bsc#1206453). - x86/hyperv: Remove BUG_ON() for kmap_local_page() (bsc#1206453). - x86/hyperv: Reorder code to facilitate future work (bsc#1206453). - x86/hyperv: Replace kmap() with kmap_local_page() (bsc#1206453). - x86/ioremap: Add hypervisor callback for private MMIO mapping in coco (bsc#1206453). - x86/mce: Make sure logged MCEs are processed after sysfs update (git-fixes). - x86/mm: Handle decryption/re-encryption of bss_decrypted consistently (bsc#1206453). - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (git-fixes). - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with retpolines and IBT (git-fixes). - x86/retpoline: Do not clobber RFLAGS during srso_safe_ret() (git-fixes). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - x86/speculation: Add cpu_show_gds() prototype (git-fixes). - x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (git-fixes). - x86/srso: Correct the mitigation status when SMT is disabled (git-fixes). - x86/srso: Disable the mitigation on unaffected configurations (git-fixes). - x86/srso: Explain the untraining sequences a bit more (git-fixes). - x86/srso: Fix build breakage with the LLVM linker (git-fixes). - x86/srso: Fix return thunks in generated code (git-fixes). - x86/static_call: Fix __static_call_fixup() (git-fixes). - x86/tdx: Add more registers to struct tdx_hypercall_args (bsc#1206453). - x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall() (bsc#1206453). - x86/tdx: Expand __tdx_hypercall() to handle more arguments (bsc#1206453). - x86/tdx: Fix typo in comment in __tdx_hypercall() (bsc#1206453). - x86/tdx: Refactor __tdx_hypercall() to allow pass down more arguments (bsc#1206453). - xfs: fix sb write verify for lazysbcount (bsc#1214661). Important SUSE bug 1023051 SUSE bug 1120059 SUSE bug 1177719 SUSE bug 1188885 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1203329 SUSE bug 1203330 SUSE bug 1205462 SUSE bug 1206453 SUSE bug 1208902 SUSE bug 1208949 SUSE bug 1209284 SUSE bug 1209799 SUSE bug 1210048 SUSE bug 1210448 SUSE bug 1211220 SUSE bug 1212091 SUSE bug 1212142 SUSE bug 1212423 SUSE bug 1212526 SUSE bug 1212857 SUSE bug 1212873 SUSE bug 1213026 SUSE bug 1213123 SUSE bug 1213546 SUSE bug 1213580 SUSE bug 1213601 SUSE bug 1213666 SUSE bug 1213733 SUSE bug 1213757 SUSE bug 1213759 SUSE bug 1213916 SUSE bug 1213921 SUSE bug 1213927 SUSE bug 1213946 SUSE bug 1213949 SUSE bug 1213968 SUSE bug 1213970 SUSE bug 1213971 SUSE bug 1214000 SUSE bug 1214019 SUSE bug 1214073 SUSE bug 1214120 SUSE bug 1214149 SUSE bug 1214180 SUSE bug 1214233 SUSE bug 1214238 SUSE bug 1214285 SUSE bug 1214297 SUSE bug 1214299 SUSE bug 1214305 SUSE bug 1214350 SUSE bug 1214368 SUSE bug 1214370 SUSE bug 1214371 SUSE bug 1214372 SUSE bug 1214380 SUSE bug 1214386 SUSE bug 1214392 SUSE bug 1214393 SUSE bug 1214397 SUSE bug 1214404 SUSE bug 1214428 SUSE bug 1214451 SUSE bug 1214635 SUSE bug 1214659 SUSE bug 1214661 SUSE bug 1214727 SUSE bug 1214729 SUSE bug 1214742 SUSE bug 1214743 SUSE bug 1214756 SUSE bug 1214976 SUSE bug 1215522 SUSE bug 1215523 SUSE bug 1215552 SUSE bug 1215553 CVE-2022-38457 at SUSE CVE-2022-38457 at NVD CVE-2022-40133 at SUSE CVE-2022-40133 at NVD CVE-2023-2007 at SUSE CVE-2023-2007 at NVD CVE-2023-20588 at SUSE CVE-2023-20588 at NVD CVE-2023-34319 at SUSE CVE-2023-34319 at NVD CVE-2023-3610 at SUSE CVE-2023-3610 at NVD CVE-2023-37453 at SUSE CVE-2023-37453 at NVD CVE-2023-3772 at SUSE CVE-2023-3772 at NVD CVE-2023-3863 at SUSE CVE-2023-3863 at NVD CVE-2023-40283 at SUSE CVE-2023-40283 at NVD CVE-2023-4128 at SUSE CVE-2023-4128 at NVD CVE-2023-4133 at SUSE CVE-2023-4133 at NVD CVE-2023-4134 at SUSE CVE-2023-4134 at NVD CVE-2023-4147 at SUSE CVE-2023-4147 at NVD CVE-2023-4194 at SUSE CVE-2023-4194 at NVD CVE-2023-4273 at SUSE CVE-2023-4273 at NVD CVE-2023-4387 at SUSE CVE-2023-4387 at NVD CVE-2023-4459 at SUSE CVE-2023-4459 at NVD CVE-2023-4563 at SUSE CVE-2023-4563 at NVD CVE-2023-4569 at SUSE CVE-2023-4569 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-38457: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service (bsc#1203330). - CVE-2022-40133: Fixed a use-after-free vulnerability in vmwgfx driver that allowed a local attacker to cause a denial of service (bsc#1203329). - CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995 CVE-2023-1192). - CVE-2023-1859: Fixed a use-after-free flaw in xen_9pfs_front_removet that could lead to system crash and kernel information leak (bsc#1210169). - CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel (bsc#1210448). - CVE-2023-20588: Fixed a division-by-zero error on some AMD processors that can potentially return speculative data resulting in loss of confidentiality (bsc#1213927). - CVE-2023-2177: Fixed null pointer dereference issue in the sctp network protocol that could lead to system crash or DoS (bsc#1210643). - CVE-2023-34319: Fixed buffer overrun triggered by unusual packet in xen/netback (XSA-432) (bsc#1213546). - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). - CVE-2023-37453: Fixed oversight in SuperSpeed initialization (bsc#1213123). - CVE-2023-3772: Fixed a flaw in XFRM subsystem that may have allowed a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer leading to a possible kernel crash and denial of service (bsc#1213666). - CVE-2023-3863: Fixed a use-after-free flaw was found in nfc_llcp_find_local that allowed a local user with special privileges to impact a kernel information leak issue (bsc#1213601). - CVE-2023-40283: Fixed use-after-free in l2cap_sock_ready_cb (bsc#1214233). - CVE-2023-4128: Fixed a use-after-free flaw in net/sched/cls_fw.c that allowed a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue (bsc#1214149). - CVE-2023-4133: Fixed use after free bugs caused by circular dependency problem in cxgb4 (bsc#1213970). - CVE-2023-4134: Fixed use-after-free in cyttsp4_watchdog_work() (bsc#1213971). - CVE-2023-4147: Fixed use-after-free in nf_tables_newrule (bsc#1213968). - CVE-2023-4194: Fixed a type confusion in net tun_chr_open() (bsc#1214019). - CVE-2023-4273: Fixed a flaw in the exFAT driver of the Linux kernel that alloawed a local privileged attacker to overflow the kernel stack (bsc#1214120). - CVE-2023-4387: Fixed use-after-free flaw in vmxnet3_rq_alloc_rx_buf that could allow a local attacker to crash the system due to a double-free (bsc#1214350). - CVE-2023-4459: Fixed a NULL pointer dereference flaw in vmxnet3_rq_cleanup that may have allowed a local attacker with normal user privilege to cause a denial of service (bsc#1214451). - CVE-2023-4563: Fixed use-after-free in nft_verdict_dump due to a race between set GC and transaction (bsc#1214727). - CVE-2023-4569: Fixed information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c (bsc#1214729). - CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). The following non-security bugs were fixed: - ACPI/IORT: Update SMMUv3 DeviceID support (bsc#1214305). - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily (git-fixes). - ACPI: processor: perflib: Use the 'no limit' frequency QoS (git-fixes). - ACPI: x86: s2idle: Fix a logic error parsing AMD constraints table (git-fixes). - ALSA: ac97: Fix possible error value of *rac97 (git-fixes). - ALSA: hda/cirrus: Fix broken audio on hardware with two CS42L42 codecs (git-fixes). - ALSA: hda/cs8409: Support new Dell Dolphin Variants (git-fixes). - ALSA: hda/realtek - Remodified 3k pull low procedure (git-fixes). - ALSA: hda/realtek: Add quirk for HP Victus 16-d1xxx to enable mute LED (git-fixes). - ALSA: hda/realtek: Add quirk for mute LEDs on HP ENVY x360 15-eu0xxx (git-fixes). - ALSA: hda/realtek: Add quirks for HP G11 Laptops (git-fixes). - ALSA: hda/realtek: Switch Dell Oasis models to use SPI (git-fixes). - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl (git-fixes). - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces (git-fixes). - ALSA: usb-audio: Fix init call orders for UAC1 (git-fixes). - ALSA: ymfpci: Fix the missing snd_card_free() call at probe error (git-fixes). - ARM: dts: imx6dl: prtrvt, prtvt7, prti6q, prtwd2: fix USB related warnings (git-fixes). - ARM: dts: imx6sll: fixup of operating points (git-fixes). - ARM: pxa: remove use of symbol_get() (git-fixes). - ARM: spear: Do not use timer namespace for timer_shutdown() function (bsc#1213970). - ASoC: SOF: Intel: fix SoundWire/HDaudio mutual exclusion (git-fixes). - ASoC: amd: yc: Fix a non-functional mic on Lenovo 82SJ (git-fixes). - ASoC: lower 'no backend DAIs enabled for ... Port' log severity (git-fixes). - ASoC: meson: axg-tdm-formatter: fix channel slot allocation (git-fixes). - ASoC: rt5665: add missed regulator_bulk_disable (git-fixes). - ASoC: stac9766: fix build errors with REGMAP_AC97 (git-fixes). - ASoC: tegra: Fix SFC conversion for few rates (git-fixes). - Bluetooth: Fix potential use-after-free when clear keys (git-fixes). - Bluetooth: L2CAP: Fix use-after-free (git-fixes). - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (git-fixes). - Bluetooth: Remove unused declaration amp_read_loc_info() (git-fixes). - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition (git-fixes). - Bluetooth: btusb: Add MT7922 bluetooth ID for the Asus Ally (git-fixes). - Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave() (git-fixes). - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe() (git-fixes). - CONFIG_NVME_VERBOSE_ERRORS=y gone with a82baa8083b - CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 gone with 7e152d55123 - Documentation: devices.txt: Fix minors for ttyCPM* (git-fixes). - Documentation: devices.txt: Remove ttyIOC* (git-fixes). - Documentation: devices.txt: Remove ttySIOC* (git-fixes). - Drivers: hv: Do not remap addresses that are above shared_gpa_boundary (bsc#1206453). - Drivers: hv: Enable vmbus driver for nested root partition (bsc#1206453). - Drivers: hv: Explicitly request decrypted in vmap_pfn() calls (bsc#1206453). - Drivers: hv: Setup synic registers in case of nested root partition (bsc#1206453). - Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (bsc#1206453). - Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages (bsc#1206453). - Drivers: hv: vmbus: Remove second way of mapping ring buffers (bsc#1206453). - Drivers: hv: vmbus: Remove the per-CPU post_msg_page (bsc#1206453). - Drop amdgpu patch causing spamming (bsc#1215523) - Drop cfg80211 lock fix patches that caused a regression (bsc#1213757) - Drop rtsx patch that caused a regression (bsc#1214397,bsc#1214428) - Enable Analog Devices Industrial Ethernet PHY driver (jsc#PED-4759) - HID: add quirk for 03f0:464a HP Elite Presenter Mouse (git-fixes). - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode() (git-fixes). - HID: logitech-hidpp: Add USB and Bluetooth IDs for the Logitech G915 TKL Keyboard (git-fixes). - HID: multitouch: Correct devm device reference for hidinput input_dev name (git-fixes). - HID: wacom: remove the battery when the EKR is off (git-fixes). - HWPOISON: offline support: fix spelling in Documentation/ABI/ (git-fixes). - IB/hfi1: Fix possible panic during hotplug remove (git-fixes) - IB/uverbs: Fix an potential error pointer dereference (git-fixes) - Input: exc3000 - properly stop timer on shutdown (git-fixes). - Input: tca6416-keypad - fix interrupt enable disbalance (git-fixes). - KVM: SVM: Remove a duplicate definition of VMCB_AVIC_APIC_BAR_MASK (git-fixes). - KVM: VMX: Fix header file dependency of asm/vmx.h (git-fixes). - KVM: s390: fix sthyi error handling (git-fixes bsc#1214370). - Kbuild: add -Wno-shift-negative-value where -Wextra is used (bsc#1214756). - Kbuild: move to -std=gnu11 (bsc#1214756). - PCI/ASPM: Avoid link retraining race (git-fixes). - PCI/ASPM: Factor out pcie_wait_for_retrain() (git-fixes). - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). - PCI: Free released resource after coalescing (git-fixes). - PCI: Mark NVIDIA T4 GPUs to avoid bus reset (git-fixes). - PCI: acpiphp: Reassign resources on bridge if necessary (git-fixes). - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus (git-fixes). - PCI: hv: Enable PCI pass-thru devices in Confidential VMs (bsc#1206453). - PCI: hv: Replace retarget_msi_interrupt_params with (bsc#1206453). - PCI: meson: Remove cast between incompatible function type (git-fixes). - PCI: microchip: Correct the DED and SEC interrupt bit offsets (git-fixes). - PCI: microchip: Remove cast between incompatible function type (git-fixes). - PCI: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). - PCI: rockchip: Remove writes to unused registers (git-fixes). - PCI: s390: Fix use-after-free of PCI resources with per-function hotplug (git-fixes). - PCI: tegra194: Fix possible array out of bounds access (git-fixes). - PM / devfreq: Fix leak in devfreq_dev_release() (git-fixes). - RDMA/bnxt_re: Fix error handling in probe failure path (git-fixes) - RDMA/bnxt_re: Fix max_qp count for virtual functions (git-fixes) - RDMA/efa: Fix wrong resources deallocation order (git-fixes) - RDMA/hns: Fix CQ and QP cache affinity (git-fixes) - RDMA/hns: Fix incorrect post-send with direct wqe of wr-list (git-fixes) - RDMA/hns: Fix port active speed (git-fixes) - RDMA/irdma: Prevent zero-length STAG registration (git-fixes) - RDMA/irdma: Replace one-element array with flexible-array member (git-fixes) - RDMA/mlx5: Return the firmware result upon destroying QP/RQ (git-fixes) - RDMA/qedr: Remove a duplicate assignment in irdma_query_ah() (git-fixes) - RDMA/siw: Balance the reference of cep->kref in the error path (git-fixes) - RDMA/siw: Correct wrong debug message (git-fixes) - RDMA/umem: Set iova in ODP flow (git-fixes) - README.BRANCH: Add Miroslav Franc as a SLE15-SP4 co-maintainer. - Revert 'IB/isert: Fix incorrect release of isert connection' (git-fixes) - Revert 'PCI: Mark NVIDIA T4 GPUs to avoid bus reset' (git-fixes). - Revert 'scsi: qla2xxx: Fix buffer overrun' (bsc#1214928). - Revert 'tracing: Add '(fault)' name injection to kernel probes' (git-fixes). - Update patches.suse/cpufreq-intel_pstate-Fix-cpu-pstate.turbo_freq-initi.patch (git-fixes bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - amba: bus: fix refcount leak (git-fixes). - arm64/hyperv: Use CPUHP_AP_HYPERV_ONLINE state to fix CPU online sequencing (bsc#1206453). - arm64: csum: Fix OoB access in IP checksum code for negative lengths (git-fixes). - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux (git-fixes). - arm64: dts: qcom: qrb5165-rb5: fix thermal zone conflict (git-fixes). - arm64: dts: rockchip: Disable HS400 for eMMC on ROCK Pi 4 (git-fixes). - ata: libata: disallow dev-initiated LPM transitions to unsupported states (git-fixes). - ata: pata_falcon: fix IO base selection for Q40 (git-fixes). - ata: pata_ftide010: Add missing MODULE_DESCRIPTION (git-fixes). - ata: sata_gemini: Add missing MODULE_DESCRIPTION (git-fixes). - audit: fix possible soft lockup in __audit_inode_child() (git-fixes). - backlight/bd6107: Compare against struct fb_info.device (git-fixes). - backlight/gpio_backlight: Compare against struct fb_info.device (git-fixes). - backlight/lv5207lp: Compare against struct fb_info.device (git-fixes). - backlight: gpio_backlight: Drop output GPIO direction check for initial power state (git-fixes). - batman-adv: Do not get eth header before batadv_check_management_packet (git-fixes). - batman-adv: Do not increase MTU when set by user (git-fixes). - batman-adv: Fix TT global entry leak when client roamed back (git-fixes). - batman-adv: Fix batadv_v_ogm_aggr_send memory leak (git-fixes). - batman-adv: Hold rtnl lock during MTU update via netlink (git-fixes). - batman-adv: Trigger events for auto adjusted MTU (git-fixes). - bnx2x: fix page fault following EEH recovery (bsc#1214299). - bpf: Clear the probe_addr for uprobe (git-fixes). - bpf: Disable preemption in bpf_event_output (git-fixes). - bpftool: Print newline before '}' for struct with padding only fields (bsc#1211220 jsc#PED-3924). - btrfs: do not hold CPU for too long when defragging a file (bsc#1214988). - bus: mhi: host: Skip MHI reset if device is in RDDM (git-fixes). - bus: ti-sysc: Fix build warning for 64-bit build (git-fixes). - bus: ti-sysc: Fix cast to enum warning (git-fixes). - bus: ti-sysc: Flush posted write on enable before reset (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM (git-fixes). - ceph: defer stopping mdsc delayed_work (bsc#1214392). - ceph: do not check for quotas on MDS stray dirs (bsc#1214238). - ceph: never send metrics if disable_send_metrics is set (bsc#1214180). - check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). gcc7 on SLE 15 does not support this while later gcc does. - cifs: add missing return value check for cifs_sb_tlink (bsc#1193629). - cifs: allow dumping keys for directories too (bsc#1193629). - cifs: fix mid leak during reconnection after timeout threshold (git-fixes). - cifs: if deferred close is disabled then close files immediately (git-fixes). - cifs: is_network_name_deleted should return a bool (bsc#1193629). - cifs: update internal module version number for cifs.ko (bsc#1193629). - clk: Fix slab-out-of-bounds error in devm_clk_release() (git-fixes). - clk: Fix undefined reference to `clk_rate_exclusive_{get,put}' (git-fixes). - clk: imx8mp: fix sai4 clock (git-fixes). - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op (git-fixes). - clk: imx: pll14xx: dynamically configure PLL for 393216000/361267200Hz (git-fixes). - clk: qcom: camcc-sc7180: fix async resume during probe (git-fixes). - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock (git-fixes). - clk: qcom: gcc-sc7180: Fix up gcc_sdcc2_apps_clk_src (git-fixes). - clk: qcom: gcc-sm8250: Fix gcc_sdcc2_apps_clk_src (git-fixes). - clk: sunxi-ng: Modify mismatched function name (git-fixes). - clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown() function (bsc#1213970). - clocksource/drivers/hyper-v: Rework clocksource and sched clock setup (bsc#1206453). - clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown() function (bsc#1213970). - clocksource: hyper-v: Add TSC page support for root partition (bsc#1206453). - clocksource: hyper-v: Introduce TSC PFN getter (bsc#1206453). - clocksource: hyper-v: Introduce a pointer to TSC page (bsc#1206453). - clocksource: hyper-v: Use TSC PFN getter to map vvar page (bsc#1206453). - clocksource: hyper-v: make sure Invariant-TSC is used if it is (bsc#1206453). - cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Remove topology_smt_supported() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpu/SMT: Store the current/max number of threads (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - cpufreq: Fix the race condition while updating the transition_task of policy (git-fixes). - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids (bsc#1214659). - cpufreq: intel_pstate: Enable HWP IO boost for all servers (bsc#1208949 jsc#PED-6003 jsc#PED-6004). - cpufreq: intel_pstate: Fix scaling for hybrid-capable systems with disabled E-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - cpufreq: intel_pstate: Read all MSRs on the target CPU (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - cpufreq: intel_pstate: hybrid: Rework HWP calibration (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores (bsc#1212526 bsc#1214368 jsc#PED-4927 jsc#PED-4929). - crypto: caam - fix unchecked return value error (git-fixes). - crypto: stm32 - Properly handle pm_runtime_get failing (git-fixes). - define more Hyper-V related constants (bsc#1206453). - dma-buf/sw_sync: Avoid recursive lock during fence signal (git-fixes). - dma-buf/sync_file: Fix docs syntax (git-fixes). - dmaengine: idxd: Modify the dependence of attribute pasid_enabled (git-fixes). - dmaengine: mcf-edma: Fix a potential un-allocated memory access (git-fixes). - dmaengine: pl330: Return DMA_PAUSED when transaction is paused (git-fixes). - dmaengine: ste_dma40: Add missing IRQ check in d40_probe (git-fixes). - docs/process/howto: Replace C89 with C11 (bsc#1214756). - docs: kernel-parameters: Refer to the correct bitmap function (git-fixes). - docs: networking: replace skb_hwtstamp_tx with skb_tstamp_tx (git-fixes). - docs: printk-formats: Fix hex printing of signed values (git-fixes). - driver core: test_async: fix an error code (git-fixes). - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init() (git-fixes). - drivers: usb: smsusb: fix error handling code in smsusb_init_device (git-fixes). - drm/amd/display: Add smu write msg id fail retry process (git-fixes). - drm/amd/display: Apply 60us prefetch for DCFCLK &lt;= 300Mhz (git-fixes). - drm/amd/display: Disable phantom OTG after enable for plane disable (git-fixes). - drm/amd/display: Do not set drr on pipe commit (git-fixes). - drm/amd/display: Enable dcn314 DPP RCO (git-fixes). - drm/amd/display: Ensure that planes are in the same order (git-fixes). - drm/amd/display: Implement workaround for writing to OTG_PIXEL_RATE_DIV register (git-fixes). - drm/amd/display: Remove wait while locked (git-fixes). - drm/amd/display: Retain phantom plane/stream if validation fails (git-fixes). - drm/amd/display: Skip DPP DTO update if root clock is gated (git-fixes). - drm/amd/display: Use update plane and stream routine for DCN32x (git-fixes). - drm/amd/display: check TG is non-null before checking if enabled (git-fixes). - drm/amd/display: check attr flag before set cursor degamma on DCN3+ (git-fixes). - drm/amd/display: disable RCO for DCN314 (git-fixes). - drm/amd/display: do not wait for mpc idle if tg is disabled (git-fixes). - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma (git-fixes). - drm/amd/display: fix access hdcp_workqueue assert (git-fixes). - drm/amd/display: fix the build when DRM_AMD_DC_DCN is not set (git-fixes). - drm/amd/display: fix the white screen issue when >= 64GB DRAM (git-fixes). - drm/amd/display: limit DPIA link rate to HBR3 (git-fixes). - drm/amd/display: phase3 mst hdcp for multiple displays (git-fixes). - drm/amd/display: prevent potential division by zero errors (git-fixes). - drm/amd/display: register edp_backlight_control() for DCN301 (git-fixes). - drm/amd/display: save restore hdcp state when display is unplugged from mst hub (git-fixes). - drm/amd/display: trigger timing sync only if TG is running (git-fixes). - drm/amd/pm/smu7: move variables to where they are used (git-fixes). - drm/amd/pm: avoid unintentional shutdown due to temperature momentary fluctuation (git-fixes). - drm/amd/pm: expose swctf threshold setting for legacy powerplay (git-fixes). - drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create() (git-fixes). - drm/amd/pm: fulfill powerplay peak profiling mode shader/memory clock settings (git-fixes). - drm/amd/pm: fulfill swsmu peak profiling mode shader/memory clock settings (git-fixes). - drm/amd/pm: skip the RLC stop when S0i3 suspend for SMU v13.0.4/11 (git-fixes). - drm/amd: Disable S/G for APUs when 64GB or more host memory (git-fixes). - drm/amd: flush any delayed gfxoff on suspend entry (git-fixes). - drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7 (git-fixes). - drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (git-fixes). - drm/amdgpu: Fix potential fence use-after-free v2 (git-fixes). - drm/amdgpu: Remove unnecessary domain argument (git-fixes). - drm/amdgpu: Use RMW accessors for changing LNKCTL (git-fixes). - drm/amdgpu: add S/G display parameter (git-fixes). - drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-fixes). - drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar() (git-fixes). - drm/amdgpu: fix calltrace warning in amddrm_buddy_fini (git-fixes). - drm/amdgpu: fix memory leak in mes self test (git-fixes). - drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() (git-fixes). - drm/amdgpu: install stub fence into potential unused fence pointers (git-fixes). - drm/amdgpu: keep irq count in amdgpu_irq_disable_all (git-fixes). - drm/amdgpu: skip fence GFX interrupts disable/enable for S0ix (git-fixes). - drm/armada: Fix off-by-one error in armada_overlay_get_property() (git-fixes). - drm/ast: Fix DRAM init on AST2200 (git-fixes). - drm/atomic-helper: Update reference to drm_crtc_force_disable_all() (git-fixes). - drm/bridge: anx7625: Drop device lock before drm_helper_hpd_irq_event() (git-fixes). - drm/bridge: anx7625: Use common macros for DP power sequencing commands (git-fixes). - drm/bridge: anx7625: Use common macros for HDCP capabilities (git-fixes). - drm/bridge: fix -Wunused-const-variable= warning (git-fixes). - drm/bridge: tc358764: Fix debug print parameter order (git-fixes). - drm/etnaviv: fix dumping of active MMU context (git-fixes). - drm/gma500: Use drm_aperture_remove_conflicting_pci_framebuffers (git-fixes). - drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt() (git-fixes). - drm/i915/gvt: Put the page reference obtained by KVM's gfn_to_pfn() (git-fixes). - drm/i915/gvt: Verify pfn is 'valid' before dereferencing 'struct page' (git-fixes). - drm/i915/sdvo: fix panel_type initialization (git-fixes). - drm/i915: Fix premature release of request's reusable memory (git-fixes). - drm/i915: mark requests for GuC virtual engines to avoid use-after-free (git-fixes). - drm/mediatek: Fix dereference before null check (git-fixes). - drm/mediatek: Fix potential memory leak if vmap() fail (git-fixes). - drm/mediatek: Remove freeing not dynamic allocated memory (git-fixes). - drm/msm/a2xx: Call adreno_gpu_init() earlier (git-fixes). - drm/msm/dpu: fix the irq index in dpu_encoder_phys_wb_wait_for_commit_done (git-fixes). - drm/msm/mdp5: Do not leak some plane state (git-fixes). - drm/msm: Update dev core dump to not print backwards (git-fixes). - drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() (git-fixes). - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (git-fixes). - drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create (bsc#1214073). - drm/nouveau/gr: enable memory loads on helper invocation on all channels (git-fixes). - drm/nouveau/nvkm/dp: Add workaround to fix DP 1.3+ DPCD issues (git-fixes). - drm/panel: simple: Add missing connector type and pixel format for AUO T215HVN01 (git-fixes). - drm/panel: simple: Fix AUO G121EAN01 panel timings according to the docs (git-fixes). - drm/qxl: fix UAF on handle creation (git-fixes). - drm/radeon: Use RMW accessors for changing LNKCTL (git-fixes). - drm/repaper: Reduce temporary buffer size in repaper_fb_dirty() (git-fixes). - drm/rockchip: Do not spam logs in atomic check (git-fixes). - drm/shmem-helper: Reset vma->vm_ops before calling dma_buf_mmap() (git-fixes). - drm/stm: ltdc: fix late dereference check (git-fixes). - drm/tegra: dpaux: Fix incorrect return value of platform_get_irq (git-fixes). - drm/ttm: check null pointer before accessing when swapping (git-fixes). - drm/ttm: never consider pinned BOs for eviction&swap (git-fixes). - drm/vmwgfx: Fix shader stage validation (git-fixes). - drm: adv7511: Fix low refresh rate register for ADV7533/5 (git-fixes). - drm: gm12u320: Fix the timeout usage for usb_bulk_msg() (git-fixes). - drm: rcar-du: remove R-Car H3 ES1.* workarounds (git-fixes). - drm: xlnx: zynqmp_dpsub: Add missing check for dma_set_mask (git-fixes). - dt-bindings: clock: xlnx,versal-clk: drop select:false (git-fixes). - dt-bindings: clocks: imx8mp: make sai4 a dummy clock (git-fixes). - dt-bindings: crypto: ti,sa2ul: make power-domains conditional (git-fixes). - e1000: Fix typos in comments (jsc#PED-5738). - e1000: Remove unnecessary use of kmap_atomic() (jsc#PED-5738). - e1000: switch to napi_build_skb() (jsc#PED-5738). - e1000: switch to napi_consume_skb() (jsc#PED-5738). - exfat: fix unexpected EOF while reading dir (bsc#1214000). - exfat: release s_lock before calling dir_emit() (bsc#1214000). - exfat_iterate(): do not open-code file_inode(file) (bsc#1214000). - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev (git-fixes). - fbdev: Fix sys_imageblit() for arbitrary image widths (git-fixes). - fbdev: Improve performance of sys_imageblit() (git-fixes). - fbdev: Update fbdev source file paths (git-fixes). - fbdev: fix potential OOB read in fast_imageblit() (git-fixes). - fbdev: mmp: fix value check in mmphw_probe() (git-fixes). - file: reinstate f_pos locking optimization for regular files (bsc#1213759). - firmware: arm_scmi: Drop OF node reference in the transport channel setup (git-fixes). - firmware: cs_dsp: Fix new control name check (git-fixes). - firmware: meson_sm: fix to avoid potential NULL pointer dereference (git-fixes). - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (git-fixes). - fprobe: Release rethook after the ftrace_ops is unregistered (git-fixes). - fprobe: add unlock to match a succeeded ftrace_test_recursion_trylock (git-fixes). - fs/sysv: Null check to prevent null-ptr-deref bug (git-fixes). - fs: do not update freeing inode i_io_list (bsc#1214813). - fs: record I_DIRTY_TIME even if inode already has I_DIRTY_INODE (bsc#1214813). - fsi: aspeed: Reset master errors after CFAM reset (git-fixes). - fsi: master-ast-cf: Add MODULE_FIRMWARE macro (git-fixes). - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() (git-fixes). - gpio: mvebu: Make use of devm_pwmchip_add (git-fixes). - gpio: mvebu: fix irq domain leak (git-fixes). - gpio: tps68470: Make tps68470_gpio_output() always set the initial value (git-fixes). - hv_netvsc: Remove second mapping of send and recv buffers (bsc#1206453). - hwmon: (pmbus/bel-pfe) Enable PMBUS_SKIP_STATUS_CHECK for pfe1100 (git-fixes). - hwmon: (tmp513) Fix the channel number in tmp51x_is_visible() (git-fixes). - hwrng: iproc-rng200 - Implement suspend and resume calls (git-fixes). - hwrng: nomadik - keep clock enabled while hwrng is registered (git-fixes). - hwrng: pic32 - use devm_clk_get_enabled (git-fixes). - i2c: Delete error messages for failed memory allocations (git-fixes). - i2c: Improve size determinations (git-fixes). - i2c: aspeed: Reset the i2c controller when timeout occurs (git-fixes). - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue (git-fixes). - i2c: designware: Correct length byte validation logic (git-fixes). - i2c: designware: Handle invalid SMBus block data response length value (git-fixes). - i2c: hisi: Only handle the interrupt of the driver's transfer (git-fixes). - i2c: nomadik: Remove a useless call in the remove function (git-fixes). - i2c: nomadik: Remove unnecessary goto label (git-fixes). - i2c: nomadik: Use devm_clk_get_enabled() (git-fixes). - i3c: master: svc: fix probe failure when no i3c device exist (git-fixes). - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes). - iavf: fix potential races for FDIR filters (git-fixes). - ice: Fix RDMA VSI removal during queue rebuild (git-fixes). - ice: Fix crash by keep old cfg when update TCs more than queues (git-fixes). - ice: Fix max_rate check while configuring TX rate limits (git-fixes). - ice: Fix memory management in ice_ethtool_fdir.c (git-fixes). - idr: fix param name in idr_alloc_cyclic() doc (git-fixes). - iio: adc: ina2xx: avoid NULL pointer dereference on OF device match (git-fixes). - iio: adc: stx104: Implement and utilize register structures (git-fixes). - iio: adc: stx104: Utilize iomap interface (git-fixes). - iio: cros_ec: Fix the allocation size for cros_ec_command (git-fixes). - intel/e1000:fix repeated words in comments (jsc#PED-5738). - intel: remove unused macros (jsc#PED-5738). - iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd: Add PCI segment support for ivrs_ commands (git-fixes). - iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support (bsc#1212423). - iommu/amd: Do not identity map v2 capable device when snp is enabled (git-fixes). - iommu/amd: Fix compile warning in init code (git-fixes). - iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options (git-fixes). - iommu/amd: Fix ivrs_acpihid cmdline parsing code (git-fixes). - iommu/amd: Fix pci device refcount leak in ppr_notifier() (git-fixes). - iommu/amd: use full 64-bit value in build_completion_wait() (git-fixes). - iommu/arm-smmu-v3: Make default domain type of HiSilicon PTT device to identity (git-fixes). - iommu/arm-smmu-v3: check return value after calling platform_get_resource() (git-fixes). - iommu/arm-smmu-v3: fix event handling soft lockup (git-fixes). - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() (git-fixes). - iommu/dart: Initialize DART_STREAMS_ENABLE (git-fixes). - iommu/dma: Fix incorrect error return on iommu deferred attach (git-fixes). - iommu/dma: Fix iova map result check bug (git-fixes). - iommu/dma: return error code from iommu_dma_map_sg() (git-fixes). - iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() (git-fixes). - iommu/io-pgtable-arm-v7s: Add a quirk to allow pgtable PA up to 35bit (git-fixes). - iommu/iova: Fix module config properly (git-fixes). - iommu/mediatek: Add error path for loop of mm_dts_parse (git-fixes). - iommu/mediatek: Add platform_device_put for recovering the device refcnt (git-fixes). - iommu/mediatek: Check return value after calling platform_get_resource() (git-fixes). - iommu/mediatek: Set dma_mask for PGTABLE_PA_35_EN (git-fixes). - iommu/mediatek: Use component_match_add (git-fixes). - iommu/mediatek: Validate number of phandles associated with 'mediatek,larbs' (git-fixes). - iommu/omap: Fix buffer overflow in debugfs (git-fixes). - iommu/rockchip: fix permission bits in page table entries v2 (git-fixes). - iommu/s390: Fix duplicate domain attachments (git-fixes). - iommu/sun50i: Consider all fault sources for reset (git-fixes). - iommu/sun50i: Fix R/W permission check (git-fixes). - iommu/sun50i: Fix flush size (git-fixes). - iommu/sun50i: Fix reset release (git-fixes). - iommu/sun50i: Implement .iotlb_sync_map (git-fixes). - iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY (git-fixes). - iommu/vt-d: Add RPLS to quirk list to skip TE disabling (git-fixes). - iommu/vt-d: Check correct capability for sagaw determination (git-fixes). - iommu/vt-d: Clean up si_domain in the init_dmars() error path (git-fixes). - iommu/vt-d: Correctly calculate sagaw value of IOMMU (git-fixes). - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() (git-fixes). - iommu/vt-d: Fix PCI device refcount leak in has_external_pci() (git-fixes). - iommu/vt-d: Fix kdump kernels boot failure with scalable mode (git-fixes). - iommu/vt-d: Preset Access bit for IOVA in FL non-leaf paging entries (git-fixes). - iommu/vt-d: Set SRE bit only when hardware has SRS cap (git-fixes). - ipmi:ssif: Add check for kstrdup (git-fixes). - ipmi:ssif: Fix a memory leak when scanning for an adapter (git-fixes). - ipmi_si: fix a memleak in try_smi_init() (git-fixes). - jffs2: correct logic when creating a hole in jffs2_write_begin (git-fixes). - kabi/severities: Ignore newly added SRSO mitigation functions - kabi/severities: ignore mlx4 internal symbols - kabi: Allow extra bugsints (bsc#1213927). - kabi: hide changes in enum ipl_type and struct sclp_info (jsc#PED-2023 jsc#PED-2025). - kconfig: fix possible buffer overflow (git-fixes). - kernel-binary: Common dependencies cleanup Common dependencies are copied to a subpackage, there is no need for copying defines or build dependencies there. - kernel-binary: Drop code for kerntypes support Kerntypes was a SUSE-specific feature dropped before SLE 12. - kselftest/runner.sh: Propagate SIGTERM to runner child (git-fixes). - kunit: make kunit_test_timeout compatible with comment (git-fixes). - leds: Fix BUG_ON check for LED_COLOR_ID_MULTI that is always false (git-fixes). - leds: multicolor: Use rounded division when calculating color components (git-fixes). - leds: pwm: Fix error code in led_pwm_create_fwnode() (git-fixes). - leds: trigger: tty: Do not use LED_ON/OFF constants, use led_blink_set_oneshot instead (git-fixes). - leds: turris-omnia: Drop unnecessary mutex locking (git-fixes). - lib/test_meminit: allocate pages up to order MAX_ORDER (git-fixes). - lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test (git-fixes). - libbpf: Fix BTF-to-C converter's padding logic (bsc#1211220 jsc#PED-3924). - libbpf: Fix btf_dump's packed struct determination (bsc#1211220 jsc#PED-3924). - libbpf: Fix single-line struct definition output in btf_dump (bsc#1211220 jsc#PED-3924). - libceph: fix potential hang in ceph_osdc_notify() (bsc#1214393). - md/raid0: Factor out helper for mapping and submitting a bio (bsc#1213916). - md/raid0: Fix performance regression for large sequential writes (bsc#1213916). - media: ad5820: Drop unsupported ad5823 from i2c_ and of_device_id tables (git-fixes). - media: cx24120: Add retval check for cx24120_message_send() (git-fixes). - media: dib7000p: Fix potential division by zero (git-fixes). - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() (git-fixes). - media: go7007: Remove redundant if statement (git-fixes). - media: i2c: ccs: Check rules is non-NULL (git-fixes). - media: i2c: rdacm21: Fix uninitialized value (git-fixes). - media: i2c: tvp5150: check return value of devm_kasprintf() (git-fixes). - media: ov2680: Add ov2680_fill_format() helper function (git-fixes). - media: ov2680: Do not take the lock for try_fmt calls (git-fixes). - media: ov2680: Fix ov2680_bayer_order() (git-fixes). - media: ov2680: Fix ov2680_set_fmt() which == V4L2_SUBDEV_FORMAT_TRY not working (git-fixes). - media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors (git-fixes). - media: ov2680: Fix vflip / hflip set functions (git-fixes). - media: ov2680: Remove VIDEO_V4L2_SUBDEV_API ifdef-s (git-fixes). - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi() (git-fixes). - media: rkvdec: increase max supported height for H.264 (git-fixes). - media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() (git-fixes). - media: v4l2-mem2mem: add lock to protect parameter num_rdy (git-fixes). - media: venus: hfi_venus: Only consider sys_idle_indicator on V1 (git-fixes). - media: venus: hfi_venus: Write to VIDC_CTRL_INIT after unmasking interrupts (git-fixes). - misc: rtsx: judge ASPM Mode to set PETXCFG Reg (git-fixes). - mkspec: Allow unsupported KMPs (bsc#1214386) - mlx4: Avoid resetting MLX4_INTFF_BONDING per driver (bsc#1187236). - mlx4: Connect the ethernet part to the auxiliary bus (bsc#1187236). - mlx4: Connect the infiniband part to the auxiliary bus (bsc#1187236). - mlx4: Delete custom device management logic (bsc#1187236). - mlx4: Get rid of the mlx4_interface.activate callback (bsc#1187236). - mlx4: Get rid of the mlx4_interface.get_dev callback (bsc#1187236). - mlx4: Move the bond work to the core driver (bsc#1187236). - mlx4: Register mlx4 devices to an auxiliary virtual bus (bsc#1187236). - mlx4: Rename member mlx4_en_dev.nb to netdev_nb (bsc#1187236). - mlx4: Replace the mlx4_interface.event callback with a notifier (bsc#1187236). - mlx4: Use 'void *' as the event param of mlx4_dispatch_event() (bsc#1187236). - mlxsw: pci: Add shutdown method in PCI driver (git-fixes). - mmc: block: Fix in_flight[issue_type] value error (git-fixes). - mmc: moxart: read scr register without changing byte order (git-fixes). - mmc: wbsd: fix double mmc_free_host() in wbsd_init() (git-fixes). - module: avoid allocation if module is already present and ready (bsc#1213921). - module: extract patient module check into helper (bsc#1213921). - module: move check_modinfo() early to early_mod_check() (bsc#1213921). - module: move early sanity checks into a helper (bsc#1213921). - mtd: rawnand: brcmnand: Fix crash during the panic_write (git-fixes). - mtd: rawnand: brcmnand: Fix mtd oobsize (git-fixes). - mtd: rawnand: brcmnand: Fix potential false time out warning (git-fixes). - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write (git-fixes). - mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() (git-fixes). - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume() (git-fixes). - mtd: rawnand: omap_elm: Fix incorrect type in assignment (git-fixes). - mtd: rawnand: rockchip: Align hwecc vs. raw page helper layouts (git-fixes). - mtd: rawnand: rockchip: fix oobfree offset and description (git-fixes). - mtd: spi-nor: Check bus width while setting QE bit (git-fixes). - mtd: spinand: toshiba: Fix ecc_get_status (git-fixes). - n_tty: Rename tail to old_tail in n_tty_read() (git-fixes). - net/mlx4: Remove many unnecessary NULL values (bsc#1187236). - net: hns3: fix wrong bw weight of disabled tc issue (git-fixes). - net: ieee802154: at86rf230: Stop leaking skb's (git-fixes). - net: mana: Fix MANA VF unload when hardware is unresponsive (git-fixes). - net: phy: at803x: remove set/get wol callbacks for AR8032 (git-fixes). - net: phy: broadcom: stub c45 read/write for 54810 (git-fixes). - net: phy: fix IRQ-based wake-on-lan over hibernate / power off (git-fixes). - net: phy: micrel: Correct bit assignments for phy_device flags (git-fixes). - net: stmmac: tegra: Properly allocate clock bulk data (bsc#1213733) - net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs (git-fixes). - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb (git-fixes). - netfs: Fix lockdep warning from taking sb_writers whilst holding mmap_lock (bsc#1214742). - netfs: Fix missing xas_retry() calls in xarray iteration (bsc#1213946 bsc#1214404). - netfs: Fix missing xas_retry() calls in xarray iteration (bsc#1213946). - netfs: fix parameter of cleanup() (bsc#1214743). - nfsd: Remove incorrect check in nfsd4_validate_stateid (git-fixes). - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse (git-fixes). - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (git-fixes). - ntb: Clean up tx tail index on link down (git-fixes). - ntb: Drop packets when qp link is down (git-fixes). - ntb: Fix calculation ntb_transport_tx_free_entry() (git-fixes). - nvme-rdma: fix potential unbalanced freeze & unfreeze (bsc#1208902). - nvme-tcp: fix potential unbalanced freeze & unfreeze (bsc#1208902). - objtool/x86: Fix SRSO mess (git-fixes). - objtool/x86: Fixup frame-pointer vs rethunk (git-fixes). - objtool: Union instruction::{call_dest,jump_table} (git-fixes). - old-flavors: Drop 2.6 kernels. 2.6 based kernels are EOL, upgrading from them is no longer suported. - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (git-fixes). - phy/rockchip: inno-hdmi: do not power on rk3328 post pll on reg write (git-fixes). - phy/rockchip: inno-hdmi: round fractal pixclock in rk3328 recalc_rate (git-fixes). - phy/rockchip: inno-hdmi: use correct vco_div_5 macro on rk3328 (git-fixes). - phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend (git-fixes). - phy: qcom-snps-femto-v2: properly enable ref clock (git-fixes). - phy: qcom-snps: Use dev_err_probe() to simplify code (git-fixes). - phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc (git-fixes). - pinctrl: amd: Mask wake bits on probe again (git-fixes). - pinctrl: amd: Revert 'pinctrl: amd: disable and mask interrupts on probe' (git-fixes). - pinctrl: cherryview: fix address_space_handler() argument (git-fixes). - pinctrl: mcp23s08: check return value of devm_kasprintf() (git-fixes). - pinctrl: renesas: rza2: Add lock around pinctrl_generic{{add,remove}_group,{add,remove}_function} (git-fixes). - platform/mellanox: mlxbf-pmc: Fix potential buffer overflows (git-fixes). - platform/mellanox: mlxbf-pmc: Fix reading of unprogrammed events (git-fixes). - platform/mellanox: mlxbf-tmfifo: Drop jumbo frames (git-fixes). - platform/mellanox: mlxbf-tmfifo: Drop the Rx packet if no more descriptors (git-fixes). - platform/x86: dell-sysman: Fix reference leak (git-fixes). - powerpc/64e: Fix kexec build error (bsc#1212091 ltc#199106). - powerpc/iommu: Fix iommu_table_in_use for a small default DMA window case (bsc#1212091 ltc#199106). - powerpc/iommu: Fix notifiers being shared by PCI and VIO buses (bsc#1065729). - powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV device (bsc#1212091 ltc#199106). - powerpc/iommu: TCEs are incorrectly manipulated with DLPAR add/remove of memory (bsc#1212091 ltc#199106). - powerpc/iommu: do not set failed sg dma_address to DMA_MAPPING_ERROR (bsc#1212091 ltc#199106). - powerpc/iommu: return error code from .map_sg() ops (bsc#1212091 ltc#199106). - powerpc/kernel/iommu: Add new iommu_table_in_use() helper (bsc#1212091 ltc#199106). - powerpc/kexec: Fix build failure from uninitialised variable (bsc#1212091 ltc#199106). - powerpc/mm/altmap: Fix altmap boundary check (bsc#1120059 git-fixes). - powerpc/pseries/ddw: Do not try direct mapping with persistent memory and one window (bsc#1212091 ltc#199106). - powerpc/pseries/ddw: simplify enable_ddw() (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add ddw_list_new_entry() helper (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add ddw_property_create() and refactor enable_ddw() (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add iommu_pseries_alloc_table() helper (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Add of_node_put() before break (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Allow DDW windows starting at 0x00 (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Check if the default window in use before removing it (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Create huge DMA window if no MMIO32 is present (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Find existing DDW with given property name (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Make use of DDW for indirect mapping (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Print ibm,query-pe-dma-windows parameters (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Rename 'direct window' to 'dma window' (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Reorganize iommu_table_setparms*() with new helper (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Replace hard-coded page shift (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Update remove_dma_window() to accept property name (bsc#1212091 ltc#199106). - powerpc/pseries/iommu: Use correct vfree for it_map (bsc#1212091 ltc#199106). - powerpc/pseries: Add __init attribute to eligible functions (bsc#1212091 ltc#199106). - powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - powerpc/pseries: Initialise CPU hotplug callbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). - powerpc/rtas: block error injection when locked down (bsc#1023051). - powerpc/rtas: enture rtas_call is called with MMU enabled (bsc#1023051). - powerpc/rtas: mandate RTAS syscall filtering (bsc#1023051). - powerpc/rtas_flash: allow user copy to flash block cache objects (bsc#1194869). - powerpc/security: Fix Speculation_Store_Bypass reporting on Power10 (bsc#1188885 ltc#193722 git-fixes). - powerpc/xics: Remove unnecessary endian conversion (bsc#1065729). - powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files. - powerpc: Move DMA64_PROPNAME define to a header (bsc#1214297 ltc#197503). - powerpc: fix typos in comments (bsc#1212091 ltc#199106). - pseries/iommu/ddw: Fix kdump to work in absence of ibm,dma-window (bsc#1214297 ltc#197503). - pstore/ram: Check start of empty przs during init (git-fixes). - pwm: Add a stub for devm_pwmchip_add() (git-fixes). - pwm: lpc32xx: Remove handling of PWM channels (git-fixes). - pwm: meson: Simplify duplicated per-channel tracking (git-fixes). - pwm: meson: fix handling of period/duty if greater than UINT_MAX (git-fixes). - qed: Fix scheduling in a tasklet while getting stats (git-fixes). - regmap: rbtree: Use alloc_flags for memory allocations (git-fixes). - ring-buffer: Do not swap cpu_buffer during resize process (git-fixes). - ring-buffer: Fix deadloop issue on reading trace_pipe (git-fixes). - ring-buffer: Fix wrong stat of cpu_buffer->read (git-fixes). - rpm/mkspec-dtb: support for nested subdirs. - rpmsg: glink: Add check for kstrdup (git-fixes). - rt: Add helper script to refresh RT configs based on the parent (SLE Realtime Extension). - s390/dasd: fix command reject error on ESE devices (LTC#203630 bsc#1215123 git-fixes). - s390/dasd: fix hanging device after request requeue (git-fixes LTC#203629 bsc#1215124). - s390/ipl: add DEFINE_GENERIC_LOADPARM() (jsc#PED-2023). - s390/ipl: add eckd dump support (jsc#PED-2025). - s390/ipl: add eckd support (jsc#PED-2023). - s390/ipl: add loadparm parameter to eckd ipl/reipl data (jsc#PED-2023). - s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (bsc#1214976). - s390/ipl: use octal values instead of S_* macros (jsc#PED-2023). - s390/purgatory: disable branch profiling (git-fixes bsc#1214372). - s390/qeth: Do not call dev_close/dev_open (DOWN/UP) (bsc#1214873 git-fixes). - s390/zcrypt: do not leak memory if dev_set_name() fails (git-fixes bsc#1215148). - s390/zcrypt: fix reply buffer calculations for CCA replies (bsc#1213949). - sched/fair: Fix inaccurate tally of ttwu_move_affine (git fixes). - sched/fair: Use recent_used_cpu to test p->cpus_ptr (git fixes). - sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799). - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes). - scsi: 53c700: Check that command slot is not NULL (git-fixes). - scsi: RDMA/srp: Fix residual handling (git-fixes) - scsi: bsg: Increase number of devices (bsc#1210048). - scsi: core: Do not wait for quiesce in scsi_device_block() (bsc#1209284). - scsi: core: Do not wait for quiesce in scsi_stop_queue() (bsc#1209284). - scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes). - scsi: core: Fix possible memory leak if device_add() fails (git-fixes). - scsi: core: Improve warning message in scsi_device_block() (bsc#1209284). - scsi: core: Merge scsi_internal_device_block() and device_block() (bsc#1209284). - scsi: fnic: Replace return codes in fnic_clean_pending_aborts() (git-fixes). - scsi: lpfc: Do not abuse UUID APIs and LPFC_COMPRESS_VMID_SIZE (git-fixes). - scsi: lpfc: Modify when a node should be put in device recovery mode during RSCN (git-fixes). - scsi: lpfc: Remove reftag check in DIF paths (git-fixes). - scsi: qedf: Fix NULL dereference in error handling (git-fixes). - scsi: qedf: Fix firmware halt over suspend and resume (git-fixes). - scsi: qedi: Fix firmware halt over suspend and resume (git-fixes). - scsi: qla2xxx: Add logs for SFP temperature monitoring (bsc#1214928). - scsi: qla2xxx: Allow 32-byte CDBs (bsc#1214928). - scsi: qla2xxx: Error code did not return to upper layer (bsc#1214928). - scsi: qla2xxx: Fix firmware resource tracking (bsc#1214928). - scsi: qla2xxx: Fix smatch warn for qla_init_iocb_limit() (bsc#1214928). - scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1214928). - scsi: qla2xxx: Move resource to allow code reuse (bsc#1214928). - scsi: qla2xxx: Remove unsupported ql2xenabledif option (bsc#1214928). - scsi: qla2xxx: Remove unused declarations (bsc#1214928). - scsi: qla2xxx: Remove unused variables in qla24xx_build_scsi_type_6_iocbs() (bsc#1214928). - scsi: qla2xxx: Update version to 10.02.09.100-k (bsc#1214928). - scsi: scsi_debug: Remove dead code (git-fixes). - scsi: sg: Increase number of devices (bsc#1210048). - scsi: snic: Fix double free in snic_tgt_create() (git-fixes). - scsi: snic: Fix possible memory leak if device_add() fails (git-fixes). - scsi: storvsc: Always set no_report_opcodes (git-fixes). - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (git-fixes). - scsi: storvsc: Handle SRB status value 0x30 (git-fixes). - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices (git-fixes). - scsi: zfcp: Defer fc_rport blocking until after ADISC response (git-fixes bsc#1214371). - selftests/bpf: Test btf dump for struct with padding only fields (bsc#1211220 jsc#PED-3924). - selftests/futex: Order calls to futex_lock_pi (git-fixes). - selftests/harness: Actually report SKIP for signal tests (git-fixes). - selftests/resctrl: Close perf value read fd on errors (git-fixes). - selftests/resctrl: Do not leak buffer in fill_cache() (git-fixes). - selftests/resctrl: Unmount resctrl FS if child fails to run benchmark (git-fixes). - selftests/rseq: check if libc rseq support is registered (git-fixes). - selftests: forwarding: Add a helper to skip test when using veth pairs (git-fixes). - selftests: forwarding: Skip test when no interfaces are specified (git-fixes). - selftests: forwarding: Switch off timeout (git-fixes). - selftests: forwarding: ethtool: Skip when using veth pairs (git-fixes). - selftests: forwarding: ethtool_extended_state: Skip when using veth pairs (git-fixes). - selftests: forwarding: tc_actions: Use ncat instead of nc (git-fixes). - selftests: forwarding: tc_actions: cleanup temporary files when test is aborted (git-fixes). - selftests: forwarding: tc_flower: Relax success criterion (git-fixes). - selftests: mirror_gre_changes: Tighten up the TTL test match (git-fixes). - selftests: tracing: Fix to unmount tracefs for recovering environment (git-fixes). - serial: sc16is7xx: fix broken port 0 uart init (git-fixes). - serial: sc16is7xx: fix bug when first setting GPIO direction (git-fixes). - serial: sprd: Assign sprd_port after initialized to avoid wrong access (git-fixes). - serial: sprd: Fix DMA buffer leak issue (git-fixes). - serial: tegra: handle clk prepare error in tegra_uart_hw_init() (git-fixes). - sfc: fix crash when reading stats while NIC is resetting (git-fixes). - smb3: Do not send lease break acknowledgment if all file handles have been closed (git-fixes). - smb3: do not set NTLMSSP_VERSION flag for negotiate not auth request (bsc#1193629). - smb: client: Fix -Wstringop-overflow issues (bsc#1193629). - smb: client: fix dfs link mount against w2k8 (bsc#1212142). - smb: client: fix null auth (git-fixes). - soc: aspeed: socinfo: Add kfree for kstrdup (git-fixes). - soundwire: bus: pm_runtime_request_resume on peripheral attachment (git-fixes). - soundwire: fix enumeration completion (git-fixes). - spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe() (git-fixes). - supported.conf: fix typos for -!optional markers - swiotlb: Remove bounce buffer remapping for Hyper-V (bsc#1206453). - target: compare and write backend driver sense handling (bsc#1177719 bsc#1213026). - target_core_rbd: fix leak and reduce kmalloc calls (bsc#1212873). - target_core_rbd: fix rbd_img_request.snap_id assignment (bsc#1212857). - target_core_rbd: remove snapshot existence validation code (bsc#1212857). - tcpm: Avoid soft reset when partner does not support get_status (git-fixes). - thunderbolt: Read retimer NVM authentication status prior tb_retimer_set_inbound_sbtx() (git-fixes). - timers: Add shutdown mechanism to the internal functions (bsc#1213970). - timers: Provide timer_shutdown[_sync]() (bsc#1213970). - timers: Rename del_timer() to timer_delete() (bsc#1213970). - timers: Rename del_timer_sync() to timer_delete_sync() (bsc#1213970). - timers: Replace BUG_ON()s (bsc#1213970). - timers: Silently ignore timers with a NULL function (bsc#1213970). - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode (bsc#1213970). - timers: Update kernel-doc for various functions (bsc#1213970). - timers: Use del_timer_sync() even on UP (bsc#1213970). - tracing/histograms: Add histograms to hist_vars if they have referenced variables (git-fixes). - tracing/histograms: Return an error if we fail to add histogram to hist_vars list (git-fixes). - tracing/probes: Fix not to count error code to total length (git-fixes). - tracing/probes: Fix to avoid double count of the string length on the array (git-fixes). - tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if fails (git-fixes). - tracing/probes: Fix to update dynamic data counter if fetcharg uses it (git-fixes). - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed (git-fixes). - tracing: Fix memleak due to race between current_tracer and trace (git-fixes). - tracing: Fix memory leak of iter->temp when reading trace_pipe (git-fixes). - tracing: Fix null pointer dereference in tracing_err_log_open() (git-fixes). - tracing: Fix race issue between cpu buffer write and swap (git-fixes). - tracing: Fix warning in trace_buffered_event_disable() (git-fixes). - tracing: Remove extra space at the end of hwlat_detector/mode (git-fixes). - tracing: Remove unnecessary copying of tr->current_trace (git-fixes). - tty: fix hang on tty device with no_room set (git-fixes). - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (git-fixes). - tty: serial: fsl_lpuart: Add i.MXRT1050 support (git-fixes). - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32 platforms (git-fixes). - tty: serial: fsl_lpuart: make rx_watermark configurable for different platforms (git-fixes). - tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A (git-fixes). - ubifs: Fix memleak when insert_old_idx() failed (git-fixes). - uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix (git-fixes). - usb-storage: alauda: Fix uninit-value in alauda_check_media() (git-fixes). - usb: chipidea: imx: add missing USB PHY DPDM wakeup setting (git-fixes). - usb: chipidea: imx: do not request QoS for imx8ulp (git-fixes). - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0 (git-fixes). - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none (git-fixes). - usb: dwc3: Fix typos in gadget.c (git-fixes). - usb: dwc3: Properly handle processing of pending events (git-fixes). - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption (git-fixes). - usb: gadget: Fix the memory leak in raw_gadget driver (git-fixes). - usb: gadget: f_mass_storage: Fix unused variable warning (git-fixes). - usb: gadget: u_serial: Avoid spinlock recursion in __gs_console_push (git-fixes). - usb: ohci-at91: Fix the unhandle interrupt when resume (git-fixes). - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host() (git-fixes). - usb: quirks: add quirk for Focusrite Scarlett (git-fixes). - usb: serial: option: add FOXCONN T99W368/T99W373 product (git-fixes). - usb: serial: option: add Quectel EC200A module support (git-fixes). - usb: serial: option: add Quectel EM05G variant (0x030e) (git-fixes). - usb: serial: option: support Quectel EM060K_128 (git-fixes). - usb: serial: simple: add Kaufmann RKS+CAN VCP (git-fixes). - usb: serial: simple: sort driver entries (git-fixes). - usb: typec: altmodes/displayport: Signal hpd when configuring pin assignment (git-fixes). - usb: typec: tcpci: clear the fault status bit (git-fixes). - usb: typec: tcpci: move tcpci.h to include/linux/usb/ (git-fixes). - usb: typec: tcpm: Fix response to vsafe0V event (git-fixes). - usb: typec: tcpm: set initial svdm version based on pd revision (git-fixes). - usb: zaurus: Add ID for A-300/B-500/C-700 (git-fixes). - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load (git-fixes). - watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub) (git-fixes). - wifi: ath10k: Use RMW accessors for changing LNKCTL (git-fixes). - wifi: ath11k: Use RMW accessors for changing LNKCTL (git-fixes). - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx (git-fixes). - wifi: ath9k: protect WMI command response buffer replacement with a lock (git-fixes). - wifi: ath9k: use IS_ERR() with debugfs_create_dir() (git-fixes). - wifi: cfg80211: Fix return value in scan logic (git-fixes). - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN (git-fixes). - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC) (git-fixes). - wifi: mt76: mt7915: fix power-limits while chan_switch (git-fixes). - wifi: mt76: mt7921: do not support one stream on secondary antenna only (git-fixes). - wifi: mt76: mt7921: fix non-PSC channel scan fail (git-fixes). - wifi: mt76: testmode: add nla_policy for MT76_TM_ATTR_TX_LENGTH (git-fixes). - wifi: mwifiex: Fix OOB and integer underflow when rx packets (git-fixes). - wifi: mwifiex: Fix missed return in oob checks failed path (git-fixes). - wifi: mwifiex: avoid possible NULL skb pointer dereference (git-fixes). - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management (git-fixes). - wifi: mwifiex: fix memory leak in mwifiex_histogram_read() (git-fixes). - wifi: nl80211/cfg80211: add forgotten nla_policy for BSS color attribute (git-fixes). - wifi: radiotap: fix kernel-doc notation warnings (git-fixes). - wifi: rtw89: debug: Fix error handling in rtw89_debug_priv_btc_manual_set() (git-fixes). - word-at-a-time: use the same return type for has_zero regardless of endianness (bsc#1065729). - x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (git-fixes). - x86/alternative: Fix race in try_get_desc() (git-fixes). - x86/alternative: Make custom return thunk unconditional (git-fixes). - x86/boot/e820: Fix typo in e820.c comment (git-fixes). - x86/bugs: Reset speculation control settings on init (git-fixes). - x86/cpu/kvm: Provide UNTRAIN_RET_VM (git-fixes). - x86/cpu: Add Lunar Lake M (git-fixes). - x86/cpu: Add model number for Intel Arrow Lake processor (git-fixes). - x86/cpu: Clean up SRSO return thunk mess (git-fixes). - x86/cpu: Cleanup the untrain mess (git-fixes). - x86/cpu: Fix __x86_return_thunk symbol type (git-fixes). - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (git-fixes). - x86/cpu: Rename original retbleed methods (git-fixes). - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (git-fixes). - x86/fpu: Take task_struct* in copy_sigframe_from_user_to_xstate() (git-fixes). - x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed (git-fixes). - x86/hyperv: Add an interface to do nested hypercalls (bsc#1206453). - x86/hyperv: Add hv_isolation_type_tdx() to detect TDX guests (bsc#1206453). - x86/hyperv: Add support for detecting nested hypervisor (bsc#1206453). - x86/hyperv: Change vTOM handling to use standard coco mechanisms (bsc#1206453). - x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline (bsc#1206453). - x86/hyperv: Remove BUG_ON() for kmap_local_page() (bsc#1206453). - x86/hyperv: Reorder code to facilitate future work (bsc#1206453). - x86/hyperv: Replace kmap() with kmap_local_page() (bsc#1206453). - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (git-fixes). - x86/ioapic: Do not return 0 from arch_dynirq_lower_bound() (git-fixes). - x86/ioremap: Add hypervisor callback for private MMIO mapping in coco (bsc#1206453). - x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-fixes). - x86/mce: Make sure logged MCEs are processed after sysfs update (git-fixes). - x86/mce: Retrieve poison range from hardware (git-fixes). - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build (git-fixes). - x86/mm: Avoid incomplete Global INVLPG flushes (git-fixes). - x86/mm: Do not shuffle CPU entry areas without KASLR (git-fixes). - x86/mm: Handle decryption/re-encryption of bss_decrypted consistently (bsc#1206453). - x86/purgatory: remove PGO flags (git-fixes). - x86/reboot: Disable virtualization in an emergency if SVM is supported (git-fixes). - x86/resctl: fix scheduler confusion with 'current' (git-fixes). - x86/resctrl: Fix task CLOSID/RMID update race (git-fixes). - x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register (git-fixes). - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (git-fixes). - x86/retpoline,kprobes: Skip optprobe check for indirect jumps with retpolines and IBT (git-fixes). - x86/retpoline: Do not clobber RFLAGS during srso_safe_ret() (git-fixes). - x86/rtc: Remove __init for runtime functions (git-fixes). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - x86/sgx: Reduce delay and interference of enclave release (git-fixes). - x86/speculation: Add cpu_show_gds() prototype (git-fixes). - x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (git-fixes). - x86/srso: Correct the mitigation status when SMT is disabled (git-fixes). - x86/srso: Disable the mitigation on unaffected configurations (git-fixes). - x86/srso: Explain the untraining sequences a bit more (git-fixes). - x86/srso: Fix build breakage with the LLVM linker (git-fixes). - x86/srso: Fix return thunks in generated code (git-fixes). - x86/static_call: Fix __static_call_fixup() (git-fixes). - x86/tdx: Add more registers to struct tdx_hypercall_args (bsc#1206453). - x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall() (bsc#1206453). - x86/tdx: Expand __tdx_hypercall() to handle more arguments (bsc#1206453). - x86/tdx: Fix typo in comment in __tdx_hypercall() (bsc#1206453). - x86/tdx: Refactor __tdx_hypercall() to allow pass down more arguments (bsc#1206453). - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) (git-fixes). - xfs: fix sb write verify for lazysbcount (bsc#1214661). Important SUSE bug 1023051 SUSE bug 1065729 SUSE bug 1120059 SUSE bug 1177719 SUSE bug 1187236 SUSE bug 1188885 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1203329 SUSE bug 1203330 SUSE bug 1205462 SUSE bug 1206453 SUSE bug 1208902 SUSE bug 1208949 SUSE bug 1208995 SUSE bug 1209284 SUSE bug 1209799 SUSE bug 1210048 SUSE bug 1210169 SUSE bug 1210448 SUSE bug 1210643 SUSE bug 1211220 SUSE bug 1212091 SUSE bug 1212142 SUSE bug 1212423 SUSE bug 1212526 SUSE bug 1212857 SUSE bug 1212873 SUSE bug 1213026 SUSE bug 1213123 SUSE bug 1213546 SUSE bug 1213580 SUSE bug 1213601 SUSE bug 1213666 SUSE bug 1213733 SUSE bug 1213757 SUSE bug 1213759 SUSE bug 1213916 SUSE bug 1213921 SUSE bug 1213927 SUSE bug 1213946 SUSE bug 1213949 SUSE bug 1213968 SUSE bug 1213970 SUSE bug 1213971 SUSE bug 1214000 SUSE bug 1214019 SUSE bug 1214073 SUSE bug 1214120 SUSE bug 1214149 SUSE bug 1214180 SUSE bug 1214233 SUSE bug 1214238 SUSE bug 1214285 SUSE bug 1214297 SUSE bug 1214299 SUSE bug 1214305 SUSE bug 1214350 SUSE bug 1214368 SUSE bug 1214370 SUSE bug 1214371 SUSE bug 1214372 SUSE bug 1214380 SUSE bug 1214386 SUSE bug 1214392 SUSE bug 1214393 SUSE bug 1214397 SUSE bug 1214404 SUSE bug 1214428 SUSE bug 1214451 SUSE bug 1214635 SUSE bug 1214659 SUSE bug 1214661 SUSE bug 1214727 SUSE bug 1214729 SUSE bug 1214742 SUSE bug 1214743 SUSE bug 1214756 SUSE bug 1214813 SUSE bug 1214873 SUSE bug 1214928 SUSE bug 1214976 SUSE bug 1214988 SUSE bug 1215123 SUSE bug 1215124 SUSE bug 1215148 SUSE bug 1215221 SUSE bug 1215523 CVE-2022-38457 at SUSE CVE-2022-38457 at NVD CVE-2022-40133 at SUSE CVE-2022-40133 at NVD CVE-2023-1192 at SUSE CVE-2023-1192 at NVD CVE-2023-1859 at SUSE CVE-2023-1859 at NVD CVE-2023-2007 at SUSE CVE-2023-2007 at NVD CVE-2023-20588 at SUSE CVE-2023-20588 at NVD CVE-2023-2177 at SUSE CVE-2023-2177 at NVD CVE-2023-34319 at SUSE CVE-2023-34319 at NVD CVE-2023-3610 at SUSE CVE-2023-3610 at NVD CVE-2023-37453 at SUSE CVE-2023-37453 at NVD CVE-2023-3772 at SUSE CVE-2023-3772 at NVD CVE-2023-3863 at SUSE CVE-2023-3863 at NVD CVE-2023-40283 at SUSE CVE-2023-40283 at NVD CVE-2023-4128 at SUSE CVE-2023-4128 at NVD CVE-2023-4133 at SUSE CVE-2023-4133 at NVD CVE-2023-4134 at SUSE CVE-2023-4134 at NVD CVE-2023-4147 at SUSE CVE-2023-4147 at NVD CVE-2023-4194 at SUSE CVE-2023-4194 at NVD CVE-2023-4273 at SUSE CVE-2023-4273 at NVD CVE-2023-4387 at SUSE CVE-2023-4387 at NVD CVE-2023-4459 at SUSE CVE-2023-4459 at NVD CVE-2023-4563 at SUSE CVE-2023-4563 at NVD CVE-2023-4569 at SUSE CVE-2023-4569 at NVD CVE-2023-4881 at SUSE CVE-2023-4881 at NVD cpe:/o:suse:sle-micro:5.5 Security update for nghttp2 (Important) SUSE Linux Enterprise Micro 5.5 This update for nghttp2 fixes the following issues: - CVE-2023-35945: Fixed memory leak when PUSH_PROMISE or HEADERS frame cannot be sent (bsc#1215713). Important SUSE bug 1215713 CVE-2023-35945 at SUSE CVE-2023-35945 at NVD cpe:/o:suse:sle-micro:5.5 Security update for conmon (Important) SUSE Linux Enterprise Micro 5.5 This update for conmon fixes the following issues: conmon is rebuild with go1.21 to capture current stability, bug and security fixes. (bsc#1215806) Important SUSE bug 1215806 cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem (bsc#1215861). - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). - CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858). - CVE-2023-42754: Fixed a NULL pointer dereference in the IPv4 stack that could lead to denial of service (bsc#1215467). - CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system (bsc#1214351). - CVE-2023-5345: fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215899) - CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1215150). - CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (bsc#1212703). - CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalatio (bsc#1215275). - CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117). - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115). - CVE-2023-4155: Fixed a flaw in KVM AMD Secure Encrypted Virtualization (SEV). An attacker can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages. (bsc#1214022) The following non-security bugs were fixed: - ALSA: hda/realtek: Splitting the UX3402 into two separate models (git-fixes). - arm64: module-plts: inline linux/moduleloader.h (git-fixes) - arm64: module: Use module_init_layout_section() to spot init sections (git-fixes) - arm64: sdei: abort running SDEI handlers during crash (git-fixes) - arm64: tegra: Update AHUB clock parent and rate (git-fixes) - arm64/fpsimd: Only provide the length to cpufeature for xCR registers (git-fixes) - ASoC: amd: yc: Fix non-functional mic on Lenovo 82QF and 82UG (git-fixes). - ASoC: hdaudio.c: Add missing check for devm_kstrdup (git-fixes). - ASoC: imx-audmix: Fix return error with devm_clk_get() (git-fixes). - ASoC: meson: spdifin: start hw on dai probe (git-fixes). - ASoC: rt5640: Fix IRQ not being free-ed for HDA jack detect mode (git-fixes). - ASoC: rt5640: Fix sleep in atomic context (git-fixes). - ASoC: rt5640: Revert 'Fix sleep in atomic context' (git-fixes). - ASoC: soc-utils: Export snd_soc_dai_is_dummy() symbol (git-fixes). - ASoC: SOF: core: Only call sof_ops_free() on remove if the probe was successful (git-fixes). - ASoC: tegra: Fix redundant PLLA and PLLA_OUT0 updates (git-fixes). - blk-iocost: fix divide by 0 error in calc_lcoefs() (bsc#1214986). - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost (bsc#1214992). - block/mq-deadline: use correct way to throttling write requests (bsc#1214993). - bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322). - clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp enlightened guest (bsc#1206453). - drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP enlightened guest (bsc#1206453). - Drivers: hv: vmbus: Bring the post_msg_page back for TDX VMs with the paravisor (bsc#1206453). - Drivers: hv: vmbus: Support >64 VPs for a fully enlightened TDX/SNP VM (bsc#1206453). - Drivers: hv: vmbus: Support fully enlightened TDX guests (bsc#1206453). - drm/ast: Add BMC virtual connector (bsc#1152472) Backporting changes: * rename ast_device to ast_private - drm/ast: report connection status on Display Port. (bsc#1152472) Backporting changes: * rename ast_device to ast_private * context changes - drm/display: Do not assume dual mode adaptors support i2c sub-addressing (bsc#1213808). - drm/meson: fix memory leak on ->hpd_notify callback (git-fixes). - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling (git-fixes). - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() (git-fixes). - ext4: avoid potential data overflow in next_linear_group (bsc#1214951). - ext4: correct inline offset when handling xattrs in inode body (bsc#1214950). - ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954). - ext4: fix wrong unit use in ext4_mb_clear_bb (bsc#1214943). - ext4: fix wrong unit use in ext4_mb_new_blocks (bsc#1214944). - ext4: get block from bh in ext4_free_blocks for fast commit replay (bsc#1214942). - ext4: reflect error codes from ext4_multi_mount_protect() to its callers (bsc#1214941). - ext4: Remove ext4 locking of moved directory (bsc#1214957). - ext4: set goal start correctly in ext4_mb_normalize_request (bsc#1214940). - fs: Establish locking order for unrelated directories (bsc#1214958). - fs: Lock moved directories (bsc#1214959). - fs: lockd: avoid possible wrong NULL parameter (git-fixes). - fs: no need to check source (bsc#1215752). - fuse: nlookup missing decrement in fuse_direntplus_link (bsc#1215581). - gve: Add AF_XDP zero-copy support for GQI-QPL format (bsc#1214479). - gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479). - gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479). - gve: Changes to add new TX queues (bsc#1214479). - gve: Control path for DQO-QPL (bsc#1214479). - gve: fix frag_list chaining (bsc#1214479). - gve: Fix gve interrupt names (bsc#1214479). - gve: RX path for DQO-QPL (bsc#1214479). - gve: trivial spell fix Recive to Receive (bsc#1214479). - gve: Tx path for DQO-QPL (bsc#1214479). - gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479). - gve: use vmalloc_array and vcalloc (bsc#1214479). - gve: XDP support GQI-QPL: helper function changes (bsc#1214479). - hwrng: virtio - add an internal buffer (git-fixes). - hwrng: virtio - always add a pending request (git-fixes). - hwrng: virtio - do not wait on cleanup (git-fixes). - hwrng: virtio - do not waste entropy (git-fixes). - hwrng: virtio - Fix race on data_avail and actual data (git-fixes). - i915/pmu: Move execlist stats initialization to execlist specific setup (git-fixes). - iommu/virtio: Detach domain on endpoint release (git-fixes). - iommu/virtio: Return size mapped for a detached domain (git-fixes). - jbd2: check 'jh->b_transaction' before removing it from checkpoint (bsc#1214953). - jbd2: correct the end of the journal recovery scan range (bsc#1214955). - jbd2: fix a race when checking checkpoint buffer busy (bsc#1214949). - jbd2: fix checkpoint cleanup performance regression (bsc#1214952). - jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint (bsc#1214948). - jbd2: recheck chechpointing non-dirty buffer (bsc#1214945). - jbd2: remove journal_clean_one_cp_list() (bsc#1214947). - jbd2: remove t_checkpoint_io_list (bsc#1214946). - jbd2: restore t_checkpoint_io_list to maintain kABI (bsc#1214946). - kernel-binary: Move build-time definitions together Move source list and build architecture to buildrequires to aid in future reorganization of the spec template. - kernel-binary: python3 is needed for build At least scripts/bpf_helpers_doc.py requires python3 since Linux 4.18 Other simimlar scripts may exist. - KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes (git-fixes bsc#1215915). - KVM: s390: interrupt: use READ_ONCE() before cmpxchg() (git-fixes bsc#1215896). - KVM: s390: pv: fix external interruption loop not always detected (git-fixes bsc#1215916). - KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field (git-fixes bsc#1215894). - KVM: s390: vsie: fix the length of APCB bitmap (git-fixes bsc#1215895). - KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler (git-fixes bsc#1215911). - KVM: x86: Fix KVM_CAP_SYNC_REGS's sync_regs() TOCTOU issues (git-fixes). - KVM: x86/mmu: Include mmu.h in spte.h (git-fixes). - loop: Fix use-after-free issues (bsc#1214991). - loop: loop_set_status_from_info() check before assignment (bsc#1214990). - module: Expose module_init_layout_section() (git-fixes) - net: do not allow gso_size to be set to GSO_BY_FRAGS (git-fixes). - net: mana: Add page pool for RX buffers (bsc#1214040). - net: mana: Configure hwc timeout from hardware (bsc#1214037). - net: usb: qmi_wwan: add Quectel EM05GV2 (git-fixes). - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN (git-fixes). - nfs/blocklayout: Use the passed in gfp flags (git-fixes). - NFS/pNFS: Report EINVAL errors from connect() to the server (git-fixes). - NFSD: da_addr_body field missing in some GETDEVICEINFO replies (git-fixes). - nfsd: fix change_info in NFSv4 RENAME replies (git-fixes). - nfsd: Fix race to FREE_STATEID and cl_revoked (git-fixes). - NFSv4: Fix dropped lock for racing OPEN and delegation return (git-fixes). - NFSv4: fix out path in __nfs4_get_acl_uncached (git-fixes). - NFSv4.2: fix error handling in nfs42_proc_getxattr (git-fixes). - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ (git-fixes). - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info (git-fixes). - nvme-auth: use chap->s2 to indicate bidirectional authentication (bsc#1214543). - nvme-tcp: add recovery_delay to sysfs (bsc#1201284). - nvme-tcp: delay error recovery until the next KATO interval (bsc#1201284). - nvme-tcp: Do not terminate commands when in RESETTING (bsc#1201284). - nvme-tcp: make 'err_work' a delayed work (bsc#1201284). - platform/x86: intel_scu_ipc: Check status after timeout in busy_loop() (git-fixes). - platform/x86: intel_scu_ipc: Check status upon timeout in ipc_wait_for_interrupt() (git-fixes). - platform/x86: intel_scu_ipc: Do not override scu in intel_scu_ipc_dev_simple_command() (git-fixes). - platform/x86: intel_scu_ipc: Fail IPC send if still busy (git-fixes). - pNFS: Fix assignment of xprtdata.cred (git-fixes). - powerpc/fadump: make is_kdump_kernel() return false when fadump is active (bsc#1212639 ltc#202582). - printk: ringbuffer: Fix truncating buffer size min_t cast (bsc#1215875). - quota: add new helper dquot_active() (bsc#1214998). - quota: factor out dquot_write_dquot() (bsc#1214995). - quota: fix dqput() to follow the guarantees dquot_srcu should provide (bsc#1214963). - quota: fix warning in dqgrab() (bsc#1214962). - quota: Properly disable quotas when add_dquot_ref() fails (bsc#1214961). - quota: rename dquot_active() to inode_quota_active() (bsc#1214997). - RDMA/siw: Fabricate a GID on tun and loopback devices (git-fixes) - scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (git-fixes). - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes). - scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (git-fixes). - scsi: qedf: Add synchronization between I/O completions and abort (bsc#1210658). - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes). - scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() (git-fixes). - scsi: storvsc: Handle additional SRB status values (git-fixes). - scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1215941). - selftests: mlxsw: Fix test failure on Spectrum-4 (jsc#PED-1549). - spi: Add TPM HW flow flag (bsc#1213534) - spi: tegra210-quad: Enable TPM wait polling (bsc#1213534) - spi: tegra210-quad: set half duplex flag (bsc#1213534) - SUNRPC: Mark the cred for revalidation if the server rejects it (git-fixes). - tpm_tis_spi: Add hardware wait polling (bsc#1213534) - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ (git-fixes). - udf: Fix extension of the last extent in the file (bsc#1214964). - udf: Fix file corruption when appending just after end of preallocated extent (bsc#1214965). - udf: Fix off-by-one error when discarding preallocation (bsc#1214966). - udf: Fix uninitialized array access for some pathnames (bsc#1214967). - Update metadata - usb: ehci: add workaround for chipidea PORTSC.PEC bug (git-fixes). - usb: ehci: move new member has_ci_pec_bug into hole (git-fixes). - vhost_vdpa: fix the crash in unmap a large memory (git-fixes). - vhost-scsi: unbreak any layout for response (git-fixes). - vhost: allow batching hint without size (git-fixes). - vhost: allow batching hint without size (git-fixes). - vhost: fix hung thread due to erroneous iotlb entries (git-fixes). - vhost: handle error while adding split ranges to iotlb (git-fixes). - virtio_net: add checking sq is full inside xdp xmit (git-fixes). - virtio_net: Fix probe failed when modprobe virtio_net (git-fixes). - virtio_net: reorder some funcs (git-fixes). - virtio_net: separate the logic of checking whether sq is full (git-fixes). - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed (git-fixes). - virtio-blk: set req->state to MQ_RQ_COMPLETE after polling I/O is finished (git-fixes). - virtio-mmio: do not break lifecycle of vm_dev (git-fixes). - virtio-net: fix race between set queues and probe (git-fixes). - virtio-net: set queues after driver_ok (git-fixes). - virtio-rng: make device ready before making request (git-fixes). - virtio: acknowledge all features before access (git-fixes). - vmcore: remove dependency with is_kdump_kernel() for exporting vmcore (bsc#1212639 ltc#202582). - x86/coco: Allow CPU online/offline for a TDX VM with the paravisor on Hyper-V (bsc#1206453). - x86/coco: Export cc_vendor (bsc#1206453). - x86/hyperv: Add hv_write_efer() for a TDX VM with the paravisor (bsc#1206453). - x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES (bsc#1206453). - x86/hyperv: Add missing 'inline' to hv_snp_boot_ap() stub (bsc#1206453). - x86/hyperv: Add sev-snp enlightened guest static key (bsc#1206453) - x86/hyperv: Add smp support for SEV-SNP guest (bsc#1206453). - x86/hyperv: Add VTL specific structs and hypercalls (bsc#1206453). - x86/hyperv: Fix serial console interrupts for fully enlightened TDX guests (bsc#1206453). - x86/hyperv: Fix undefined reference to isolation_type_en_snp without CONFIG_HYPERV (bsc#1206453). - x86/hyperv: Introduce a global variable hyperv_paravisor_present (bsc#1206453). - x86/hyperv: Mark hv_ghcb_terminate() as noreturn (bsc#1206453). - x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest (bsc#1206453). - x86/hyperv: Move the code in ivm.c around to avoid unnecessary ifdef's (bsc#1206453). - x86/hyperv: Remove hv_isolation_type_en_snp (bsc#1206453). - x86/hyperv: Set Virtual Trust Level in VMBus init message (bsc#1206453). - x86/hyperv: Support hypercalls for fully enlightened TDX guests (bsc#1206453). - x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor (bsc#1206453). - x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp enlightened guest (bsc#1206453). - x86/PVH: avoid 32-bit build warning when obtaining VGA console info (git-fixes). - x86/srso: Do not probe microcode in a guest (git-fixes). - x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes). - x86/srso: Fix srso_show_state() side effect (git-fixes). - x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes). - xen: remove a confusing comment on auto-translated guest I/O (git-fixes). - xprtrdma: Remap Receive buffers after a reconnect (git-fixes). Important SUSE bug 1152472 SUSE bug 1202845 SUSE bug 1206453 SUSE bug 1213808 SUSE bug 1214941 SUSE bug 1214942 SUSE bug 1214943 SUSE bug 1214944 SUSE bug 1214950 SUSE bug 1214951 SUSE bug 1214954 SUSE bug 1214957 SUSE bug 1214986 SUSE bug 1214992 SUSE bug 1214993 SUSE bug 1215322 SUSE bug 1215523 SUSE bug 1215877 SUSE bug 1215894 SUSE bug 1215895 SUSE bug 1215896 SUSE bug 1215911 SUSE bug 1215915 SUSE bug 1215916 CVE-2023-1206 at SUSE CVE-2023-1206 at NVD CVE-2023-39192 at SUSE CVE-2023-39192 at NVD CVE-2023-39193 at SUSE CVE-2023-39193 at NVD CVE-2023-39194 at SUSE CVE-2023-39194 at NVD CVE-2023-4155 at SUSE CVE-2023-4155 at NVD CVE-2023-42753 at SUSE CVE-2023-42753 at NVD CVE-2023-42754 at SUSE CVE-2023-42754 at NVD CVE-2023-4389 at SUSE CVE-2023-4389 at NVD CVE-2023-4622 at SUSE CVE-2023-4622 at NVD CVE-2023-4623 at SUSE CVE-2023-4623 at NVD CVE-2023-4921 at SUSE CVE-2023-4921 at NVD CVE-2023-5345 at SUSE CVE-2023-5345 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Important) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. (bsc#1215888) - CVE-2023-38546: Fixed a cookie injection with none file. (bsc#1215889) Important SUSE bug 1215888 SUSE bug 1215889 CVE-2023-38545 at SUSE CVE-2023-38545 at NVD CVE-2023-38546 at SUSE CVE-2023-38546 at NVD cpe:/o:suse:sle-micro:5.5 Security update for samba (Important) SUSE Linux Enterprise Micro 5.5 This update for samba fixes the following issues: - CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions. (bsc#1215904) - CVE-2023-42669: Fixed a bug in 'rpcecho' development server which allows Denial of Service via sleep() call on AD DC. (bsc#1215905) - CVE-2023-42670: Fixed the procedure number which was out of range when starting Active Directory Users and Computers. (bsc#1215906) - CVE-2023-3961: Fixed an unsanitized client pipe name passed to local_np_connect(). (bsc#1215907) - CVE-2023-4154: Fixed a bug in dirsync which allows SYSTEM access with only 'GUID_DRS_GET_CHANGES' right. (bsc#1215908) Important SUSE bug 1215904 SUSE bug 1215905 SUSE bug 1215906 SUSE bug 1215907 SUSE bug 1215908 CVE-2023-3961 at SUSE CVE-2023-3961 at NVD CVE-2023-4091 at SUSE CVE-2023-4091 at NVD CVE-2023-4154 at SUSE CVE-2023-4154 at NVD CVE-2023-42669 at SUSE CVE-2023-42669 at NVD CVE-2023-42670 at SUSE CVE-2023-42670 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored (XSA-440, bsc#1215744) - CVE-2023-34326: Missing IOMMU TLB flushing (XSA-442, bsc#1215746) - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling (XSA-443, bsc#1215747) - CVE-2023-34327: Debug Mask handling (XSA-444, bsc#1215748) - CVE-2023-34328: Debug Mask handling (XSA-444, bsc#1215748) Important SUSE bug 1215744 SUSE bug 1215746 SUSE bug 1215747 SUSE bug 1215748 CVE-2023-34323 at SUSE CVE-2023-34323 at NVD CVE-2023-34325 at SUSE CVE-2023-34325 at NVD CVE-2023-34326 at SUSE CVE-2023-34326 at NVD CVE-2023-34327 at SUSE CVE-2023-34327 at NVD CVE-2023-34328 at SUSE CVE-2023-34328 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. (bsc#1215861) - CVE-2023-39193: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. (bsc#1215860) - CVE-2023-39192: Fixed a flaw in the u32_match_it function which could allow a local attackers to disclose sensitive information. (bsc#1215858) - CVE-2023-42754: Fixed a null pointer dereference in ipv4_link_failure which could lead an authenticated attacker to trigger a DoS. (bsc#1215467) - CVE-2023-5345: fixed an use-after-free vulnerability in the fs/smb/client component which could be exploited to achieve local privilege escalation. (bsc#1215899) - CVE-2023-4155: Fixed a flaw in KVM AMD Secure Encrypted Virtualization (SEV). An attacker can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages. (bsc#1214022) - CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system (bsc#1214351). - CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1215150). - CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (bsc#1212703). - CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalatio (bsc#1215275). - CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117). - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115). - CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which could be exploited to crash the system (bsc#1210169). - CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). - CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network protocol which could allow a user to crash the system (bsc#1210643). - CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995). The following non-security bugs were fixed: - ALSA: hda/cirrus: Fix broken audio on hardware with two CS42L42 codecs (git-fixes). - ALSA: hda/realtek: Splitting the UX3402 into two separate models (git-fixes). - ARM: pxa: remove use of symbol_get() (git-fixes). - arm64: csum: Fix OoB access in IP checksum code for negative lengths (git-fixes). - arm64: module-plts: inline linux/moduleloader.h (git-fixes) - arm64: module: Use module_init_layout_section() to spot init sections (git-fixes) - arm64: sdei: abort running SDEI handlers during crash (git-fixes) - arm64: tegra: Update AHUB clock parent and rate (git-fixes) - arm64/fpsimd: Only provide the length to cpufeature for xCR registers (git-fixes) - arm64/hyperv: Use CPUHP_AP_HYPERV_ONLINE state to fix CPU online sequencing (bsc#1206453). - ASoC: amd: yc: Fix non-functional mic on Lenovo 82QF and 82UG (git-fixes). - ASoC: hdaudio.c: Add missing check for devm_kstrdup (git-fixes). - ASoC: imx-audmix: Fix return error with devm_clk_get() (git-fixes). - ASoC: meson: spdifin: start hw on dai probe (git-fixes). - ASoC: rt5640: Fix IRQ not being free-ed for HDA jack detect mode (git-fixes). - ASoC: rt5640: Fix sleep in atomic context (git-fixes). - ASoC: rt5640: Revert 'Fix sleep in atomic context' (git-fixes). - ASoC: soc-utils: Export snd_soc_dai_is_dummy() symbol (git-fixes). - ASoC: SOF: core: Only call sof_ops_free() on remove if the probe was successful (git-fixes). - ASoC: tegra: Fix redundant PLLA and PLLA_OUT0 updates (git-fixes). - ata: libata: disallow dev-initiated LPM transitions to unsupported states (git-fixes). - ata: pata_falcon: fix IO base selection for Q40 (git-fixes). - ata: pata_ftide010: Add missing MODULE_DESCRIPTION (git-fixes). - ata: sata_gemini: Add missing MODULE_DESCRIPTION (git-fixes). - backlight: gpio_backlight: Drop output GPIO direction check for initial power state (git-fixes). - blk-iocost: fix divide by 0 error in calc_lcoefs() (bsc#1214986). - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost (bsc#1214992). - block/mq-deadline: use correct way to throttling write requests (bsc#1214993). - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition (git-fixes). - bnx2x: new flag for track HW resource allocation (bsc#1202845 bsc#1215322). - bpf: Clear the probe_addr for uprobe (git-fixes). - btrfs: do not hold CPU for too long when defragging a file (bsc#1214988). - clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp enlightened guest (bsc#1206453). - drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP enlightened guest (bsc#1206453). - Drivers: hv: vmbus: Bring the post_msg_page back for TDX VMs with the paravisor (bsc#1206453). - Drivers: hv: vmbus: Support >64 VPs for a fully enlightened TDX/SNP VM (bsc#1206453). - Drivers: hv: vmbus: Support fully enlightened TDX guests (bsc#1206453). - drm: gm12u320: Fix the timeout usage for usb_bulk_msg() (git-fixes). - drm/amd/display: Add smu write msg id fail retry process (git-fixes). - drm/amd/display: enable cursor degamma for DCN3+ DRM legacy gamma (git-fixes). - drm/amd/display: fix the white screen issue when >= 64GB DRAM (git-fixes). - drm/amd/display: prevent potential division by zero errors (git-fixes). - drm/amd/display: register edp_backlight_control() for DCN301 (git-fixes). - drm/amd/display: Remove wait while locked (git-fixes). - drm/ast: Add BMC virtual connector (bsc#1152472) Backporting changes: * rename ast_device to ast_private - drm/ast: report connection status on Display Port. (bsc#1152472) Backporting changes: * rename ast_device to ast_private * context changes - drm/display: Do not assume dual mode adaptors support i2c sub-addressing (bsc#1213808). - drm/i915: mark requests for GuC virtual engines to avoid use-after-free (git-fixes). - drm/i915/gvt: Drop unused helper intel_vgpu_reset_gtt() (git-fixes). - drm/i915/gvt: Put the page reference obtained by KVM's gfn_to_pfn() (git-fixes). - drm/i915/gvt: Verify pfn is 'valid' before dereferencing 'struct page' (git-fixes). - drm/meson: fix memory leak on ->hpd_notify callback (git-fixes). - drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling (git-fixes). - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() (git-fixes). - ext4: avoid potential data overflow in next_linear_group (bsc#1214951). - ext4: correct inline offset when handling xattrs in inode body (bsc#1214950). - ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954). - ext4: fix wrong unit use in ext4_mb_clear_bb (bsc#1214943). - ext4: fix wrong unit use in ext4_mb_new_blocks (bsc#1214944). - ext4: get block from bh in ext4_free_blocks for fast commit replay (bsc#1214942). - ext4: reflect error codes from ext4_multi_mount_protect() to its callers (bsc#1214941). - ext4: Remove ext4 locking of moved directory (bsc#1214957). - ext4: set goal start correctly in ext4_mb_normalize_request (bsc#1214940). - fs: do not update freeing inode i_io_list (bsc#1214813). - fs: Establish locking order for unrelated directories (bsc#1214958). - fs: Lock moved directories (bsc#1214959). - fs: lockd: avoid possible wrong NULL parameter (git-fixes). - fs: no need to check source (bsc#1215752). - fs: record I_DIRTY_TIME even if inode already has I_DIRTY_INODE (bsc#1214813). - fuse: nlookup missing decrement in fuse_direntplus_link (bsc#1215581). - gve: Add AF_XDP zero-copy support for GQI-QPL format (bsc#1214479). - gve: Add XDP DROP and TX support for GQI-QPL format (bsc#1214479). - gve: Add XDP REDIRECT support for GQI-QPL format (bsc#1214479). - gve: Changes to add new TX queues (bsc#1214479). - gve: Control path for DQO-QPL (bsc#1214479). - gve: fix frag_list chaining (bsc#1214479). - gve: Fix gve interrupt names (bsc#1214479). - gve: RX path for DQO-QPL (bsc#1214479). - gve: trivial spell fix Recive to Receive (bsc#1214479). - gve: Tx path for DQO-QPL (bsc#1214479). - gve: Unify duplicate GQ min pkt desc size constants (bsc#1214479). - gve: use vmalloc_array and vcalloc (bsc#1214479). - gve: XDP support GQI-QPL: helper function changes (bsc#1214479). - hwrng: virtio - add an internal buffer (git-fixes). - hwrng: virtio - always add a pending request (git-fixes). - hwrng: virtio - do not wait on cleanup (git-fixes). - hwrng: virtio - do not waste entropy (git-fixes). - hwrng: virtio - Fix race on data_avail and actual data (git-fixes). - i2c: aspeed: Reset the i2c controller when timeout occurs (git-fixes). - i3c: master: svc: fix probe failure when no i3c device exist (git-fixes). - i915/pmu: Move execlist stats initialization to execlist specific setup (git-fixes). - idr: fix param name in idr_alloc_cyclic() doc (git-fixes). - Input: tca6416-keypad - fix interrupt enable disbalance (git-fixes). - iommu/virtio: Detach domain on endpoint release (git-fixes). - iommu/virtio: Return size mapped for a detached domain (git-fixes). - jbd2: check 'jh->b_transaction' before removing it from checkpoint (bsc#1214953). - jbd2: correct the end of the journal recovery scan range (bsc#1214955). - jbd2: fix a race when checking checkpoint buffer busy (bsc#1214949). - jbd2: fix checkpoint cleanup performance regression (bsc#1214952). - jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint (bsc#1214948). - jbd2: recheck chechpointing non-dirty buffer (bsc#1214945). - jbd2: remove journal_clean_one_cp_list() (bsc#1214947). - jbd2: remove t_checkpoint_io_list (bsc#1214946). - jbd2: restore t_checkpoint_io_list to maintain kABI (bsc#1214946). - kabi: hide changes in enum ipl_type and struct sclp_info (jsc#PED-2023 jsc#PED-2025). - kabi/severities: ignore mlx4 internal symbols - kconfig: fix possible buffer overflow (git-fixes). - kernel-binary: Move build-time definitions together Move source list and build architecture to buildrequires to aid in future reorganization of the spec template. - kernel-binary: python3 is needed for build At least scripts/bpf_helpers_doc.py requires python3 since Linux 4.18 Other simimlar scripts may exist. - kselftest/runner.sh: Propagate SIGTERM to runner child (git-fixes). - KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes (git-fixes bsc#1215915). - KVM: s390: interrupt: use READ_ONCE() before cmpxchg() (git-fixes bsc#1215896). - KVM: s390: pv: fix external interruption loop not always detected (git-fixes bsc#1215916). - KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field (git-fixes bsc#1215894). - KVM: s390: vsie: fix the length of APCB bitmap (git-fixes bsc#1215895). - KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler (git-fixes bsc#1215911). - KVM: SVM: Remove a duplicate definition of VMCB_AVIC_APIC_BAR_MASK (git-fixes). - KVM: VMX: Fix header file dependency of asm/vmx.h (git-fixes). - KVM: x86: Fix KVM_CAP_SYNC_REGS's sync_regs() TOCTOU issues (git-fixes). - KVM: x86/mmu: Include mmu.h in spte.h (git-fixes). - loop: Fix use-after-free issues (bsc#1214991). - loop: loop_set_status_from_info() check before assignment (bsc#1214990). - mlx4: Avoid resetting MLX4_INTFF_BONDING per driver (bsc#1187236). - mlx4: Connect the ethernet part to the auxiliary bus (bsc#1187236). - mlx4: Connect the infiniband part to the auxiliary bus (bsc#1187236). - mlx4: Delete custom device management logic (bsc#1187236). - mlx4: Get rid of the mlx4_interface.activate callback (bsc#1187236). - mlx4: Get rid of the mlx4_interface.get_dev callback (bsc#1187236). - mlx4: Move the bond work to the core driver (bsc#1187236). - mlx4: Register mlx4 devices to an auxiliary virtual bus (bsc#1187236). - mlx4: Rename member mlx4_en_dev.nb to netdev_nb (bsc#1187236). - mlx4: Replace the mlx4_interface.event callback with a notifier (bsc#1187236). - mlx4: Use 'void *' as the event param of mlx4_dispatch_event() (bsc#1187236). - module: Expose module_init_layout_section() (git-fixes) - net: do not allow gso_size to be set to GSO_BY_FRAGS (git-fixes). - net: mana: Add page pool for RX buffers (bsc#1214040). - net: mana: Configure hwc timeout from hardware (bsc#1214037). - net: phy: micrel: Correct bit assignments for phy_device flags (git-fixes). - net: usb: qmi_wwan: add Quectel EM05GV2 (git-fixes). - net/mlx4: Remove many unnecessary NULL values (bsc#1187236). - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN (git-fixes). - NFS/blocklayout: Use the passed in gfp flags (git-fixes). - NFS/pNFS: Report EINVAL errors from connect() to the server (git-fixes). - NFSD: da_addr_body field missing in some GETDEVICEINFO replies (git-fixes). - NFSD: fix change_info in NFSv4 RENAME replies (git-fixes). - NFSD: Fix race to FREE_STATEID and cl_revoked (git-fixes). - NFSv4: Fix dropped lock for racing OPEN and delegation return (git-fixes). - NFSv4: fix out path in __nfs4_get_acl_uncached (git-fixes). - NFSv4.2: fix error handling in nfs42_proc_getxattr (git-fixes). - NFSv4.2: fix handling of COPY ERR_OFFLOAD_NO_REQ (git-fixes). - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info (git-fixes). - ntb: Clean up tx tail index on link down (git-fixes). - ntb: Drop packets when qp link is down (git-fixes). - ntb: Fix calculation ntb_transport_tx_free_entry() (git-fixes). - nvme-auth: use chap->s2 to indicate bidirectional authentication (bsc#1214543). - nvme-tcp: add recovery_delay to sysfs (bsc#1201284). - nvme-tcp: delay error recovery until the next KATO interval (bsc#1201284). - nvme-tcp: Do not terminate commands when in RESETTING (bsc#1201284). - nvme-tcp: make 'err_work' a delayed work (bsc#1201284). - PCI: Free released resource after coalescing (git-fixes). - platform/mellanox: mlxbf-pmc: Fix potential buffer overflows (git-fixes). - platform/mellanox: mlxbf-pmc: Fix reading of unprogrammed events (git-fixes). - platform/mellanox: mlxbf-tmfifo: Drop jumbo frames (git-fixes). - platform/mellanox: mlxbf-tmfifo: Drop the Rx packet if no more descriptors (git-fixes). - platform/x86: intel_scu_ipc: Check status after timeout in busy_loop() (git-fixes). - platform/x86: intel_scu_ipc: Check status upon timeout in ipc_wait_for_interrupt() (git-fixes). - platform/x86: intel_scu_ipc: Do not override scu in intel_scu_ipc_dev_simple_command() (git-fixes). - platform/x86: intel_scu_ipc: Fail IPC send if still busy (git-fixes). - pNFS: Fix assignment of xprtdata.cred (git-fixes). - powerpc/fadump: make is_kdump_kernel() return false when fadump is active (bsc#1212639 ltc#202582). - powerpc/iommu: Fix notifiers being shared by PCI and VIO buses (bsc#1065729). - powerpc/xics: Remove unnecessary endian conversion (bsc#1065729). - printk: ringbuffer: Fix truncating buffer size min_t cast (bsc#1215875). - pwm: lpc32xx: Remove handling of PWM channels (git-fixes). - quota: add new helper dquot_active() (bsc#1214998). - quota: factor out dquot_write_dquot() (bsc#1214995). - quota: fix dqput() to follow the guarantees dquot_srcu should provide (bsc#1214963). - quota: fix warning in dqgrab() (bsc#1214962). - quota: Properly disable quotas when add_dquot_ref() fails (bsc#1214961). - quota: rename dquot_active() to inode_quota_active() (bsc#1214997). - RDMA/siw: Fabricate a GID on tun and loopback devices (git-fixes) - s390/dasd: fix command reject error on ESE devices (LTC#203630 bsc#1215123 git-fixes). - s390/dasd: fix hanging device after request requeue (git-fixes LTC#203629 bsc#1215124). - s390/ipl: add DEFINE_GENERIC_LOADPARM() (jsc#PED-2023). - s390/ipl: add eckd dump support (jsc#PED-2025). - s390/ipl: add eckd support (jsc#PED-2023). - s390/ipl: add loadparm parameter to eckd ipl/reipl data (jsc#PED-2023). - s390/ipl: use octal values instead of S_* macros (jsc#PED-2023). - s390/qeth: Do not call dev_close/dev_open (DOWN/UP) (bsc#1214873 git-fixes). - s390/zcrypt: do not leak memory if dev_set_name() fails (git-fixes bsc#1215148). - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes). - scsi: 53c700: Check that command slot is not NULL (git-fixes). - scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes). - scsi: core: Fix possible memory leak if device_add() fails (git-fixes). - scsi: fnic: Replace return codes in fnic_clean_pending_aborts() (git-fixes). - scsi: lpfc: Do not abuse UUID APIs and LPFC_COMPRESS_VMID_SIZE (git-fixes). - scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (git-fixes). - scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes). - scsi: lpfc: Modify when a node should be put in device recovery mode during RSCN (git-fixes). - scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (git-fixes). - scsi: lpfc: Remove reftag check in DIF paths (git-fixes). - scsi: qedf: Add synchronization between I/O completions and abort (bsc#1210658). - scsi: qedf: Fix firmware halt over suspend and resume (git-fixes). - scsi: qedf: Fix NULL dereference in error handling (git-fixes). - scsi: qedi: Fix firmware halt over suspend and resume (git-fixes). - scsi: qla2xxx: Add logs for SFP temperature monitoring (bsc#1214928). - scsi: qla2xxx: Allow 32-byte CDBs (bsc#1214928). - scsi: qla2xxx: Error code did not return to upper layer (bsc#1214928). - scsi: qla2xxx: Fix firmware resource tracking (bsc#1214928). - scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes). - scsi: qla2xxx: Fix smatch warn for qla_init_iocb_limit() (bsc#1214928). - scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1214928). - scsi: qla2xxx: Move resource to allow code reuse (bsc#1214928). - scsi: qla2xxx: Remove unsupported ql2xenabledif option (bsc#1214928). - scsi: qla2xxx: Remove unused declarations (bsc#1214928). - scsi: qla2xxx: Remove unused variables in qla24xx_build_scsi_type_6_iocbs() (bsc#1214928). - scsi: qla2xxx: Update version to 10.02.09.100-k (bsc#1214928). - scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() (git-fixes). - scsi: scsi_debug: Remove dead code (git-fixes). - scsi: snic: Fix double free in snic_tgt_create() (git-fixes). - scsi: snic: Fix possible memory leak if device_add() fails (git-fixes). - scsi: storvsc: Handle additional SRB status values (git-fixes). - scsi: zfcp: Fix a double put in zfcp_port_enqueue() (git-fixes bsc#1215941). - selftests: mlxsw: Fix test failure on Spectrum-4 (jsc#PED-1549). - selftests: tracing: Fix to unmount tracefs for recovering environment (git-fixes). - spi: Add TPM HW flow flag (bsc#1213534) - spi: tegra210-quad: Enable TPM wait polling (bsc#1213534) - spi: tegra210-quad: set half duplex flag (bsc#1213534) - SUNRPC: Mark the cred for revalidation if the server rejects it (git-fixes). - tcpm: Avoid soft reset when partner does not support get_status (git-fixes). - tpm_tis_spi: Add hardware wait polling (bsc#1213534) - tracing: Fix race issue between cpu buffer write and swap (git-fixes). - tracing: Remove extra space at the end of hwlat_detector/mode (git-fixes). - tracing: Remove unnecessary copying of tr->current_trace (git-fixes). - uapi: stddef.h: Fix __DECLARE_FLEX_ARRAY for C++ (git-fixes). - udf: Fix extension of the last extent in the file (bsc#1214964). - udf: Fix file corruption when appending just after end of preallocated extent (bsc#1214965). - udf: Fix off-by-one error when discarding preallocation (bsc#1214966). - udf: Fix uninitialized array access for some pathnames (bsc#1214967). - Update metadata - uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix (git-fixes). - usb: ehci: add workaround for chipidea PORTSC.PEC bug (git-fixes). - usb: ehci: move new member has_ci_pec_bug into hole (git-fixes). - usb: serial: option: add FOXCONN T99W368/T99W373 product (git-fixes). - usb: serial: option: add Quectel EM05G variant (0x030e) (git-fixes). - usb: typec: tcpci: clear the fault status bit (git-fixes). - usb: typec: tcpci: move tcpci.h to include/linux/usb/ (git-fixes). - vhost_vdpa: fix the crash in unmap a large memory (git-fixes). - vhost-scsi: unbreak any layout for response (git-fixes). - vhost: allow batching hint without size (git-fixes). - vhost: allow batching hint without size (git-fixes). - vhost: fix hung thread due to erroneous iotlb entries (git-fixes). - vhost: handle error while adding split ranges to iotlb (git-fixes). - virtio_net: add checking sq is full inside xdp xmit (git-fixes). - virtio_net: Fix probe failed when modprobe virtio_net (git-fixes). - virtio_net: reorder some funcs (git-fixes). - virtio_net: separate the logic of checking whether sq is full (git-fixes). - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed (git-fixes). - virtio-blk: set req->state to MQ_RQ_COMPLETE after polling I/O is finished (git-fixes). - virtio-mmio: do not break lifecycle of vm_dev (git-fixes). - virtio-net: fix race between set queues and probe (git-fixes). - virtio-net: set queues after driver_ok (git-fixes). - virtio-rng: make device ready before making request (git-fixes). - virtio: acknowledge all features before access (git-fixes). - vmcore: remove dependency with is_kdump_kernel() for exporting vmcore (bsc#1212639 ltc#202582). - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load (git-fixes). - word-at-a-time: use the same return type for has_zero regardless of endianness (bsc#1065729). - x86/alternative: Fix race in try_get_desc() (git-fixes). - x86/boot/e820: Fix typo in e820.c comment (git-fixes). - x86/bugs: Reset speculation control settings on init (git-fixes). - x86/coco: Allow CPU online/offline for a TDX VM with the paravisor on Hyper-V (bsc#1206453). - x86/coco: Export cc_vendor (bsc#1206453). - x86/cpu: Add Lunar Lake M (git-fixes). - x86/cpu: Add model number for Intel Arrow Lake processor (git-fixes). - x86/fpu: Take task_struct* in copy_sigframe_from_user_to_xstate() (git-fixes). - x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed (git-fixes). - x86/hyperv: Add hv_isolation_type_tdx() to detect TDX guests (bsc#1206453). - x86/hyperv: Add hv_write_efer() for a TDX VM with the paravisor (bsc#1206453). - x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES (bsc#1206453). - x86/hyperv: Add missing 'inline' to hv_snp_boot_ap() stub (bsc#1206453). - x86/hyperv: Add sev-snp enlightened guest static key (bsc#1206453) - x86/hyperv: Add smp support for SEV-SNP guest (bsc#1206453). - x86/hyperv: Add VTL specific structs and hypercalls (bsc#1206453). - x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline (bsc#1206453). - x86/hyperv: Fix serial console interrupts for fully enlightened TDX guests (bsc#1206453). - x86/hyperv: Fix undefined reference to isolation_type_en_snp without CONFIG_HYPERV (bsc#1206453). - x86/hyperv: Introduce a global variable hyperv_paravisor_present (bsc#1206453). - x86/hyperv: Mark hv_ghcb_terminate() as noreturn (bsc#1206453). - x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP enlightened guest (bsc#1206453). - x86/hyperv: Move the code in ivm.c around to avoid unnecessary ifdef's (bsc#1206453). - x86/hyperv: Remove hv_isolation_type_en_snp (bsc#1206453). - x86/hyperv: Set Virtual Trust Level in VMBus init message (bsc#1206453). - x86/hyperv: Support hypercalls for fully enlightened TDX guests (bsc#1206453). - x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor (bsc#1206453). - x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp enlightened guest (bsc#1206453). - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (git-fixes). - x86/ioapic: Do not return 0 from arch_dynirq_lower_bound() (git-fixes). - x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-fixes). - x86/mce: Retrieve poison range from hardware (git-fixes). - x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build (git-fixes). - x86/mm: Avoid incomplete Global INVLPG flushes (git-fixes). - x86/mm: Do not shuffle CPU entry areas without KASLR (git-fixes). - x86/purgatory: remove PGO flags (git-fixes). - x86/PVH: avoid 32-bit build warning when obtaining VGA console info (git-fixes). - x86/reboot: Disable virtualization in an emergency if SVM is supported (git-fixes). - x86/resctl: fix scheduler confusion with 'current' (git-fixes). - x86/resctrl: Fix task CLOSID/RMID update race (git-fixes). - x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register (git-fixes). - x86/rtc: Remove __init for runtime functions (git-fixes). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - x86/sgx: Reduce delay and interference of enclave release (git-fixes). - x86/srso: Do not probe microcode in a guest (git-fixes). - x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes). - x86/srso: Fix srso_show_state() side effect (git-fixes). - x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes). - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) (git-fixes). - xen: remove a confusing comment on auto-translated guest I/O (git-fixes). - xprtrdma: Remap Receive buffers after a reconnect (git-fixes). Important SUSE bug 1065729 SUSE bug 1152472 SUSE bug 1187236 SUSE bug 1201284 SUSE bug 1202845 SUSE bug 1206453 SUSE bug 1208995 SUSE bug 1210169 SUSE bug 1210643 SUSE bug 1210658 SUSE bug 1212639 SUSE bug 1212703 SUSE bug 1213534 SUSE bug 1213808 SUSE bug 1214022 SUSE bug 1214037 SUSE bug 1214040 SUSE bug 1214351 SUSE bug 1214479 SUSE bug 1214543 SUSE bug 1214635 SUSE bug 1214813 SUSE bug 1214873 SUSE bug 1214928 SUSE bug 1214940 SUSE bug 1214941 SUSE bug 1214942 SUSE bug 1214943 SUSE bug 1214944 SUSE bug 1214945 SUSE bug 1214946 SUSE bug 1214947 SUSE bug 1214948 SUSE bug 1214949 SUSE bug 1214950 SUSE bug 1214951 SUSE bug 1214952 SUSE bug 1214953 SUSE bug 1214954 SUSE bug 1214955 SUSE bug 1214957 SUSE bug 1214958 SUSE bug 1214959 SUSE bug 1214961 SUSE bug 1214962 SUSE bug 1214963 SUSE bug 1214964 SUSE bug 1214965 SUSE bug 1214966 SUSE bug 1214967 SUSE bug 1214986 SUSE bug 1214988 SUSE bug 1214990 SUSE bug 1214991 SUSE bug 1214992 SUSE bug 1214993 SUSE bug 1214995 SUSE bug 1214997 SUSE bug 1214998 SUSE bug 1215115 SUSE bug 1215117 SUSE bug 1215123 SUSE bug 1215124 SUSE bug 1215148 SUSE bug 1215150 SUSE bug 1215221 SUSE bug 1215275 SUSE bug 1215322 SUSE bug 1215467 SUSE bug 1215581 SUSE bug 1215752 SUSE bug 1215858 SUSE bug 1215860 SUSE bug 1215861 SUSE bug 1215875 SUSE bug 1215877 SUSE bug 1215894 SUSE bug 1215895 SUSE bug 1215896 SUSE bug 1215899 SUSE bug 1215911 SUSE bug 1215915 SUSE bug 1215916 SUSE bug 1215941 CVE-2023-1192 at SUSE CVE-2023-1192 at NVD CVE-2023-1206 at SUSE CVE-2023-1206 at NVD CVE-2023-1859 at SUSE CVE-2023-1859 at NVD CVE-2023-2177 at SUSE CVE-2023-2177 at NVD CVE-2023-39192 at SUSE CVE-2023-39192 at NVD CVE-2023-39193 at SUSE CVE-2023-39193 at NVD CVE-2023-39194 at SUSE CVE-2023-39194 at NVD CVE-2023-4155 at SUSE CVE-2023-4155 at NVD CVE-2023-42753 at SUSE CVE-2023-42753 at NVD CVE-2023-42754 at SUSE CVE-2023-42754 at NVD CVE-2023-4389 at SUSE CVE-2023-4389 at NVD CVE-2023-4622 at SUSE CVE-2023-4622 at NVD CVE-2023-4623 at SUSE CVE-2023-4623 at NVD CVE-2023-4881 at SUSE CVE-2023-4881 at NVD CVE-2023-4921 at SUSE CVE-2023-4921 at NVD CVE-2023-5345 at SUSE CVE-2023-5345 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cni-plugins (Important) SUSE Linux Enterprise Micro 5.5 This update of cni-plugins fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). Important SUSE bug 1212475 SUSE bug 1216006 cpe:/o:suse:sle-micro:5.5 Security update for cni (Important) SUSE Linux Enterprise Micro 5.5 This update of cni fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). Important SUSE bug 1212475 SUSE bug 1216006 cpe:/o:suse:sle-micro:5.5 Security update for opensc (Important) SUSE Linux Enterprise Micro 5.5 This update for opensc fixes the following issues: - CVE-2023-40660: Fixed a PIN bypass that could be triggered when cards tracked their own login state (bsc#1215762). - CVE-2023-40661: Fixed several memory safety issues that could happen during the card enrollment process using pkcs15-init (bsc#1215761). Important SUSE bug 1215761 SUSE bug 1215762 CVE-2023-40660 at SUSE CVE-2023-40660 at NVD CVE-2023-40661 at SUSE CVE-2023-40661 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3 fixes the following issues: - CVE-2023-43804: Fixed a potential cookie leak via HTTP redirect if the user manually set the corresponding header (bsc#1215968). Moderate SUSE bug 1215968 CVE-2023-43804 at SUSE CVE-2023-43804 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Important) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-4813: Fixed a potential use-after-free in gaih_inet() (bsc#1215286, BZ #28931) Also a regression from a previous update was fixed: - elf: Align argument of __munmap to page size (bsc#1215891, BZ #28676) Important SUSE bug 1215286 SUSE bug 1215891 CVE-2023-4813 at SUSE CVE-2023-4813 at NVD cpe:/o:suse:sle-micro:5.5 Security update for suse-module-tools (Important) SUSE Linux Enterprise Micro 5.5 This update for suse-module-tools fixes the following issues: - Update to version 15.5.3: - CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module (bsc#1210335). - CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules (bsc#1205767, jsc#PED-5731). Important SUSE bug 1205767 SUSE bug 1210335 CVE-2023-1829 at SUSE CVE-2023-1829 at NVD CVE-2023-23559 at SUSE CVE-2023-23559 at NVD cpe:/o:suse:sle-micro:5.5 Security update for grub2 (Important) SUSE Linux Enterprise Micro 5.5 This update for grub2 fixes the following issues: Security fixes: - CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. (bsc#1215935) - CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. (bsc#1215936) Other fixes: - Fix a boot delay issue in PowerPC PXE boot (bsc#1201300) Important SUSE bug 1201300 SUSE bug 1215935 SUSE bug 1215936 CVE-2023-4692 at SUSE CVE-2023-4692 at NVD CVE-2023-4693 at SUSE CVE-2023-4693 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gcc13 (Important) SUSE Linux Enterprise Micro 5.5 This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP4 and SP5, and provided in the 'Development Tools' module. The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories. To use gcc13 compilers use: - install 'gcc13' or 'gcc13-c++' or one of the other 'gcc13-COMPILER' frontend packages. - override your Makefile to use CC=gcc13, CXX=g++13 and similar overrides for the other languages. For a full changelog with all new GCC13 features, check out https://gcc.gnu.org/gcc-13/changes.html Detailed changes: * CVE-2023-4039: Fixed -fstack-protector issues on aarch64 with variable length stack allocations. (bsc#1214052) - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Also handle -static-pie in the default-PIE specs - Fixed missed optimization in Skia resulting in Firefox crashes when building with LTO. [bsc#1212101] - Make libstdc++6-devel packages own their directories since they can be installed standalone. [bsc#1211427] - Add new x86-related intrinsics (amxcomplexintrin.h). - RISC-V: Add support for inlining subword atomic operations - Use --enable-link-serialization rather that --enable-link-mutex, the benefit of the former one is that the linker jobs are not holding tokens of the make's jobserver. - Add cross-bpf packages. See https://gcc.gnu.org/wiki/BPFBackEnd for the general state of BPF with GCC. - Add bootstrap conditional to allow --without=bootstrap to be specified to speed up local builds for testing. - Bump included newlib to version 4.3.0. - Also package libhwasan_preinit.o on aarch64. - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Package libhwasan_preinit.o on x86_64. - Fixed unwinding on aarch64 with pointer signing. [bsc#1206684] - Enable PRU flavour for gcc13 - update floatn fixinclude pickup to check each header separately (bsc#1206480) - Redo floatn fixinclude pick-up to simply keep what is there. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Depend on at least LLVM 13 for GCN cross compiler. - Update embedded newlib to version 4.2.0 - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. Important SUSE bug 1206480 SUSE bug 1206684 SUSE bug 1210557 SUSE bug 1211427 SUSE bug 1212101 SUSE bug 1213915 SUSE bug 1214052 SUSE bug 1214460 CVE-2023-4039 at SUSE CVE-2023-4039 at NVD cpe:/o:suse:sle-micro:5.5 Recommended update for libssh2_org (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libssh2_org fixes the following issues: - Upgrade to version 1.11.0 in SLE-15: [jsc#PED-7040] Update to 1.11.0: * Enhancements and bugfixes - Adds support for encrypt-then-mac (ETM) MACs - Adds support for AES-GCM crypto protocols - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys - Adds support for RSA certificate authentication - Adds FIDO support with *_sk() functions - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends - Adds Agent Forwarding and libssh2_agent_sign() - Adds support for Channel Signal message libssh2_channel_signal_ex() - Adds support to get the user auth banner message libssh2_userauth_banner() - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() - Adds wolfSSL support to CMake file - Adds mbedTLS 3.x support - Adds LibreSSL 3.5 support - Adds support for CMake 'unity' builds - Adds CMake support for building shared and static libs in a single pass - Adds symbol hiding support to CMake - Adds support for libssh2.rc for all build tools - Adds .zip, .tar.xz and .tar.bz2 release tarballs - Enables ed25519 key support for LibreSSL 3.7.0 or higher - Improves OpenSSL 1.1 and 3 compatibility - Now requires OpenSSL 1.0.2 or newer - Now requires CMake 3.1 or newer - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs - SFTP: No longer has a packet limit when reading a directory - SFTP: now parses attribute extensions if they exist - SFTP: no longer will busy loop if SFTP fails to initialize - SFTP: now clear various errors as expected - SFTP: no longer skips files if the line buffer is too small - SCP: add option to not quote paths - SCP: Enables 64-bit offset support unconditionally - Now skips leading \r and \n characters in banner_receive() - Enables secure memory zeroing with all build tools on all platforms - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive - Speed up base64 encoding by 7x - Assert if there is an attempt to write a value that is too large - WinCNG: fix memory leak in _libssh2_dh_secret() - Added protection against possible null pointer dereferences - Agent now handles overly large comment lengths - Now ensure KEX replies don't include extra bytes - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER - Fixed possible buffer overflow in keyboard interactive code path - Fixed overlapping memcpy() - Fixed Windows UWP builds - Fixed DLL import name - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows - Support for building with gcc versions older than 8 - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files - Restores ANSI C89 compliance - Enabled new compiler warnings and fixed/silenced them - Improved error messages - Now uses CIFuzz - Numerous minor code improvements - Improvements to CI builds - Improvements to unit tests - Improvements to doc files - Improvements to example files - Removed 'old gex' build option - Removed no-encryption/no-mac builds - Removed support for NetWare and Watcom wmake build files - Bump to version 1.10.0 * Enhancements and bugfixes: * support ECDSA certificate authentication * fix detailed _libssh2_error being overwritten by generic errors * unified error handling * fix _libssh2_random() silently discarding errors * don't error if using keys without RSA * avoid OpenSSL latent error in FIPS mode * fix EVP_Cipher interface change in openssl 3 * fix potential overwrite of buffer when reading stdout of command * use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data * correct a typo which may lead to stack overflow * fix random big number generation to match openssl * added key exchange group16-sha512 and group18-sha512. * add support for an OSS Fuzzer fuzzing target * adds support for ECDSA for both key exchange and host key algorithms * clean up curve25519 code * update the min, preferred and max DH group values based on RFC 8270. * changed type of LIBSSH2_FX_* constants to unsigned long * added diffie-hellman-group14-sha256 kex * fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression * fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. * fixes crash with delayed compression option using Bitvise server. * adds support for PKIX key reading * use new API to parse data in packet_x11_open() for better bounds checking. * double the static buffer size when reading and writing known hosts * improved bounds checking in packet_queue_listener * improve message parsing (CVE-2019-17498) * improve bounds checking in kex_agree_methods() * adding SSH agent forwarding. * fix agent forwarding message, updated example. * added integration test code and cmake target. Added example to cmake list. * don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. * add an EWOULDBLOCK check for better portability * fix off by one error when loading public keys with no id * fix use-after-free crash on reinitialization of openssl backend * preserve error info from agent_list_identities() * make sure the error code is set in _libssh2_channel_open() * fixed misspellings * fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` * rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type Moderate CVE-2019-17498 at SUSE CVE-2019-17498 at NVD cpe:/o:suse:sle-micro:5.5 Security update for nghttp2 (Important) SUSE Linux Enterprise Micro 5.5 This update for nghttp2 fixes the following issues: - CVE-2023-44487: Fixed HTTP/2 Rapid Reset attack. (bsc#1216174) Important SUSE bug 1216123 SUSE bug 1216174 CVE-2023-44487 at SUSE CVE-2023-44487 at NVD cpe:/o:suse:sle-micro:5.5 Security update for zlib (Moderate) SUSE Linux Enterprise Micro 5.5 This update for zlib fixes the following issues: - CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent (bsc#1216378). Moderate SUSE bug 1216378 CVE-2023-45853 at SUSE CVE-2023-45853 at NVD cpe:/o:suse:sle-micro:5.5 Security update for zchunk (Important) SUSE Linux Enterprise Micro 5.5 This update for zchunk fixes the following issues: - CVE-2023-46228: Fixed a handle overflow errors in malformed zchunk files. (bsc#1216268) Important SUSE bug 1216268 CVE-2023-46228 at SUSE CVE-2023-46228 at NVD cpe:/o:suse:sle-micro:5.5 Security update for open-vm-tools (Important) SUSE Linux Enterprise Micro 5.5 This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue (bsc#1216432). - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper (bsc#1216433). Important SUSE bug 1216432 SUSE bug 1216433 CVE-2023-34058 at SUSE CVE-2023-34058 at NVD CVE-2023-34059 at SUSE CVE-2023-34059 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778) - CVE-2023-45862: Fixed an issue in the ENE UB6250 reader driver whwere an object could potentially extend beyond the end of an allocation causing. (bsc#1216051) - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). - CVE-2023-5178: Fixed an UAF in queue intialization setup. (bsc#1215768) - CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215518) - CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745). - CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046) - CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user-supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) - CVE-2023-2860: Fixed an out-of-bounds read vulnerability in the processing of seg6 attributes. This flaw allowed a privileged local user to disclose sensitive information. (bsc#1211592) The following non-security bugs were fixed: - 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes). - ACPI: irq: Fix incorrect return value in acpi_register_gsi() (git-fixes). - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA (git-fixes). - ALSA: hda/realtek - ALC287 I2S speaker platform support (git-fixes). - ALSA: hda/realtek - ALC287 merge RTK codec with CS CS35L41 AMP (git-fixes). - ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes). - ALSA: hda/realtek - Fixed two speaker platform (git-fixes). - ALSA: hda/realtek: Add quirk for ASUS ROG GU603ZV (git-fixes). - ALSA: hda/realtek: Change model for Intel RVP board (git-fixes). - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq5xxx (git-fixes). - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre M70q (git-fixes). - ALSA: hda: intel-dsp-cfg: add LunarLake support (git-fixes). - ALSA: hda: intel-sdw-acpi: Use u8 type for link index (git-fixes). - ALSA: usb-audio: Fix microphone sound on Nexigo webcam (git-fixes). - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset (git-fixes). - ASoC: amd: yc: Fix non-functional mic on Lenovo 82YM (git-fixes). - ASoC: codecs: wcd938x-sdw: fix runtime PM imbalance on probe errors (git-fixes). - ASoC: codecs: wcd938x-sdw: fix use after free on driver unbind (git-fixes). - ASoC: codecs: wcd938x: drop bogus bind error handling (git-fixes). - ASoC: codecs: wcd938x: fix unbind tear down order (git-fixes). - ASoC: fsl: imx-pcm-rpmsg: Add SNDRV_PCM_INFO_BATCH flag (git-fixes). - ASoC: imx-rpmsg: Set ignore_pmdown_time for dai_link (git-fixes). - ASoC: pxa: fix a memory leak in probe() (git-fixes). - Bluetooth: Avoid redundant authentication (git-fixes). - Bluetooth: Fix a refcnt underflow problem for hci_conn (git-fixes). - Bluetooth: ISO: Fix handling of listen for unicast (git-fixes). - Bluetooth: Reject connection with the device which has same BD_ADDR (git-fixes). - Bluetooth: avoid memcmp() out of bounds warning (git-fixes). - Bluetooth: btusb: add shutdown function for QCA6174 (git-fixes). - Bluetooth: hci_codec: Fix leaking content of local_codecs (git-fixes). - Bluetooth: hci_event: Fix coding style (git-fixes). - Bluetooth: hci_event: Fix using memcmp when comparing keys (git-fixes). - Bluetooth: hci_event: Ignore NULL link key (git-fixes). - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name (git-fixes). - Bluetooth: hci_sock: fix slab oob read in create_monitor_event (git-fixes). - Bluetooth: vhci: Fix race when opening vhci device (git-fixes). - Documentation: qat: change kernel version (PED-6401). - Documentation: qat: rewrite description (PED-6401). - Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (git-fixes). - Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs (git-fixes). - Fix metadata references - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event (git-fixes). - HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit (git-fixes). - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (git-fixes). - HID: multitouch: Add required quirk for Synaptics 0xcd7e device (git-fixes). - HID: sony: Fix a potential memory leak in sony_probe() (git-fixes). - HID: sony: remove duplicate NULL check before calling usb_free_urb() (git-fixes). - IB/mlx4: Fix the size of a buffer in add_port_entries() (git-fixes) - Input: goodix - ensure int GPIO is in input for gpio_count == 1 && gpio_int_idx == 0 case (git-fixes). - Input: powermate - fix use-after-free in powermate_config_complete (git-fixes). - Input: psmouse - fix fast_reconnect function for PS/2 mode (git-fixes). - Input: xpad - add PXN V900 support (git-fixes). - KVM: SVM: Do not kill SEV guest if SMAP erratum triggers in usermode (git-fixes). - KVM: SVM: INTERCEPT_RDTSCP is never intercepted anyway (git-fixes). - KVM: s390: fix gisa destroy operation might lead to cpu stalls (git-fixes bsc#1216512). - KVM: x86/mmu: Reconstruct shadow page root if the guest PDPTEs is changed (git-fixes). - KVM: x86: Fix clang -Wimplicit-fallthrough in do_host_cpuid() (git-fixes). - KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (bsc#1213772). - KVM: x86: Propagate the AMD Automatic IBRS feature to the guest (bsc#1213772). - KVM: x86: add support for CPUID leaf 0x80000021 (bsc#1213772). - KVM: x86: synthesize CPUID leaf 0x80000021h if useful (bsc#1213772). - KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). - NFS: Fix O_DIRECT locking issues (bsc#1211162). - NFS: Fix a few more clear_bit() instances that need release semantics (bsc#1211162). - NFS: Fix a potential data corruption (bsc#1211162). - NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162). - NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162). - NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162). - NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162). - NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162). - NFSD: Never call nfsd_file_gc() in foreground paths (bsc#1215545). - RDMA/cma: Fix truncation compilation warning in make_cma_ports (git-fixes) - RDMA/cma: Initialize ib_sa_multicast structure to 0 when join (git-fixes) - RDMA/core: Require admin capabilities to set system parameters (git-fixes) - RDMA/cxgb4: Check skb value for failure to allocate (git-fixes) - RDMA/mlx5: Fix NULL string error (git-fixes) - RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation (git-fixes) - RDMA/siw: Fix connection failure handling (git-fixes) - RDMA/srp: Do not call scsi_done() from srp_abort() (git-fixes) - RDMA/uverbs: Fix typo of sizeof argument (git-fixes) - Revert 'pinctrl: avoid unsafe code pattern in find_pinctrl()' (git-fixes). - Revert 'tty: n_gsm: fix UAF in gsm_cleanup_mux' (git-fixes). - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL (git-fixes). - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition (git-fixes). - USB: serial: option: add entry for Sierra EM9191 with new firmware (git-fixes). - arm64/smmu: use TLBI ASID when invalidating entire range (bsc#1215921) - ata: libata-core: Do not register PM operations for SAS ports (git-fixes). - ata: libata-core: Fix ata_port_request_pm() locking (git-fixes). - ata: libata-core: Fix port and device removal (git-fixes). - ata: libata-sata: increase PMP SRST timeout to 10s (git-fixes). - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES (git-fixes). - blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062). - blk-cgroup: support to track if policy is online (bsc#1216062). - bonding: Fix extraction of ports from the packet headers (bsc#1214754). - bonding: Return pointer to data after pull on skb (bsc#1214754). - bonding: do not assume skb mac_header is set (bsc#1214754). - bpf: Add copy_map_value_long to copy to remote percpu memory (git-fixes). - bpf: Add missing btf_put to register_btf_id_dtor_kfuncs (git-fixes). - bpf: Add override check to kprobe multi link attach (git-fixes). - bpf: Add zero_map_value to zero map value with special fields (git-fixes). - bpf: Cleanup check_refcount_ok (git-fixes). - bpf: Fix max stack depth check for async callbacks (git-fixes). - bpf: Fix offset calculation error in __copy_map_value and zero_map_value (git-fixes). - bpf: Fix ref_obj_id for dynptr data slices in verifier (git-fixes). - bpf: Fix resetting logic for unreferenced kptrs (git-fixes). - bpf: Fix subprog idx logic in check_max_stack_depth (git-fixes). - bpf: Gate dynptr API behind CAP_BPF (git-fixes). - bpf: Prevent decl_tag from being referenced in func_proto arg (git-fixes). - bpf: Repeat check_max_stack_depth for async callbacks (git-fixes). - bpf: Tighten ptr_to_btf_id checks (git-fixes). - bpf: fix precision propagation verbose logging (git-fixes). - bpf: prevent decl_tag from being referenced in func_proto (git-fixes). - bpf: propagate precision across all frames, not just the last one (git-fixes). - bpf: propagate precision in ALU/ALU64 operations (git-fixes). - btf: Export bpf_dynptr definition (git-fixes). - btrfs: do not start transaction for scrub if the fs is mounted read-only (bsc#1214874). - bus: ti-sysc: Fix missing AM35xx SoC matching (git-fixes). - bus: ti-sysc: Use fsleep() instead of usleep_range() in sysc_reset() (git-fixes). - ceph: add base64 endcoding routines for encrypted names (jsc#SES-1880). - ceph: add encryption support to writepage and writepages (jsc#SES-1880). - ceph: add fscrypt ioctls and ceph.fscrypt.auth vxattr (jsc#SES-1880). - ceph: add helpers for converting names for userland presentation (jsc#SES-1880). - ceph: add infrastructure for file encryption and decryption (jsc#SES-1880). - ceph: add new mount option to enable sparse reads (jsc#SES-1880). - ceph: add object version support for sync read (jsc#SES-1880). - ceph: add read/modify/write to ceph_sync_write (jsc#SES-1880). - ceph: add some fscrypt guardrails (jsc#SES-1880). - ceph: add support for encrypted snapshot names (jsc#SES-1880). - ceph: add support to readdir for encrypted names (jsc#SES-1880). - ceph: add truncate size handling support for fscrypt (jsc#SES-1880). - ceph: align data in pages in ceph_sync_write (jsc#SES-1880). - ceph: allow encrypting a directory while not having Ax caps (jsc#SES-1880). - ceph: create symlinks with encrypted and base64-encoded targets (jsc#SES-1880). - ceph: decode alternate_name in lease info (jsc#SES-1880). - ceph: do not use special DIO path for encrypted inodes (jsc#SES-1880). - ceph: drop messages from MDS when unmounting (jsc#SES-1880). - ceph: encode encrypted name in ceph_mdsc_build_path and dentry release (jsc#SES-1880). - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1216322). - ceph: fix type promotion bug on 32bit systems (bsc#1216324). - ceph: fix updating i_truncate_pagecache_size for fscrypt (jsc#SES-1880). - ceph: fscrypt_auth handling for ceph (jsc#SES-1880). - ceph: handle fscrypt fields in cap messages from MDS (jsc#SES-1880). - ceph: implement -o test_dummy_encryption mount option (jsc#SES-1880). - ceph: invalidate pages when doing direct/sync writes (jsc#SES-1880). - ceph: make ceph_fill_trace and ceph_get_name decrypt names (jsc#SES-1880). - ceph: make ceph_msdc_build_path use ref-walk (jsc#SES-1880). - ceph: make d_revalidate call fscrypt revalidator for encrypted dentries (jsc#SES-1880). - ceph: make ioctl cmds more readable in debug log (jsc#SES-1880). - ceph: make num_fwd and num_retry to __u32 (jsc#SES-1880). - ceph: mark directory as non-complete after loading key (jsc#SES-1880). - ceph: pass the request to parse_reply_info_readdir() (jsc#SES-1880). - ceph: plumb in decryption during reads (jsc#SES-1880). - ceph: preallocate inode for ops that may create one (jsc#SES-1880). - ceph: prevent snapshot creation in encrypted locked directories (jsc#SES-1880). - ceph: remove unnecessary check for NULL in parse_longname() (bsc#1216333). - ceph: send alternate_name in MClientRequest (jsc#SES-1880). - ceph: set DCACHE_NOKEY_NAME flag in ceph_lookup/atomic_open() (jsc#SES-1880). - ceph: size handling in MClientRequest, cap updates and inode traces (jsc#SES-1880). - ceph: switch ceph_lookup/atomic_open() to use new fscrypt helper (jsc#SES-1880). - ceph: use osd_req_op_extent_osd_iter for netfs reads (jsc#SES-1880). - ceph: voluntarily drop Xx caps for requests those touch parent mtime (jsc#SES-1880). - ceph: wait for OSD requests' callbacks to finish when unmounting (jsc#SES-1880). - cgroup/cpuset: Change references of cpuset_mutex to cpuset_rwsem (bsc#1215955). - cgroup: Remove duplicates in cgroup v1 tasks file (bsc#1211307). - clk: tegra: fix error return case for recalc_rate (git-fixes). - counter: microchip-tcb-capture: Fix the use of internal GCLK logic (git-fixes). - crypto: qat - Include algapi.h for low-level Crypto API (PED-6401). - crypto: qat - Remove unused function declarations (PED-6401). - crypto: qat - add fw_counters debugfs file (PED-6401). - crypto: qat - add heartbeat counters check (PED-6401). - crypto: qat - add heartbeat feature (PED-6401). - crypto: qat - add internal timer for qat 4xxx (PED-6401). - crypto: qat - add measure clock frequency (PED-6401). - crypto: qat - add missing function declaration in adf_dbgfs.h (PED-6401). - crypto: qat - add qat_zlib_deflate (PED-6401). - crypto: qat - add support for 402xx devices (PED-6401). - crypto: qat - change value of default idle filter (PED-6401). - crypto: qat - delay sysfs initialization (PED-6401). - crypto: qat - do not export adf_init_admin_pm() (PED-6401). - crypto: qat - drop log level of msg in get_instance_node() (PED-6401). - crypto: qat - drop obsolete heartbeat interface (PED-6401). - crypto: qat - drop redundant adf_enable_aer() (PED-6401). - crypto: qat - expose pm_idle_enabled through sysfs (PED-6401). - crypto: qat - extend buffer list logic interface (PED-6401). - crypto: qat - extend configuration for 4xxx (PED-6401). - crypto: qat - fix apply custom thread-service mapping for dc service (PED-6401). - crypto: qat - fix concurrency issue when device state changes (PED-6401). - crypto: qat - fix crypto capability detection for 4xxx (PED-6401). - crypto: qat - fix spelling mistakes from 'bufer' to 'buffer' (PED-6401). - crypto: qat - make fw images name constant (PED-6401). - crypto: qat - make state machine functions static (PED-6401). - crypto: qat - move dbgfs init to separate file (PED-6401). - crypto: qat - move returns to default case (PED-6401). - crypto: qat - refactor device restart logic (PED-6401). - crypto: qat - refactor fw config logic for 4xxx (PED-6401). - crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (PED-6401). - crypto: qat - replace state machine calls (PED-6401). - crypto: qat - replace the if statement with min() (PED-6401). - crypto: qat - set deprecated capabilities as reserved (PED-6401). - crypto: qat - unmap buffer before free for DH (PED-6401). - crypto: qat - unmap buffers before free for RSA (PED-6401). - crypto: qat - update slice mask for 4xxx devices (PED-6401). - crypto: qat - use kfree_sensitive instead of memset/kfree() (PED-6401). - dmaengine: idxd: use spin_lock_irqsave before wait_event_lock_irq (git-fixes). - dmaengine: mediatek: Fix deadlock caused by synchronize_irq() (git-fixes). - dmaengine: stm32-mdma: abort resume if no ongoing transfer (git-fixes). - drm/amd/display: Do not check registers, if using AUX BL control (git-fixes). - drm/amd/display: Do not set dpms_off for seamless boot (git-fixes). - drm/amd/pm: add unique_id for gc 11.0.3 (git-fixes). - drm/amd: Fix detection of _PR3 on the PCIe root port (git-fixes). - drm/amdgpu/nbio4.3: set proper rmmio_remap.reg_offset for SR-IOV (git-fixes). - drm/amdgpu/soc21: do not remap HDP registers for SR-IOV (git-fixes). - drm/amdgpu: Handle null atom context in VBIOS info ioctl (git-fixes). - drm/amdgpu: add missing NULL check (git-fixes). - drm/amdkfd: Flush TLB after unmapping for GFX v9.4.3 (git-fixes). - drm/amdkfd: Insert missing TLB flush on GFX10 and later (git-fixes). - drm/amdkfd: Use gpu_offset for user queue's wptr (git-fixes). - drm/atomic-helper: relax unregistered connector check (git-fixes). - drm/bridge: ti-sn65dsi83: Do not generate HFP/HBP/HSA and EOT packet (git-fixes). - drm/i915/gt: Fix reservation address in ggtt_reserve_guc_top (git-fixes). - drm/i915: Retry gtt fault when out of fence registers (git-fixes). - drm/mediatek: Correctly free sg_table in gem prime vmap (git-fixes). - drm/msm/dp: do not reinitialize phy unless retry during link training (git-fixes). - drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow (git-fixes). - drm/msm/dsi: fix irq_of_parse_and_map() error checking (git-fixes). - drm/msm/dsi: skip the wait for video mode done if not applicable (git-fixes). - drm/vmwgfx: fix typo of sizeof argument (git-fixes). - drm: panel-orientation-quirks: Add quirk for One Mix 2S (git-fixes). - firmware: arm_ffa: Do not set the memory region attributes for MEM_LEND (git-fixes). - firmware: imx-dsp: Fix an error handling path in imx_dsp_setup_channels() (git-fixes). - fprobe: Ensure running fprobe_exit_handler() finished before calling rethook_free() (git-fixes). - fscrypt: new helper function - fscrypt_prepare_lookup_partial() (jsc#SES-1880). - gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() (git-fixes). - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip (git-fixes). - gpio: pxa: disable pinctrl calls for MMP_GPIO (git-fixes). - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() (git-fixes). - gpio: timberdale: Fix potential deadlock on &tgpio->lock (git-fixes). - gpio: vf610: set value before the direction to avoid a glitch (git-fixes). - gve: Do not fully free QPL pages on prefill errors (git-fixes). - i2c: i801: unregister tco_pdev in i801_probe() error path (git-fixes). - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter (git-fixes). - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() (git-fixes). - i2c: mux: gpio: Add missing fwnode_handle_put() (git-fixes). - i2c: mux: gpio:?Replace custom acpi_get_local_address() (git-fixes). - i2c: npcm7xx: Fix callback completion ordering (git-fixes). - ieee802154: ca8210: Fix a potential UAF in ca8210_probe (git-fixes). - iio: pressure: bmp280: Fix NULL pointer exception (git-fixes). - iio: pressure: dps310: Adjust Timeout Settings (git-fixes). - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug (git-fixes). - intel x86 platform vsec kABI workaround (bsc#1216202). - io_uring/fs: remove sqe->rw_flags checking from LINKAT (git-fixes). - io_uring/rw: defer fsnotify calls to task context (git-fixes). - io_uring/rw: ensure kiocb_end_write() is always called (git-fixes). - io_uring/rw: remove leftover debug statement (git-fixes). - io_uring: Replace 0-length array with flexible array (git-fixes). - io_uring: ensure REQ_F_ISREG is set async offload (git-fixes). - io_uring: fix fdinfo sqe offsets calculation (git-fixes). - io_uring: fix memory leak when removing provided buffers (git-fixes). - iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support (bsc#1212423). - iommu/arm-smmu-v3: Fix soft lockup triggered by (bsc#1215921) - kABI: fix bpf Tighten-ptr_to_btf_id checks (git-fixes). - kabi: blkcg_policy_data fix KABI (bsc#1216062). - kabi: workaround for enum nft_trans_phase (bsc#1215104). - kprobes: Prohibit probing on CFI preamble symbol (git-fixes). - leds: Drop BUG_ON check for LED_COLOR_ID_MULTI (git-fixes). - libceph: add CEPH_OSD_OP_ASSERT_VER support (jsc#SES-1880). - libceph: add new iov_iter-based ceph_msg_data_type and ceph_osd_data_type (jsc#SES-1880). - libceph: add sparse read support to OSD client (jsc#SES-1880). - libceph: add sparse read support to msgr1 (jsc#SES-1880). - libceph: add spinlock around osd->o_requests (jsc#SES-1880). - libceph: allow ceph_osdc_new_request to accept a multi-op read (jsc#SES-1880). - libceph: define struct ceph_sparse_extent and add some helpers (jsc#SES-1880). - libceph: new sparse_read op, support sparse reads on msgr2 crc codepath (jsc#SES-1880). - libceph: support sparse reads on msgr2 secure codepath (jsc#SES-1880). - libceph: use kernel_connect() (bsc#1216323). - mm, memcg: reconsider kmem.limit_in_bytes deprecation (bsc#1208788 bsc#1213705). - mmc: core: Capture correct oemid-bits for eMMC cards (git-fixes). - mmc: core: sdio: hold retuning if sdio in 1-bit mode (git-fixes). - mmc: mtk-sd: Use readl_poll_timeout_atomic in msdc_reset_hw (git-fixes). - mtd: physmap-core: Restore map_rom fallback (git-fixes). - mtd: rawnand: arasan: Ensure program page operations are successful (git-fixes). - mtd: rawnand: marvell: Ensure program page operations are successful (git-fixes). - mtd: rawnand: pl353: Ensure program page operations are successful (git-fixes). - mtd: rawnand: qcom: Unmap the right resource upon probe failure (git-fixes). - mtd: spinand: micron: correct bitmask for ecc status (git-fixes). - net/sched: fix netdevice reference leaks in attach_default_qdiscs() (git-fixes). - net: mana: Fix TX CQE error handling (bsc#1215986). - net: mana: Fix oversized sge0 for GSO packets (bsc#1215986). - net: nfc: llcp: Add lock when modifying device list (git-fixes). - net: rfkill: gpio: prevent value glitch during probe (git-fixes). - net: sched: add barrier to fix packet stuck problem for lockless qdisc (bsc#1216345). - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (bsc#1216345). - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (git-fixes). - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git-fixes). - net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (git-fixes). - net: use sk_is_tcp() in more places (git-fixes). - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain (git-fixes). - netfilter: nf_tables: unbind non-anonymous set if rule construction fails (git-fixes). - nfc: nci: assert requested protocol is valid (git-fixes). - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() (git-fixes). - nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162). - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() (git-fixes). - nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid() (bsc#1214842). - phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins (git-fixes). - phy: mapphone-mdm6600: Fix runtime PM for remove (git-fixes). - phy: mapphone-mdm6600: Fix runtime disable on probe (git-fixes). - pinctrl: avoid unsafe code pattern in find_pinctrl() (git-fixes). - pinctrl: renesas: rzn1: Enable missing PINMUX (git-fixes). - platform/surface: platform_profile: Propagate error if profile registration fails (git-fixes). - platform/x86/intel/pmt: Ignore uninitialized entries (bsc#1216202). - platform/x86/intel/pmt: telemetry: Fix fixed region handling (bsc#1216202). - platform/x86/intel/vsec: Rework early hardware code (bsc#1216202). - platform/x86/intel: Fix 'rmmod pmt_telemetry' panic (bsc#1216202). - platform/x86/intel: Fix pmt_crashlog array reference (bsc#1216202). - platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e (git-fixes). - platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events (git-fixes). - platform/x86: think-lmi: Fix reference leak (git-fixes). - platform/x86: touchscreen_dmi: Add info for the Positivo C4128B (git-fixes). - power: supply: ucs1002: fix error code in ucs1002_get_property() (git-fixes). - r8152: check budget for r8152_poll() (git-fixes). - regmap: fix NULL deref on lookup (git-fixes). - regmap: rbtree: Fix wrong register marked as in-cache when creating new node (git-fixes). - remove unnecessary WARN_ON_ONCE() (bsc#1214823). - ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes). - ring-buffer: Do not attempt to read past 'commit' (git-fixes). - ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes). - ring-buffer: Update 'shortest_full' in polling (git-fixes). - s390/cio: fix a memleak in css_alloc_subchannel (git-fixes bsc#1216510). - s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216511). - s390: add z16 elf platform (git-fixes LTC#203789 bsc#1215956 LTC#203788 bsc#1215957). - sched/cpuset: Bring back cpuset_mutex (bsc#1215955). - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity() (git fixes (sched)). - sched/rt: Fix live lock between select_fallback_rq() and RT push (git fixes (sched)). - sched/rt: Fix sysctl_sched_rr_timeslice intial value (git fixes (sched)). - scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes). - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock (git-fixes). - scsi: iscsi: Add length check for nlattr payload (git-fixes). - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes). - scsi: iscsi_tcp: restrict to TCP sockets (git-fixes). - scsi: mpi3mr: Propagate sense data for admin queue SCSI I/O (git-fixes). - scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes). - scsi: pm8001: Setup IRQs on resume (git-fixes). - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes). - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes). - scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes). - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). - scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes). - selftests/bpf: Add more tests for check_max_stack_depth bug (git-fixes). - selftests/bpf: Add reproducer for decl_tag in func_proto argument (git-fixes). - selftests/bpf: Add reproducer for decl_tag in func_proto return type (git-fixes). - selftests/bpf: Add selftest for check_stack_max_depth bug (git-fixes). - selftests/bpf: Clean up sys_nanosleep uses (git-fixes). - serial: 8250_port: Check IRQ data before use (git-fixes). - soc: imx8m: Enable OCOTP clock for imx8mm before reading registers (git-fixes). - spi: nxp-fspi: reset the FLSHxCR1 registers (git-fixes). - spi: stm32: add a delay before SPI disable (git-fixes). - spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain (git-fixes). - spi: sun6i: reduce DMA RX transfer width to single byte (git-fixes). - thunderbolt: Check that lane 1 is in CL0 before enabling lane bonding (git-fixes). - thunderbolt: Restart XDomain discovery handshake after failure (git-fixes). - thunderbolt: Workaround an IOMMU fault on certain systems with Intel Maple Ridge (git-fixes). - tracing: Have current_trace inc the trace array ref count (git-fixes). - tracing: Have event inject files inc the trace array ref count (git-fixes). - tracing: Have option files inc the trace array ref count (git-fixes). - tracing: Have tracing_max_latency inc the trace array ref count (git-fixes). - tracing: Increase trace array ref count on enable and filter files (git-fixes). - tracing: Make trace_marker{,_raw} stream-like (git-fixes). - usb: cdnsp: Fixes issue with dequeuing not queued requests (git-fixes). - usb: dwc3: Soft reset phy on probe for host (git-fixes). - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call (git-fixes). - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes). - usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes). - usb: musb: Get the musb_qh poniter after musb_giveback (git-fixes). - usb: musb: Modify the 'HWVers' register address (git-fixes). - usb: typec: altmodes/displayport: Signal hpd low when exiting mode (git-fixes). - usb: typec: ucsi: Clear EVENT_PENDING bit if ucsi_send_command fails (git-fixes). - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (git-fixes). - vmbus_testing: fix wrong python syntax for integer value comparison (git-fixes). - vringh: do not use vringh_kiov_advance() in vringh_iov_xfer() (git-fixes). - watchdog: iTCO_wdt: No need to stop the timer in probe (git-fixes). - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running (git-fixes). - wifi: cfg80211: Fix 6GHz scan configuration (git-fixes). - wifi: cfg80211: avoid leaking stack data into trace (git-fixes). - wifi: iwlwifi: Ensure ack flag is properly cleared (git-fixes). - wifi: iwlwifi: dbg_ini: fix structure packing (git-fixes). - wifi: iwlwifi: mvm: Fix a memory corruption issue (git-fixes). - wifi: mac80211: allow transmitting EAPOL frames with tainted key (git-fixes). - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling (git-fixes). - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (git-fixes). - wifi: mwifiex: Fix tlv_buf_left calculation (git-fixes). - wifi: mwifiex: Sanity check tlv_len and tlv_bitmap_len (git-fixes). - x86/cpu, kvm: Add the NO_NESTED_DATA_BP feature (bsc#1213772). - x86/cpu, kvm: Add the Null Selector Clears Base feature (bsc#1213772). - x86/cpu, kvm: Add the SMM_CTL MSR not present feature (bsc#1213772). - x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (bsc#1213772). - x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (bsc#1213772). - x86/cpu: Support AMD Automatic IBRS (bsc#1213772). - x86/mm: Print the encryption features correctly when a paravisor is present (bsc#1206453). - x86/platform/uv: Use alternate source for socket to node data (bsc#1215696). - x86/sev: Check IOBM for IOIO exceptions from user-space (bsc#1212649). - x86/sev: Check for user-space IOIO pointing to kernel space (bsc#1212649). - x86/sev: Disable MMIO emulation from user mode (bsc#1212649). - xen-netback: use default TX queue size for vifs (git-fixes). - xhci: Keep interrupt disabled in initialization until host is running (git-fixes). Important SUSE bug 1211162 SUSE bug 1211307 SUSE bug 1213772 SUSE bug 1214754 SUSE bug 1214874 SUSE bug 1215545 SUSE bug 1215921 SUSE bug 1215955 SUSE bug 1216062 SUSE bug 1216202 SUSE bug 1216322 SUSE bug 1216324 SUSE bug 1216333 SUSE bug 1216512 CVE-2023-2163 at SUSE CVE-2023-2163 at NVD CVE-2023-2860 at SUSE CVE-2023-2860 at NVD CVE-2023-31085 at SUSE CVE-2023-31085 at NVD CVE-2023-34324 at SUSE CVE-2023-34324 at NVD CVE-2023-39189 at SUSE CVE-2023-39189 at NVD CVE-2023-39191 at SUSE CVE-2023-39191 at NVD CVE-2023-39193 at SUSE CVE-2023-39193 at NVD CVE-2023-45862 at SUSE CVE-2023-45862 at NVD CVE-2023-5178 at SUSE CVE-2023-5178 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2023-38289: Fixed a NULL pointer dereference in raw2tiff (bsc#1213589). - CVE-2023-38288: Fixed an integer overflow in raw2tiff (bsc#1213590). - CVE-2023-3576: Fixed a memory leak in tiffcrop (bsc#1213273). - CVE-2020-18768: Fixed an out of bounds read in tiffcp (bsc#1214574). - CVE-2023-26966: Fixed an out of bounds read when transforming a little-endian file to a big-endian output (bsc#1212881) - CVE-2023-3618: Fixed a NULL pointer dereference while encoding FAX3 files (bsc#1213274). - CVE-2023-2908: Fixed an undefined behavior issue when doing pointer arithmetic on a NULL pointer (bsc#1212888). - CVE-2023-3316: Fixed a NULL pointer dereference while opening a file in an inaccessible path (bsc#1212535). - CVE-2023-25433: Fixed a buffer overflow in tiffcrop (bsc#1212883). Moderate SUSE bug 1212535 SUSE bug 1212881 SUSE bug 1212883 SUSE bug 1212888 SUSE bug 1213273 SUSE bug 1213274 SUSE bug 1213589 SUSE bug 1213590 SUSE bug 1214574 CVE-2020-18768 at SUSE CVE-2020-18768 at NVD CVE-2023-25433 at SUSE CVE-2023-25433 at NVD CVE-2023-26966 at SUSE CVE-2023-26966 at NVD CVE-2023-2908 at SUSE CVE-2023-2908 at NVD CVE-2023-3316 at SUSE CVE-2023-3316 at NVD CVE-2023-3576 at SUSE CVE-2023-3576 at NVD CVE-2023-3618 at SUSE CVE-2023-3618 at NVD CVE-2023-38288 at SUSE CVE-2023-38288 at NVD CVE-2023-38289 at SUSE CVE-2023-38289 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215095) - CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1212649). - CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS. (bsc#1210778) - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). - CVE-2023-5178: Fixed an use-after-free and a double-free flaw that could allow a malicious user to execute a remote code execution. (bsc#1215768) - CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215518) - CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745). - CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046) - CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user-supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) The following non-security bugs were fixed: - 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes). - ACPI: irq: Fix incorrect return value in acpi_register_gsi() (git-fixes). - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA (git-fixes). - ALSA: hda/realtek - ALC287 I2S speaker platform support (git-fixes). - ALSA: hda/realtek - ALC287 merge RTK codec with CS CS35L41 AMP (git-fixes). - ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes). - ALSA: hda/realtek - Fixed two speaker platform (git-fixes). - ALSA: hda/realtek: Add quirk for ASUS ROG GU603ZV (git-fixes). - ALSA: hda/realtek: Change model for Intel RVP board (git-fixes). - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq5xxx (git-fixes). - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre M70q (git-fixes). - ALSA: hda: intel-dsp-cfg: add LunarLake support (git-fixes). - ALSA: hda: intel-sdw-acpi: Use u8 type for link index (git-fixes). - ALSA: usb-audio: Fix microphone sound on Nexigo webcam (git-fixes). - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset (git-fixes). - ASoC: amd: yc: Fix non-functional mic on Lenovo 82YM (git-fixes). - ASoC: codecs: wcd938x-sdw: fix runtime PM imbalance on probe errors (git-fixes). - ASoC: codecs: wcd938x-sdw: fix use after free on driver unbind (git-fixes). - ASoC: codecs: wcd938x: drop bogus bind error handling (git-fixes). - ASoC: codecs: wcd938x: fix unbind tear down order (git-fixes). - ASoC: fsl: imx-pcm-rpmsg: Add SNDRV_PCM_INFO_BATCH flag (git-fixes). - ASoC: imx-rpmsg: Set ignore_pmdown_time for dai_link (git-fixes). - ASoC: pxa: fix a memory leak in probe() (git-fixes). - Bluetooth: Avoid redundant authentication (git-fixes). - Bluetooth: Fix a refcnt underflow problem for hci_conn (git-fixes). - Bluetooth: ISO: Fix handling of listen for unicast (git-fixes). - Bluetooth: Reject connection with the device which has same BD_ADDR (git-fixes). - Bluetooth: avoid memcmp() out of bounds warning (git-fixes). - Bluetooth: btusb: add shutdown function for QCA6174 (git-fixes). - Bluetooth: hci_codec: Fix leaking content of local_codecs (git-fixes). - Bluetooth: hci_event: Fix coding style (git-fixes). - Bluetooth: hci_event: Fix using memcmp when comparing keys (git-fixes). - Bluetooth: hci_event: Ignore NULL link key (git-fixes). - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name (git-fixes). - Bluetooth: hci_sock: fix slab oob read in create_monitor_event (git-fixes). - Bluetooth: vhci: Fix race when opening vhci device (git-fixes). - Documentation: qat: change kernel version (PED-6401). - Documentation: qat: rewrite description (PED-6401). - Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (git-fixes). - Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs (git-fixes). - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event (git-fixes). - HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit (git-fixes). - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (git-fixes). - HID: multitouch: Add required quirk for Synaptics 0xcd7e device (git-fixes). - HID: sony: Fix a potential memory leak in sony_probe() (git-fixes). - HID: sony: remove duplicate NULL check before calling usb_free_urb() (git-fixes). - IB/mlx4: Fix the size of a buffer in add_port_entries() (git-fixes) - Input: goodix - ensure int GPIO is in input for gpio_count == 1 && gpio_int_idx == 0 case (git-fixes). - Input: powermate - fix use-after-free in powermate_config_complete (git-fixes). - Input: psmouse - fix fast_reconnect function for PS/2 mode (git-fixes). - Input: xpad - add PXN V900 support (git-fixes). - KVM: SVM: Do not kill SEV guest if SMAP erratum triggers in usermode (git-fixes). - KVM: SVM: INTERCEPT_RDTSCP is never intercepted anyway (git-fixes). - KVM: s390: fix gisa destroy operation might lead to cpu stalls (git-fixes bsc#1216512). - KVM: x86/mmu: Reconstruct shadow page root if the guest PDPTEs is changed (git-fixes). - KVM: x86: Fix clang -Wimplicit-fallthrough in do_host_cpuid() (git-fixes). - KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (bsc#1213772). - KVM: x86: Propagate the AMD Automatic IBRS feature to the guest (bsc#1213772). - KVM: x86: add support for CPUID leaf 0x80000021 (bsc#1213772). - KVM: x86: synthesize CPUID leaf 0x80000021h if useful (bsc#1213772). - KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). - NFS: Fix O_DIRECT locking issues (bsc#1211162). - NFS: Fix a few more clear_bit() instances that need release semantics (bsc#1211162). - NFS: Fix a potential data corruption (bsc#1211162). - NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162). - NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162). - NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162). - NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162). - NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162). - NFS: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162). - NFSD: Never call nfsd_file_gc() in foreground paths (bsc#1215545). - RDMA/cma: Fix truncation compilation warning in make_cma_ports (git-fixes) - RDMA/cma: Initialize ib_sa_multicast structure to 0 when join (git-fixes) - RDMA/core: Require admin capabilities to set system parameters (git-fixes) - RDMA/cxgb4: Check skb value for failure to allocate (git-fixes) - RDMA/mlx5: Fix NULL string error (git-fixes) - RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation (git-fixes) - RDMA/siw: Fix connection failure handling (git-fixes) - RDMA/srp: Do not call scsi_done() from srp_abort() (git-fixes) - RDMA/uverbs: Fix typo of sizeof argument (git-fixes) - arm64/smmu: use TLBI ASID when invalidating entire range (bsc#1215921) - ata: libata-core: Do not register PM operations for SAS ports (git-fixes). - ata: libata-core: Fix ata_port_request_pm() locking (git-fixes). - ata: libata-core: Fix port and device removal (git-fixes). - ata: libata-sata: increase PMP SRST timeout to 10s (git-fixes). - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES (git-fixes). - blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062). - blk-cgroup: support to track if policy is online (bsc#1216062). - bonding: Fix extraction of ports from the packet headers (bsc#1214754). - bonding: Return pointer to data after pull on skb (bsc#1214754). - bonding: do not assume skb mac_header is set (bsc#1214754). - bpf: Add copy_map_value_long to copy to remote percpu memory (git-fixes). - bpf: Add missing btf_put to register_btf_id_dtor_kfuncs (git-fixes). - bpf: Add override check to kprobe multi link attach (git-fixes). - bpf: Add zero_map_value to zero map value with special fields (git-fixes). - bpf: Cleanup check_refcount_ok (git-fixes). - bpf: Fix max stack depth check for async callbacks (git-fixes). - bpf: Fix offset calculation error in __copy_map_value and zero_map_value (git-fixes). - bpf: Fix ref_obj_id for dynptr data slices in verifier (git-fixes). - bpf: Fix resetting logic for unreferenced kptrs (git-fixes). - bpf: Fix subprog idx logic in check_max_stack_depth (git-fixes). - bpf: Gate dynptr API behind CAP_BPF (git-fixes). - bpf: Prevent decl_tag from being referenced in func_proto arg (git-fixes). - bpf: Repeat check_max_stack_depth for async callbacks (git-fixes). - bpf: Tighten ptr_to_btf_id checks (git-fixes). - bpf: fix precision propagation verbose logging (git-fixes). - bpf: prevent decl_tag from being referenced in func_proto (git-fixes). - bpf: propagate precision across all frames, not just the last one (git-fixes). - bpf: propagate precision in ALU/ALU64 operations (git-fixes). - bpf: propagate precision in ALU/ALU64 operations (git-fixes). - btf: Export bpf_dynptr definition (git-fixes). - btrfs: do not start transaction for scrub if the fs is mounted read-only (bsc#1214874). - bus: ti-sysc: Fix missing AM35xx SoC matching (git-fixes). - bus: ti-sysc: Use fsleep() instead of usleep_range() in sysc_reset() (git-fixes). - ceph: add base64 endcoding routines for encrypted names (jsc#SES-1880). - ceph: add encryption support to writepage and writepages (jsc#SES-1880). - ceph: add fscrypt ioctls and ceph.fscrypt.auth vxattr (jsc#SES-1880). - ceph: add helpers for converting names for userland presentation (jsc#SES-1880). - ceph: add infrastructure for file encryption and decryption (jsc#SES-1880). - ceph: add new mount option to enable sparse reads (jsc#SES-1880). - ceph: add object version support for sync read (jsc#SES-1880). - ceph: add read/modify/write to ceph_sync_write (jsc#SES-1880). - ceph: add some fscrypt guardrails (jsc#SES-1880). - ceph: add support for encrypted snapshot names (jsc#SES-1880). - ceph: add support to readdir for encrypted names (jsc#SES-1880). - ceph: add truncate size handling support for fscrypt (jsc#SES-1880). - ceph: align data in pages in ceph_sync_write (jsc#SES-1880). - ceph: allow encrypting a directory while not having Ax caps (jsc#SES-1880). - ceph: create symlinks with encrypted and base64-encoded targets (jsc#SES-1880). - ceph: decode alternate_name in lease info (jsc#SES-1880). - ceph: do not use special DIO path for encrypted inodes (jsc#SES-1880). - ceph: drop messages from MDS when unmounting (jsc#SES-1880). - ceph: encode encrypted name in ceph_mdsc_build_path and dentry release (jsc#SES-1880). - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1216322). - ceph: fix type promotion bug on 32bit systems (bsc#1216324). - ceph: fix updating i_truncate_pagecache_size for fscrypt (jsc#SES-1880). - ceph: fscrypt_auth handling for ceph (jsc#SES-1880). - ceph: handle fscrypt fields in cap messages from MDS (jsc#SES-1880). - ceph: implement -o test_dummy_encryption mount option (jsc#SES-1880). - ceph: invalidate pages when doing direct/sync writes (jsc#SES-1880). - ceph: make ceph_fill_trace and ceph_get_name decrypt names (jsc#SES-1880). - ceph: make ceph_msdc_build_path use ref-walk (jsc#SES-1880). - ceph: make d_revalidate call fscrypt revalidator for encrypted dentries (jsc#SES-1880). - ceph: make ioctl cmds more readable in debug log (jsc#SES-1880). - ceph: make num_fwd and num_retry to __u32 (jsc#SES-1880). - ceph: mark directory as non-complete after loading key (jsc#SES-1880). - ceph: pass the request to parse_reply_info_readdir() (jsc#SES-1880). - ceph: plumb in decryption during reads (jsc#SES-1880). - ceph: preallocate inode for ops that may create one (jsc#SES-1880). - ceph: prevent snapshot creation in encrypted locked directories (jsc#SES-1880). - ceph: remove unnecessary check for NULL in parse_longname() (bsc#1216333). - ceph: send alternate_name in MClientRequest (jsc#SES-1880). - ceph: set DCACHE_NOKEY_NAME flag in ceph_lookup/atomic_open() (jsc#SES-1880). - ceph: size handling in MClientRequest, cap updates and inode traces (jsc#SES-1880). - ceph: switch ceph_lookup/atomic_open() to use new fscrypt helper (jsc#SES-1880). - ceph: use osd_req_op_extent_osd_iter for netfs reads (jsc#SES-1880). - ceph: voluntarily drop Xx caps for requests those touch parent mtime (jsc#SES-1880). - ceph: wait for OSD requests' callbacks to finish when unmounting (jsc#SES-1880). - cgroup/cpuset: Change references of cpuset_mutex to cpuset_rwsem (bsc#1215955). - cgroup: Remove duplicates in cgroup v1 tasks file (bsc#1211307). - clk: tegra: fix error return case for recalc_rate (git-fixes). - counter: microchip-tcb-capture: Fix the use of internal GCLK logic (git-fixes). - crypto: qat - Include algapi.h for low-level Crypto API (PED-6401). - crypto: qat - Remove unused function declarations (PED-6401). - crypto: qat - add fw_counters debugfs file (PED-6401). - crypto: qat - add heartbeat counters check (PED-6401). - crypto: qat - add heartbeat feature (PED-6401). - crypto: qat - add internal timer for qat 4xxx (PED-6401). - crypto: qat - add measure clock frequency (PED-6401). - crypto: qat - add missing function declaration in adf_dbgfs.h (PED-6401). - crypto: qat - add qat_zlib_deflate (PED-6401). - crypto: qat - add support for 402xx devices (PED-6401). - crypto: qat - change value of default idle filter (PED-6401). - crypto: qat - delay sysfs initialization (PED-6401). - crypto: qat - do not export adf_init_admin_pm() (PED-6401). - crypto: qat - drop log level of msg in get_instance_node() (PED-6401). - crypto: qat - drop obsolete heartbeat interface (PED-6401). - crypto: qat - drop redundant adf_enable_aer() (PED-6401). - crypto: qat - expose pm_idle_enabled through sysfs (PED-6401). - crypto: qat - extend buffer list logic interface (PED-6401). - crypto: qat - extend configuration for 4xxx (PED-6401). - crypto: qat - fix apply custom thread-service mapping for dc service (PED-6401). - crypto: qat - fix concurrency issue when device state changes (PED-6401). - crypto: qat - fix crypto capability detection for 4xxx (PED-6401). - crypto: qat - fix spelling mistakes from 'bufer' to 'buffer' (PED-6401). - crypto: qat - make fw images name constant (PED-6401). - crypto: qat - make state machine functions static (PED-6401). - crypto: qat - move dbgfs init to separate file (PED-6401). - crypto: qat - move returns to default case (PED-6401). - crypto: qat - refactor device restart logic (PED-6401). - crypto: qat - refactor fw config logic for 4xxx (PED-6401). - crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (PED-6401). - crypto: qat - replace state machine calls (PED-6401). - crypto: qat - replace the if statement with min() (PED-6401). - crypto: qat - set deprecated capabilities as reserved (PED-6401). - crypto: qat - unmap buffer before free for DH (PED-6401). - crypto: qat - unmap buffers before free for RSA (PED-6401). - crypto: qat - update slice mask for 4xxx devices (PED-6401). - crypto: qat - use kfree_sensitive instead of memset/kfree() (PED-6401). - dmaengine: idxd: use spin_lock_irqsave before wait_event_lock_irq (git-fixes). - dmaengine: mediatek: Fix deadlock caused by synchronize_irq() (git-fixes). - dmaengine: stm32-mdma: abort resume if no ongoing transfer (git-fixes). - drm/amd/display: Do not check registers, if using AUX BL control (git-fixes). - drm/amd/display: Do not set dpms_off for seamless boot (git-fixes). - drm/amd/pm: add unique_id for gc 11.0.3 (git-fixes). - drm/amd: Fix detection of _PR3 on the PCIe root port (git-fixes). - drm/amdgpu/nbio4.3: set proper rmmio_remap.reg_offset for SR-IOV (git-fixes). - drm/amdgpu/soc21: do not remap HDP registers for SR-IOV (git-fixes). - drm/amdgpu: Handle null atom context in VBIOS info ioctl (git-fixes). - drm/amdgpu: add missing NULL check (git-fixes). - drm/amdkfd: Flush TLB after unmapping for GFX v9.4.3 (git-fixes). - drm/amdkfd: Insert missing TLB flush on GFX10 and later (git-fixes). - drm/amdkfd: Use gpu_offset for user queue's wptr (git-fixes). - drm/atomic-helper: relax unregistered connector check (git-fixes). - drm/bridge: ti-sn65dsi83: Do not generate HFP/HBP/HSA and EOT packet (git-fixes). - drm/i915/gt: Fix reservation address in ggtt_reserve_guc_top (git-fixes). - drm/i915/pmu: Check if pmu is closed before stopping event (git-fixes). - drm/i915: Retry gtt fault when out of fence registers (git-fixes). - drm/mediatek: Correctly free sg_table in gem prime vmap (git-fixes). - drm/msm/dp: do not reinitialize phy unless retry during link training (git-fixes). - drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow (git-fixes). - drm/msm/dsi: fix irq_of_parse_and_map() error checking (git-fixes). - drm/msm/dsi: skip the wait for video mode done if not applicable (git-fixes). - drm/vmwgfx: fix typo of sizeof argument (git-fixes). - drm: panel-orientation-quirks: Add quirk for One Mix 2S (git-fixes). - firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() (git-fixes). - firmware: arm_ffa: Do not set the memory region attributes for MEM_LEND (git-fixes). - firmware: imx-dsp: Fix an error handling path in imx_dsp_setup_channels() (git-fixes). - fix x86/mm: print the encryption features in hyperv is disabled - fprobe: Ensure running fprobe_exit_handler() finished before calling rethook_free() (git-fixes). - fscrypt: new helper function - fscrypt_prepare_lookup_partial() (jsc#SES-1880). - gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() (git-fixes). - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip (git-fixes). - gpio: pxa: disable pinctrl calls for MMP_GPIO (git-fixes). - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() (git-fixes). - gpio: timberdale: Fix potential deadlock on &tgpio->lock (git-fixes). - gpio: vf610: set value before the direction to avoid a glitch (git-fixes). - gve: Do not fully free QPL pages on prefill errors (git-fixes). - i2c: aspeed: Fix i2c bus hang in slave read (git-fixes). - i2c: i801: unregister tco_pdev in i801_probe() error path (git-fixes). - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter (git-fixes). - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() (git-fixes). - i2c: mux: gpio: Add missing fwnode_handle_put() (git-fixes). - i2c: mux: gpio:?Replace custom acpi_get_local_address() (git-fixes). - i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() (git-fixes). - i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() (git-fixes). - i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() (git-fixes). - i2c: npcm7xx: Fix callback completion ordering (git-fixes). - i2c: stm32f7: Fix PEC handling in case of SMBUS transfers (git-fixes). - ieee802154: ca8210: Fix a potential UAF in ca8210_probe (git-fixes). - iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale (git-fixes). - iio: adc: xilinx-xadc: Do not clobber preset voltage/temperature thresholds (git-fixes). - iio: exynos-adc: request second interupt only when touchscreen mode is used (git-fixes). - iio: pressure: bmp280: Fix NULL pointer exception (git-fixes). - iio: pressure: dps310: Adjust Timeout Settings (git-fixes). - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug (git-fixes). - intel x86 platform vsec kABI workaround (bsc#1216202). - io_uring/fs: remove sqe->rw_flags checking from LINKAT (git-fixes). - io_uring/rw: defer fsnotify calls to task context (git-fixes). - io_uring/rw: ensure kiocb_end_write() is always called (git-fixes). - io_uring/rw: remove leftover debug statement (git-fixes). - io_uring: Replace 0-length array with flexible array (git-fixes). - io_uring: ensure REQ_F_ISREG is set async offload (git-fixes). - io_uring: fix fdinfo sqe offsets calculation (git-fixes). - io_uring: fix memory leak when removing provided buffers (git-fixes). - iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops callback (bsc#1212423). - iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support (bsc#1212423). - iommu/arm-smmu-v3: Fix soft lockup triggered by (bsc#1215921) - kABI: fix bpf Tighten-ptr_to_btf_id checks (git-fixes). - kabi: blkcg_policy_data fix KABI (bsc#1216062). - kabi: workaround for enum nft_trans_phase (bsc#1215104). - kprobes: Prohibit probing on CFI preamble symbol (git-fixes). - leds: Drop BUG_ON check for LED_COLOR_ID_MULTI (git-fixes). - libceph: add CEPH_OSD_OP_ASSERT_VER support (jsc#SES-1880). - libceph: add new iov_iter-based ceph_msg_data_type and ceph_osd_data_type (jsc#SES-1880). - libceph: add sparse read support to OSD client (jsc#SES-1880). - libceph: add sparse read support to msgr1 (jsc#SES-1880). - libceph: add spinlock around osd->o_requests (jsc#SES-1880). - libceph: allow ceph_osdc_new_request to accept a multi-op read (jsc#SES-1880). - libceph: define struct ceph_sparse_extent and add some helpers (jsc#SES-1880). - libceph: new sparse_read op, support sparse reads on msgr2 crc codepath (jsc#SES-1880). - libceph: support sparse reads on msgr2 secure codepath (jsc#SES-1880). - libceph: use kernel_connect() (bsc#1216323). - misc: fastrpc: Clean buffers on remote invocation failures (git-fixes). - mm, memcg: reconsider kmem.limit_in_bytes deprecation (bsc#1208788 bsc#1213705). - mmc: core: Capture correct oemid-bits for eMMC cards (git-fixes). - mmc: core: sdio: hold retuning if sdio in 1-bit mode (git-fixes). - mmc: mtk-sd: Use readl_poll_timeout_atomic in msdc_reset_hw (git-fixes). - mtd: physmap-core: Restore map_rom fallback (git-fixes). - mtd: rawnand: arasan: Ensure program page operations are successful (git-fixes). - mtd: rawnand: marvell: Ensure program page operations are successful (git-fixes). - mtd: rawnand: pl353: Ensure program page operations are successful (git-fixes). - mtd: rawnand: qcom: Unmap the right resource upon probe failure (git-fixes). - mtd: spinand: micron: correct bitmask for ecc status (git-fixes). - net/sched: fix netdevice reference leaks in attach_default_qdiscs() (git-fixes). - net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() (git-fixes). - net: mana: Fix TX CQE error handling (bsc#1215986). - net: mana: Fix oversized sge0 for GSO packets (bsc#1215986). - net: nfc: llcp: Add lock when modifying device list (git-fixes). - net: rfkill: gpio: prevent value glitch during probe (git-fixes). - net: sched: add barrier to fix packet stuck problem for lockless qdisc (bsc#1216345). - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (bsc#1216345). - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (git-fixes). - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git-fixes). - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git-fixes). - net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (git-fixes). - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg (git-fixes). - net: use sk_is_tcp() in more places (git-fixes). - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain (git-fixes). - netfilter: nf_tables: unbind non-anonymous set if rule construction fails (git-fixes). - nfc: nci: assert requested protocol is valid (git-fixes). - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() (git-fixes). - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() (git-fixes). - nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid() (bsc#1214842). - phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins (git-fixes). - phy: mapphone-mdm6600: Fix runtime PM for remove (git-fixes). - phy: mapphone-mdm6600: Fix runtime disable on probe (git-fixes). - pinctrl: avoid unsafe code pattern in find_pinctrl() (git-fixes). - pinctrl: renesas: rzn1: Enable missing PINMUX (git-fixes). - platform/surface: platform_profile: Propagate error if profile registration fails (git-fixes). - platform/x86/intel/pmt: Ignore uninitialized entries (bsc#1216202). - platform/x86/intel/pmt: telemetry: Fix fixed region handling (bsc#1216202). - platform/x86/intel/vsec: Rework early hardware code (bsc#1216202). - platform/x86/intel: Fix 'rmmod pmt_telemetry' panic (bsc#1216202). - platform/x86/intel: Fix pmt_crashlog array reference (bsc#1216202). - platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e (git-fixes). - platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events (git-fixes). - platform/x86: think-lmi: Fix reference leak (git-fixes). - platform/x86: touchscreen_dmi: Add info for the Positivo C4128B (git-fixes). - power: supply: ucs1002: fix error code in ucs1002_get_property() (git-fixes). - quota: Fix slow quotaoff (bsc#1216621). - r8152: Cancel hw_phy_work if we have an error in probe (git-fixes). - r8152: Increase USB control msg timeout to 5000ms as per spec (git-fixes). - r8152: Release firmware if we have an error in probe (git-fixes). - r8152: Run the unload routine if we have errors during probe (git-fixes). - r8152: check budget for r8152_poll() (git-fixes). - regmap: fix NULL deref on lookup (git-fixes). - regmap: rbtree: Fix wrong register marked as in-cache when creating new node (git-fixes). - ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes). - ring-buffer: Do not attempt to read past 'commit' (git-fixes). - ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes). - ring-buffer: Update 'shortest_full' in polling (git-fixes). - s390/cio: fix a memleak in css_alloc_subchannel (git-fixes bsc#1216510). - s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216511). - s390: add z16 elf platform (git-fixes LTC#203789 bsc#1215956 LTC#203788 bsc#1215957). - sched/cpuset: Bring back cpuset_mutex (bsc#1215955). - sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity() (git fixes (sched)). - sched/rt: Fix live lock between select_fallback_rq() and RT push (git fixes (sched)). - sched/rt: Fix sysctl_sched_rr_timeslice intial value (git fixes (sched)). - scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes). - scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock (git-fixes). - scsi: iscsi: Add length check for nlattr payload (git-fixes). - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes). - scsi: iscsi_tcp: restrict to TCP sockets (git-fixes). - scsi: mpi3mr: Propagate sense data for admin queue SCSI I/O (git-fixes). - scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes). - scsi: pm8001: Setup IRQs on resume (git-fixes). - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes). - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes). - scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes). - scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). - scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes). - selftests/bpf: Add more tests for check_max_stack_depth bug (git-fixes). - selftests/bpf: Add reproducer for decl_tag in func_proto argument (git-fixes). - selftests/bpf: Add reproducer for decl_tag in func_proto return type (git-fixes). - selftests/bpf: Add selftest for check_stack_max_depth bug (git-fixes). - selftests/bpf: Clean up sys_nanosleep uses (git-fixes). - serial: 8250_port: Check IRQ data before use (git-fixes). - soc: imx8m: Enable OCOTP clock for imx8mm before reading registers (git-fixes). - spi: nxp-fspi: reset the FLSHxCR1 registers (git-fixes). - spi: stm32: add a delay before SPI disable (git-fixes). - spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain (git-fixes). - spi: sun6i: reduce DMA RX transfer width to single byte (git-fixes). - thunderbolt: Check that lane 1 is in CL0 before enabling lane bonding (git-fixes). - thunderbolt: Restart XDomain discovery handshake after failure (git-fixes). - thunderbolt: Workaround an IOMMU fault on certain systems with Intel Maple Ridge (git-fixes). - tracing: Have current_trace inc the trace array ref count (git-fixes). - tracing: Have event inject files inc the trace array ref count (git-fixes). - tracing: Have option files inc the trace array ref count (git-fixes). - tracing: Have tracing_max_latency inc the trace array ref count (git-fixes). - tracing: Increase trace array ref count on enable and filter files (git-fixes). - tracing: Make trace_marker{,_raw} stream-like (git-fixes). - treewide: Spelling fix in comment (git-fixes). - usb: cdnsp: Fixes issue with dequeuing not queued requests (git-fixes). - usb: dwc3: Soft reset phy on probe for host (git-fixes). - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call (git-fixes). - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes). - usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes). - usb: musb: Get the musb_qh poniter after musb_giveback (git-fixes). - usb: musb: Modify the 'HWVers' register address (git-fixes). - usb: serial: option: add Fibocom to DELL custom modem FM101R-GL (git-fixes). - usb: serial: option: add Telit LE910C4-WWX 0x1035 composition (git-fixes). - usb: serial: option: add entry for Sierra EM9191 with new firmware (git-fixes). - usb: typec: altmodes/displayport: Signal hpd low when exiting mode (git-fixes). - usb: typec: ucsi: Clear EVENT_PENDING bit if ucsi_send_command fails (git-fixes). - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (git-fixes). - vmbus_testing: fix wrong python syntax for integer value comparison (git-fixes). - vringh: do not use vringh_kiov_advance() in vringh_iov_xfer() (git-fixes). - watchdog: iTCO_wdt: No need to stop the timer in probe (git-fixes). - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running (git-fixes). - wifi: cfg80211: Fix 6GHz scan configuration (git-fixes). - wifi: cfg80211: avoid leaking stack data into trace (git-fixes). - wifi: iwlwifi: Ensure ack flag is properly cleared (git-fixes). - wifi: iwlwifi: dbg_ini: fix structure packing (git-fixes). - wifi: iwlwifi: mvm: Fix a memory corruption issue (git-fixes). - wifi: mac80211: allow transmitting EAPOL frames with tainted key (git-fixes). - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling (git-fixes). - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (git-fixes). - wifi: mwifiex: Fix tlv_buf_left calculation (git-fixes). - wifi: mwifiex: Sanity check tlv_len and tlv_bitmap_len (git-fixes). - x86/cpu, kvm: Add the NO_NESTED_DATA_BP feature (bsc#1213772). - x86/cpu, kvm: Add the Null Selector Clears Base feature (bsc#1213772). - x86/cpu, kvm: Add the SMM_CTL MSR not present feature (bsc#1213772). - x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (bsc#1213772). - x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (bsc#1213772). - x86/cpu: Support AMD Automatic IBRS (bsc#1213772). - x86/mm: Print the encryption features correctly when a paravisor is present (bsc#1206453). - x86/platform/uv: Use alternate source for socket to node data (bsc#1215696). - x86/sev: Check IOBM for IOIO exceptions from user-space (bsc#1212649). - x86/sev: Check for user-space IOIO pointing to kernel space (bsc#1212649). - x86/sev: Disable MMIO emulation from user mode (bsc#1212649). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - xen-netback: use default TX queue size for vifs (git-fixes). - xhci: Keep interrupt disabled in initialization until host is running (git-fixes). Important SUSE bug 1208788 SUSE bug 1211162 SUSE bug 1211307 SUSE bug 1212423 SUSE bug 1212649 SUSE bug 1213705 SUSE bug 1213772 SUSE bug 1214754 SUSE bug 1214874 SUSE bug 1215095 SUSE bug 1215104 SUSE bug 1215523 SUSE bug 1215545 SUSE bug 1215921 SUSE bug 1215955 SUSE bug 1215986 SUSE bug 1216062 SUSE bug 1216202 SUSE bug 1216322 SUSE bug 1216323 SUSE bug 1216324 SUSE bug 1216333 SUSE bug 1216345 SUSE bug 1216512 SUSE bug 1216621 SUSE bug 802154 CVE-2023-2163 at SUSE CVE-2023-2163 at NVD CVE-2023-31085 at SUSE CVE-2023-31085 at NVD CVE-2023-34324 at SUSE CVE-2023-34324 at NVD CVE-2023-3777 at SUSE CVE-2023-3777 at NVD CVE-2023-39189 at SUSE CVE-2023-39189 at NVD CVE-2023-39191 at SUSE CVE-2023-39191 at NVD CVE-2023-39193 at SUSE CVE-2023-39193 at NVD CVE-2023-46813 at SUSE CVE-2023-46813 at NVD CVE-2023-5178 at SUSE CVE-2023-5178 at NVD cpe:/o:suse:sle-micro:5.5 Security update for salt (Important) SUSE Linux Enterprise Micro 5.5 This update for salt fixes the following issues: Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack (bsc#1215157) Bugs fixed: - Fix optimization_order opt to prevent testsuite fails - Improve salt.utils.json.find_json to avoid fails (bsc#1213293) - Use salt-call from salt bundle with transactional_update - Only call native_str on curl_debug message in tornado when needed - Implement the calling for batch async from the salt CLI - Fix calculation of SLS context vars when trailing dots on targetted sls/state (bsc#1213518) - Rename salt-tests to python3-salt-testsuite - Allow all primitive grain types for autosign_grains (bsc#1214477) Important SUSE bug 1213293 SUSE bug 1213518 SUSE bug 1214477 SUSE bug 1215157 CVE-2023-34049 at SUSE CVE-2023-34049 at NVD cpe:/o:suse:sle-micro:5.5 Security update for salt (Important) SUSE Linux Enterprise Micro 5.5 This update for salt fixes the following issues: Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack (bsc#1215157) Bugs fixed: - Fix optimization_order opt to prevent testsuite fails - Improve salt.utils.json.find_json to avoid fails (bsc#1213293) - Use salt-call from salt bundle with transactional_update - Only call native_str on curl_debug message in tornado when needed - Implement the calling for batch async from the salt CLI - Fix calculation of SLS context vars when trailing dots on targetted sls/state (bsc#1213518) - Rename salt-tests to python3-salt-testsuite - Allow all primitive grain types for autosign_grains (bsc#1214477) Important SUSE bug 1213293 SUSE bug 1213518 SUSE bug 1214477 SUSE bug 1215157 CVE-2023-34049 at SUSE CVE-2023-34049 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (Moderate) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues: Security issue fixed: - CVE-2023-31022: Fixed NULL ptr deref in kernel module layer Changes in kernel-firmware-nvidia-gspx-G06: - update firmware to version 535.129.03 - update firmware to version 535.113.01 Changes in nvidia-open-driver-G06-signed: - Update to version 535.129.03 - Add a devel package so other modules can be built against this one. [jira#PED-4964] - disabled build of nvidia-peermem module; it's no longer needed and never worked anyway (it was only a stub) [bsc#1211892] - preamble: added conflict to nvidia-gfxG05-kmp to prevent users from accidently installing conflicting proprietary kernelspace drivers from CUDA repository - Update to version 535.113.01 - kmp-post.sh/kmp-postun.sh: * add/remove nosimplefb=1 kernel option in order to fix Linux console also on sle15-sp6/Leap 15.6 kernel, which will come with simpledrm support Moderate SUSE bug 1211892 SUSE bug 1216826 CVE-2023-31022 at SUSE CVE-2023-31022 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Updated to Intel CPU Microcode 20231114 pre-release (labeled 20231113). (bsc#1215278) - CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation. (bsc#1215278) Important SUSE bug 1215278 CVE-2023-23583 at SUSE CVE-2023-23583 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response (bsc#1216377). Moderate SUSE bug 1216377 CVE-2023-45803 at SUSE CVE-2023-45803 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero (XSA-439) (bsc#1215474). - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) (bsc#1215145). - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling (XSA-443) (bsc#1215747). - CVE-2023-34326: x86/AMD: missing IOMMU TLB flushing (XSA-442) (bsc#1215746). - CVE-2023-34327,CVE-2023-34328: x86/AMD: Debug Mask handling (XSA-444) (bsc#1215748). - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels (XSA-445) (bsc#1216654). - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective (XSA-446) (bsc#1216807). - Upstream bug fixes (bsc#1027519) Important SUSE bug 1027519 SUSE bug 1215145 SUSE bug 1215474 SUSE bug 1215746 SUSE bug 1215747 SUSE bug 1215748 SUSE bug 1216654 SUSE bug 1216807 CVE-2023-20588 at SUSE CVE-2023-20588 at NVD CVE-2023-34322 at SUSE CVE-2023-34322 at NVD CVE-2023-34325 at SUSE CVE-2023-34325 at NVD CVE-2023-34326 at SUSE CVE-2023-34326 at NVD CVE-2023-34327 at SUSE CVE-2023-34327 at NVD CVE-2023-34328 at SUSE CVE-2023-34328 at NVD CVE-2023-46835 at SUSE CVE-2023-46835 at NVD CVE-2023-46836 at SUSE CVE-2023-46836 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Updated to Intel CPU Microcode 20231114 release. (bsc#1215278) - CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation. (bsc#1215278) Important SUSE bug 1215278 CVE-2023-23583 at SUSE CVE-2023-23583 at NVD cpe:/o:suse:sle-micro:5.5 Security update for avahi (Moderate) SUSE Linux Enterprise Micro 5.5 This update for avahi fixes the following issues: - CVE-2023-38470: Ensure each label is at least one byte long (bsc#1215947). - CVE-2023-38473: Fixed a reachable assertion when parsing a host name (bsc#1216419). Moderate SUSE bug 1215947 SUSE bug 1216419 CVE-2023-38470 at SUSE CVE-2023-38470 at NVD CVE-2023-38473 at SUSE CVE-2023-38473 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode() in tree.c (bsc#1216129). Moderate SUSE bug 1216129 CVE-2023-45322 at SUSE CVE-2023-45322 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3-setuptools (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3-setuptools fixes the following issues: - CVE-2022-40897: Fixed Regular Expression Denial of Service (ReDoS) in package_index.py (bsc#1206667). Moderate SUSE bug 1206667 CVE-2022-40897 at SUSE CVE-2022-40897 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Important) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922). Important SUSE bug 1216922 CVE-2023-5678 at SUSE CVE-2023-5678 at NVD cpe:/o:suse:sle-micro:5.5 Security update for fdo-client (Moderate) SUSE Linux Enterprise Micro 5.5 This update for fdo-client fixes the following issues: - Removed build key via utils/keys_gen.sh. (bsc#1216293) Moderate SUSE bug 1216293 cpe:/o:suse:sle-micro:5.5 Security update for vim (Important) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: Updated to version 9.0 with patch level 2103, fixes the following security problems * CVE-2023-5344: vim: Heap-based Buffer Overflow in vim prior to 9.0.1969 (bsc#1215940) * CVE-2023-5441: vim: segfault in exmode when redrawing (bsc#1216001) * CVE-2023-5535: vim: use-after-free from buf_contents_changed() (bsc#1216167) * CVE-2023-46246: vim: Integer Overflow in :history command (bsc#1216696) * CVE-2023-4738: vim: heap-buffer-overflow in vim_regsub_both (bsc#1214922) * CVE-2023-4735: vim: OOB Write ops.c (bsc#1214924) * CVE-2023-4734: vim: segmentation fault in function f_fullcommand (bsc#1214925) * CVE-2023-4733: vim: use-after-free in function buflist_altfpos (bsc#1215004) * CVE-2023-4752: vim: Heap Use After Free in function ins_compl_get_exp (bsc#1215006) * CVE-2023-4781: vim: heap-buffer-overflow in function vim_regsub_both (bsc#1215033) Important SUSE bug 1214922 SUSE bug 1214924 SUSE bug 1214925 SUSE bug 1215004 SUSE bug 1215006 SUSE bug 1215033 SUSE bug 1215940 SUSE bug 1216001 SUSE bug 1216167 SUSE bug 1216696 CVE-2023-46246 at SUSE CVE-2023-46246 at NVD CVE-2023-4733 at SUSE CVE-2023-4733 at NVD CVE-2023-4734 at SUSE CVE-2023-4734 at NVD CVE-2023-4735 at SUSE CVE-2023-4735 at NVD CVE-2023-4738 at SUSE CVE-2023-4738 at NVD CVE-2023-4752 at SUSE CVE-2023-4752 at NVD CVE-2023-4781 at SUSE CVE-2023-4781 at NVD CVE-2023-5344 at SUSE CVE-2023-5344 at NVD CVE-2023-5441 at SUSE CVE-2023-5441 at NVD CVE-2023-5535 at SUSE CVE-2023-5535 at NVD cpe:/o:suse:sle-micro:5.5 Security update for squashfs (Important) SUSE Linux Enterprise Micro 5.5 This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools (bsc#935380) - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination (bsc#1189936) - CVE-2021-41072: Fixed an issue where an attacker might have been able to write a file outside the destination directory via a symlink (bsc#1190531). update to 4.6.1: * Race condition which can cause corruption of the 'fragment table' fixed. This is a regression introduced in August 2022, and it has been seen when tailend packing is used (-tailends option). * Fix build failure when the tools are being built without extended attribute (XATTRs) support. * Fix XATTR error message when an unrecognised prefix is found * Fix incorrect free of pointer when an unrecognised XATTR prefix is found. * Major improvements in extended attribute handling, pseudo file handling, and miscellaneous new options and improvements * Extended attribute handling improved in Mksquashfs and Sqfstar * New Pseudo file xattr definition to add extended attributes to files. * New xattrs-add Action to add extended attributes to files * Extended attribute handling improved in Unsquashfs * Other major improvements * Unsquashfs can now output Pseudo files to standard out. * Mksquashfs can now input Pseudo files from standard in. * Squashfs filesystems can now be converted (different block size compression etc) without unpacking to an intermediate filesystem or mounting, by piping the output of Unsquashfs to Mksquashfs. * Pseudo files are now supported by Sqfstar. * 'Non-anchored' excludes are now supported by Unsquashfs. update to 4.5.1 (bsc#1190531, CVE-2021-41072): * This release adds Manpages for Mksquashfs(1), Unsquashfs(1), Sqfstar(1) and Sqfscat(1). * The -help text output from the utilities has been improved and extended as well (but the Manpages are now more comprehensive). * CVE-2021-41072 which is a writing outside of destination exploit, has been fixed. * The number of hard-links in the filesystem is now also displayed by Mksquashfs in the output summary. * The number of hard-links written by Unsquashfs is now also displayed in the output summary. * Unsquashfs will now write to a pre-existing destination directory, rather than aborting. * Unsquashfs now allows '.' to used as the destination, to extract to the current directory. * The Unsquashfs progress bar now tracks empty files and hardlinks, in addition to data blocks. * -no-hardlinks option has been implemented for Sqfstar. * More sanity checking for 'corrupted' filesystems, including checks for multiply linked directories and directory loops. * Options that may cause filesystems to be unmountable have been moved into a new 'experts' category in the Mksquashfs help text (and Manpage). * Maximum cpiostyle filename limited to PATH_MAX. This prevents attempts to overflow the stack, or cause system calls to fail with a too long pathname. * Don't always use 'max open file limit' when calculating length of queues, as a very large file limit can cause Unsquashfs to abort. Instead use the smaller of max open file limit and cache size. * Fix Mksquashfs silently ignoring Pseudo file definitions when appending. * Don't abort if no XATTR support has been built in, and there's XATTRs in the filesystem. This is a regression introduced in 2019 in Version 4.4. * Fix duplicate check when the last file block is sparse. update to 4.5: * Mksquashfs now supports 'Actions'. * New sqfstar command which will create a Squashfs image from a tar archive. * Tar style handling of source pathnames in Mksquashfs. * Cpio style handling of source pathnames in Mksquashfs. * New option to throttle the amount of CPU and I/O. * Mksquashfs now allows no source directory to be specified. * New Pseudo file 'R' definition which allows a Regular file o be created with data stored within the Pseudo file. * Symbolic links are now followed in extract files * Unsquashfs now supports 'exclude' files. * Max depth traversal option added. * Unsquashfs can now output a 'Pseudo file' representing the input Squashfs filesystem. * New -one-file-system option in Mksquashfs. * New -no-hardlinks option in Mksquashfs. * Exit code in Unsquashfs changed to distinguish between non-fatal errors (exit 2), and fatal errors (exit 1). * Xattr id count added in Unsquashfs '-stat' output. * Unsquashfs 'write outside directory' exploit fixed. * Error handling in Unsquashfs writer thread fixed. * Fix failure to truncate destination if appending aborted. * Prevent Mksquashfs reading the destination file. Important SUSE bug 1189936 SUSE bug 1190531 SUSE bug 935380 CVE-2015-4645 at SUSE CVE-2015-4645 at NVD CVE-2015-4646 at SUSE CVE-2015-4646 at NVD CVE-2021-40153 at SUSE CVE-2021-40153 at NVD CVE-2021-41072 at SUSE CVE-2021-41072 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sqlite3 (Important) SUSE Linux Enterprise Micro 5.5 This update for sqlite3 fixes the following issues: - CVE-2023-2137: Fixed heap buffer overflow (bsc#1210660). Important SUSE bug 1210660 CVE-2023-2137 at SUSE CVE-2023-2137 at NVD cpe:/o:suse:sle-micro:5.5 Security update for traceroute (Moderate) SUSE Linux Enterprise Micro 5.5 This update for traceroute fixes the following issues: - CVE-2023-46316: wrapper scripts do not properly parse command lines (bsc#1216591). Moderate SUSE bug 1216591 CVE-2023-46316 at SUSE CVE-2023-46316 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Important) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update to version 1.1.0 - Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.1.0 Update to version 1.0.1 - Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.0.1 Important CVE-2023-44487 at SUSE CVE-2023-44487 at NVD cpe:/o:suse:sle-micro:5.5 Security update for haproxy (Moderate) SUSE Linux Enterprise Micro 5.5 This update for haproxy fixes the following issues: - CVE-2023-45539: Fixed misinterpretation of a path_end rule with # as part of the URI component (bsc#1217653). Moderate SUSE bug 1217653 CVE-2023-45539 at SUSE CVE-2023-45539 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (Important) SUSE Linux Enterprise Micro 5.5 This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.58.0 - Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.58.0 Important cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2023-46218: Fixed cookie mixed case PSL bypass (bsc#1217573). - CVE-2023-46219: HSTS long file name clears contents (bsc#1217574). Moderate SUSE bug 1217573 SUSE bug 1217574 CVE-2023-46218 at SUSE CVE-2023-46218 at NVD CVE-2023-46219 at SUSE CVE-2023-46219 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kernel-firmware (Important) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware fixes the following issues: Update AMD ucode to 20231030 (bsc#1215831): - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. - CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation. - CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service. 0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity. - CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. - CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. - CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality. - CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. - CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality. - CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service. - CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823). Important SUSE bug 1215823 SUSE bug 1215831 CVE-2021-26345 at SUSE CVE-2021-26345 at NVD CVE-2021-46766 at SUSE CVE-2021-46766 at NVD CVE-2021-46774 at SUSE CVE-2021-46774 at NVD CVE-2022-23820 at SUSE CVE-2022-23820 at NVD CVE-2022-23830 at SUSE CVE-2022-23830 at NVD CVE-2023-20519 at SUSE CVE-2023-20519 at NVD CVE-2023-20521 at SUSE CVE-2023-20521 at NVD CVE-2023-20526 at SUSE CVE-2023-20526 at NVD CVE-2023-20533 at SUSE CVE-2023-20533 at NVD CVE-2023-20566 at SUSE CVE-2023-20566 at NVD CVE-2023-20592 at SUSE CVE-2023-20592 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2021-3638: hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (bsc#1188609) - CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request (bsc#1213925) - CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake (bsc#1212850) - [openSUSE] roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2.41 (bsc#1215311) - target/s390x: Fix the 'ignored match' case in VSTRS (bsc#1213210) - linux-user/elfload: Enable vxe2 on s390x (bsc#1213210) Important SUSE bug 1188609 SUSE bug 1212850 SUSE bug 1213210 SUSE bug 1213925 SUSE bug 1215311 CVE-2021-3638 at SUSE CVE-2021-3638 at NVD CVE-2023-3180 at SUSE CVE-2023-3180 at NVD CVE-2023-3354 at SUSE CVE-2023-3354 at NVD cpe:/o:suse:sle-micro:5.5 Security update for suse-build-key (Important) SUSE Linux Enterprise Micro 5.5 This update for suse-build-key fixes the following issues: This update runs a import-suse-build-key script. The previous libzypp-post-script based installation is replaced with a systemd timer and service (bsc#1217215 bsc#1216410 jsc#PED-2777). - suse-build-key-import.service - suse-build-key-import.timer It imports the future SUSE Linux Enterprise 15 4096 bit RSA key primary and reserve keys. After successful import the timer is disabled. To manually import them you can also run: # rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-3fa1d6ce-63c9481c.asc # rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-d588dc46-63c939db.asc Important SUSE bug 1216410 SUSE bug 1217215 cpe:/o:suse:sle-micro:5.5 Security update for catatonit, containerd, runc (Important) SUSE Linux Enterprise Micro 5.5 This update of runc and containerd fixes the following issues: containerd: - Update to containerd v1.7.8. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.8 * CVE-2022-1996: Fixed CORS bypass in go-restful (bsc#1200528) catatonit: - Update to catatonit v0.2.0. * Change license to GPL-2.0-or-later. - Update to catatont v0.1.7 * This release adds the ability for catatonit to be used as the only process in a pause container, by passing the -P flag (in this mode no subprocess is spawned and thus no signal forwarding is done). - Update to catatonit v0.1.6, which fixes a few bugs -- mainly ones related to socket activation or features somewhat adjacent to socket activation (such as passing file descriptors). runc: - Update to runc v1.1.10. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.1.10 Important SUSE bug 1200528 CVE-2022-1996 at SUSE CVE-2022-1996 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332). - CVE-2023-2006: Fixed a race condition in the RxRPC network protocol (bsc#1210447). - CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface (bsc#1216527). - CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). - CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). - CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in drivers/net/usb/lan78xx.c (bsc#1217068). - CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). - CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710). - CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). - CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). - CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). - CVE-2023-25775: Fixed improper access control in the Intel Ethernet Controller RDMA driver (bsc#1216959). - CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo() (bsc#1216693). The following non-security bugs were fixed: - ACPI: FPDT: properly handle invalid FPDT subtables (git-fixes). - ACPI: resource: Do IRQ override on TongFang GMxXGxx (git-fixes). - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA (git-fixes). - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() (git-fixes). - ALSA: hda/realtek - ALC287 Realtek I2S speaker platform support (git-fixes). - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table (git-fixes). - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC (git-fixes). - ALSA: hda/realtek: Add quirk for ASUS UX7602ZM (git-fixes). - ALSA: hda/realtek: Add quirks for ASUS 2024 Zenbooks (git-fixes). - ALSA: hda/realtek: Add quirks for HP Laptops (git-fixes). - ALSA: hda/realtek: Add support dual speaker for Dell (git-fixes). - ALSA: hda/realtek: Enable Mute LED on HP 255 G10 (git-fixes). - ALSA: hda/realtek: Enable Mute LED on HP 255 G8 (git-fixes). - ALSA: hda: ASUS UM5302LA: Added quirks for cs35L41/10431A83 on i2c bus (git-fixes). - ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140). - ALSA: hda: Fix possible null-ptr-deref when assigning a stream (git-fixes). - ALSA: hda: cs35l41: Fix unbalanced pm_runtime_get() (git-fixes). - ALSA: hda: cs35l41: Undo runtime PM changes at driver exit time (git-fixes). - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection (git-fixes). - ALSA: info: Fix potential deadlock at disconnection (git-fixes). - ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices (git-fixes). - ARM: 9321/1: memset: cast the constant byte to unsigned char (git-fixes). - ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails (git-fixes). - ASoC: SOF: core: Ensure sof_ops_free() is still called when probe never ran (git-fixes). - ASoC: ams-delta.c: use component after check (git-fixes). - ASoC: codecs: wsa-macro: fix uninitialized stack variables with name prefix (git-fixes). - ASoC: cs35l41: Undo runtime PM changes at driver exit time (git-fixes). - ASoC: cs35l41: Verify PM runtime resume errors in IRQ handler (git-fixes). - ASoC: fsl: Fix PM disable depth imbalance in fsl_easrc_probe (git-fixes). - ASoC: fsl: mpc5200_dma.c: Fix warning of Function parameter or member not described (git-fixes). - ASoC: hdmi-codec: register hpd callback on component probe (git-fixes). - ASoC: rt5650: fix the wrong result of key button (git-fixes). - ASoC: simple-card: fixup asoc_simple_probe() error handling (git-fixes). - ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings (git-fixes). - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE (git-fixes). - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables (git-fixes). - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 (git-fixes). - Bluetooth: btusb: Add date->evt_skb is NULL check (git-fixes). - Documentation: networking: correct possessive 'its' (bsc#1215458). - Drivers: hv: vmbus: Remove unused extern declaration vmbus_ontimer() (git-fixes). - Fix termination state for idr_for_each_entry_ul() (git-fixes). - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W (git-fixes). - HID: hyperv: Replace one-element array with flexible-array member (git-fixes). - HID: hyperv: avoid struct memcpy overrun warning (git-fixes). - HID: hyperv: remove unused struct synthhid_msg (git-fixes). - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround (git-fixes). - HID: logitech-hidpp: Do not restart IO, instead defer hid_connect() only (git-fixes). - HID: logitech-hidpp: Move get_wireless_feature_index() check to hidpp_connect_event() (git-fixes). - HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk (git-fixes). - HID: logitech-hidpp: Revert 'Do not restart communication if not necessary' (git-fixes). - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (git-fixes). - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport (git-fixes). - Input: xpad - add VID for Turtle Beach controllers (git-fixes). - NFS: Fix access to page->mapping (bsc#1216788). - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common() (git-fixes). - PCI/sysfs: Protect driver's D3cold preference from user space (git-fixes). - PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1215458). - PCI: Extract ATS disabling to a helper function (bsc#1215458). - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git-fixes). - PCI: Use FIELD_GET() in Sapphire RX 5600 XT Pulse quirk (git-fixes). - PCI: Use FIELD_GET() to extract Link Width (git-fixes). - PCI: exynos: Do not discard .remove() callback (git-fixes). - PCI: keystone: Do not discard .probe() callback (git-fixes). - PCI: keystone: Do not discard .remove() callback (git-fixes). - PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields (git-fixes). - PCI: vmd: Correct PCI Header Type Register's multi-function check (git-fixes). - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory (git-fixes). - PM: hibernate: Use __get_safe_page() rather than touching the list (git-fixes). - USB: dwc2: write HCINT with INTMASK applied (bsc#1214286). - USB: dwc3: qcom: fix ACPI platform device leak (git-fixes). - USB: dwc3: qcom: fix resource leaks on probe deferral (git-fixes). - USB: dwc3: qcom: fix software node leak on probe errors (git-fixes). - USB: dwc3: qcom: fix wakeup after probe deferral (git-fixes). - USB: serial: option: add Fibocom L7xx modules (git-fixes). - USB: serial: option: add Luat Air72*U series products (git-fixes). - USB: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). - USB: serial: option: fix FM101R-GL defines (git-fixes). - USB: usbip: fix stub_dev hub disconnect (git-fixes). - arm/xen: fix xen_vcpu_info allocation alignment (git-fixes). - arm64: Add Cortex-A520 CPU part definition (git-fixes) - arm64: allow kprobes on EL0 handlers (git-fixes) - arm64: armv8_deprecated move emulation functions (git-fixes) - arm64: armv8_deprecated: fix unused-function error (git-fixes) - arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes) - arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes) - arm64: armv8_deprecated: rework deprected instruction handling (git-fixes) - arm64: consistently pass ESR_ELx to die() (git-fixes) - arm64: die(): pass 'err' as long (git-fixes) - arm64: factor insn read out of call_undef_hook() (git-fixes) - arm64: factor out EL1 SSBS emulation hook (git-fixes) - arm64: report EL1 UNDEFs better (git-fixes) - arm64: rework BTI exception handling (git-fixes) - arm64: rework EL0 MRS emulation (git-fixes) - arm64: rework FPAC exception handling (git-fixes) - arm64: split EL0/EL1 UNDEF handlers (git-fixes) - ata: pata_isapnp: Add missing error check for devm_ioport_map() (git-fixes). - atl1c: Work around the DMA RX overflow issue (git-fixes). - atm: iphase: Do PCI error checks on own line (git-fixes). - blk-mq: Do not clear driver tags own mapping (bsc#1217366). - blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() (bsc#1217366). - bluetooth: Add device 0bda:887b to device tables (git-fixes). - bluetooth: Add device 13d3:3571 to device tables (git-fixes). - btrfs: always log symlinks in full mode (bsc#1214840). - can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is accessed out of bounds (git-fixes). - can: dev: can_restart(): do not crash kernel if carrier is OK (git-fixes). - can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() (git-fixes). - can: isotp: add local echo tx processing for consecutive frames (git-fixes). - can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-fixes). - can: isotp: fix tx state handling for echo tx processing (git-fixes). - can: isotp: handle wait_event_interruptible() return values (git-fixes). - can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting (git-fixes). - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior (git-fixes). - can: isotp: remove re-binding of bound socket (git-fixes). - can: isotp: sanitize CAN ID checks in isotp_bind() (git-fixes). - can: isotp: set max PDU size to 64 kByte (git-fixes). - can: isotp: split tx timer into transmission and timeout (git-fixes). - can: sja1000: Fix comment (git-fixes). - clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name (git-fixes). - clk: imx: Select MXC_CLK for CLK_IMX8QXP (git-fixes). - clk: imx: imx8mq: correct error handling path (git-fixes). - clk: imx: imx8qxp: Fix elcdif_pll clock (git-fixes). - clk: keystone: pll: fix a couple NULL vs IS_ERR() checks (git-fixes). - clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data (git-fixes). - clk: npcm7xx: Fix incorrect kfree (git-fixes). - clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies (git-fixes). - clk: qcom: config IPQ_APSS_6018 should depend on QCOM_SMEM (git-fixes). - clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src (git-fixes). - clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks (git-fixes). - clk: qcom: mmcc-msm8998: Do not check halt bit on some branch clks (git-fixes). - clk: qcom: mmcc-msm8998: Fix the SMMU GDSC (git-fixes). - clk: scmi: Free scmi_clk allocated when the clocks with invalid info are skipped (git-fixes). - clk: ti: Add ti_dt_clk_name() helper to use clock-output-names (git-fixes). - clk: ti: Update component clocks to use ti_dt_clk_name() (git-fixes). - clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name() (git-fixes). - clk: ti: change ti_clk_register[_omap_hw]() API (git-fixes). - clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes). - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware (git-fixes). - clocksource/drivers/timer-imx-gpt: Fix potential memory leak (git-fixes). - crypto: caam/jr - fix Chacha20 + Poly1305 self test failure (git-fixes). - crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure (git-fixes). - crypto: hisilicon/hpre - Fix a erroneous check after snprintf() (git-fixes). - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() (git-fixes). - dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe (git-fixes). - dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes). - dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes). - drm/amd/display: Avoid NULL dereference of timing generator (git-fixes). - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox (git-fixes). - drm/amd/display: Refactor dm_get_plane_scale helper (git-fixes). - drm/amd/display: remove useless check in should_enable_fbc() (git-fixes). - drm/amd/display: use full update for clip size increase of large plane source (git-fixes). - drm/amd/pm: Handle non-terminated overdrive commands (git-fixes). - drm/amd: Disable ASPM for VI w/ all Intel systems (git-fixes). - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (git-fixes). - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (git-fixes). - drm/amd: Move helper for dynamic speed switch check out of smu13 (git-fixes). - drm/amd: Update `update_pcie_parameters` functions to use uint8_t arguments (git-fixes). - drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes). - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (git-fixes). - drm/amdgpu: Fix potential null pointer derefernce (git-fixes). - drm/amdgpu: Remove unnecessary domain argument (git-fixes). - drm/amdgpu: Reserve fences for VM update (git-fixes). - drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802). - drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-fixes). - drm/amdgpu: do not use ATRM for external devices (git-fixes). - drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes). - drm/amdgpu: fix software pci_unplug on some chips (git-fixes). - drm/amdgpu: not to save bo in the case of RAS err_event_athub (git-fixes). - drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802). - drm/amdkfd: Fix a race condition of vram buffer unref in svm code (git-fixes). - drm/amdkfd: Fix shift out-of-bounds issue (git-fixes). - drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code (git-fixes). - drm/bridge: Fix kernel-doc typo in desc of output_bus_cfg in drm_bridge_state (git-fixes). - drm/bridge: lt8912b: Add missing drm_bridge_attach call (git-fixes). - drm/bridge: lt8912b: Fix bridge_detach (git-fixes). - drm/bridge: lt8912b: Fix crash on bridge detach (git-fixes). - drm/bridge: lt8912b: Manually disable HPD only if it was enabled (git-fixes). - drm/bridge: lt8912b: Register and attach our DSI device at probe (git-fixes). - drm/bridge: lt8912b: Switch to devm MIPI-DSI helpers (git-fixes). - drm/bridge: lt9611uxc: Register and attach our DSI device at probe (git-fixes). - drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers (git-fixes). - drm/bridge: lt9611uxc: fix the race in the error path (git-fixes). - drm/bridge: lt9611uxc: fix the race in the error path (git-fixes). - drm/bridge: tc358768: Clean up clock period code (git-fixes). - drm/bridge: tc358768: Disable non-continuous clock mode (git-fixes). - drm/bridge: tc358768: Fix bit updates (git-fixes). - drm/bridge: tc358768: Fix tc358768_ns_to_cnt() (git-fixes). - drm/bridge: tc358768: Fix use of uninitialized variable (git-fixes). - drm/bridge: tc358768: Print logical values, not raw register values (git-fixes). - drm/bridge: tc358768: Rename dsibclk to hsbyteclk (git-fixes). - drm/bridge: tc358768: Use dev for dbg prints, not priv->dev (git-fixes). - drm/bridge: tc358768: Use struct videomode (git-fixes). - drm/bridge: tc358768: remove unused variable (git-fixes). - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() (git-fixes). - drm/gma500: Fix call trace when psb_gem_mm_init() fails (git-fixes). - drm/gud: Use size_add() in call to struct_size() (git-fixes). - drm/i915: Fix potential spectre vulnerability (git-fixes). - drm/i915: Flush WC GGTT only on required platforms (git-fixes). - drm/komeda: drop all currently held locks if deadlock happens (git-fixes). - drm/mediatek: Fix iommu fault by swapping FBs after updating plane state (git-fixes). - drm/mediatek: Fix iommu fault during crtc enabling (git-fixes). - drm/mipi-dsi: Create devm device attachment (git-fixes). - drm/mipi-dsi: Create devm device registration (git-fixes). - drm/msm/dp: skip validity check for DP CTS EDID checksum (git-fixes). - drm/msm/dsi: free TX buffer in unbind (git-fixes). - drm/msm/dsi: use msm_gem_kernel_put to free TX buffer (git-fixes). - drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-fixes). - drm/panel: fix a possible null pointer dereference (git-fixes). - drm/panel: simple: Fix Innolux G101ICE-L01 bus flags (git-fixes). - drm/panel: simple: Fix Innolux G101ICE-L01 timings (git-fixes). - drm/panel: st7703: Pick different reset sequence (git-fixes). - drm/qxl: prevent memory leak (git-fixes). - drm/radeon: fix a possible null pointer dereference (git-fixes). - drm/radeon: possible buffer overflow (git-fixes). - drm/rockchip: Fix type promotion bug in rockchip_gem_iommu_map() (git-fixes). - drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() (git-fixes). - drm/rockchip: vop: Fix call to crtc reset helper (git-fixes). - drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full (git-fixes). - drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs (git-fixes). - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE (git-fixes). - drm/ttm: Reorder sys manager cleanup step (git-fixes). - drm/vc4: fix typo (git-fixes). - drm/vmwgfx: Remove the duplicate bo_free function (bsc#1216527) - drm/vmwgfx: Rename vmw_buffer_object to vmw_bo (bsc#1216527) - drm: bridge: it66121: Fix invalid connector dereference (git-fixes). - drm: mediatek: mtk_dsi: Fix NO_EOT_PACKET settings/handling (git-fixes). - drm: vmwgfx_surface.c: copy user-array safely (git-fixes). - dt-bindings: usb: hcd: add missing phy name to example (git-fixes). - dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes). - fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes). - fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes). - fbdev: imsttfb: Fix error path of imsttfb_probe() (git-fixes). - fbdev: imsttfb: Release framebuffer and dealloc cmap on error path (git-fixes). - fbdev: imsttfb: fix a resource leak in probe (git-fixes). - fbdev: imsttfb: fix double free in probe() (git-fixes). - fbdev: omapfb: Drop unused remove function (git-fixes). - fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() (git-fixes). - firewire: core: fix possible memory leak in create_units() (git-fixes). - gpio: mockup: fix kerneldoc (git-fixes). - gpio: mockup: remove unused field (git-fixes). - gpu: host1x: Correct allocated size for contexts (git-fixes). - hid: cp2112: Fix duplicate workqueue initialization (git-fixes). - hv: simplify sysctl registration (git-fixes). - hv_netvsc: Fix race of register_netdevice_notifier and VF register (git-fixes). - hv_netvsc: Mark VF as slave before exposing it to user-mode (git-fixes). - hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (git-fixes). - hv_netvsc: fix race of netvsc and VF register_netdevice (git-fixes). - hwmon: (coretemp) Fix potentially truncated sysfs attribute name (git-fixes). - i2c: core: Run atomic i2c xfer when !preemptible (git-fixes). - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (git-fixes). - i2c: dev: copy userspace array safely (git-fixes). - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-fixes). - i2c: iproc: handle invalid slave state (git-fixes). - i2c: sun6i-p2wi: Prevent potential division by zero (git-fixes). - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs (git-fixes). - i3c: master: cdns: Fix reading status register (git-fixes). - i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data (git-fixes). - i3c: master: svc: fix SDA keep low when polling IBIWON timeout happen (git-fixes). - i3c: master: svc: fix check wrong status register in irq handler (git-fixes). - i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes). - i3c: master: svc: fix race condition in ibi work thread (git-fixes). - i3c: master: svc: fix wrong data return when IBI happen during start frame (git-fixes). - i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler (git-fixes). - i915/perf: Fix NULL deref bugs with drm_dbg() calls (git-fixes). - idpf: add RX splitq napi poll support (bsc#1215458). - idpf: add SRIOV support and other ndo_ops (bsc#1215458). - idpf: add TX splitq napi poll support (bsc#1215458). - idpf: add controlq init and reset checks (bsc#1215458). - idpf: add core init and interrupt request (bsc#1215458). - idpf: add create vport and netdev configuration (bsc#1215458). - idpf: add ethtool callbacks (bsc#1215458). - idpf: add module register and probe functionality (bsc#1215458). - idpf: add ptypes and MAC filter support (bsc#1215458). - idpf: add singleq start_xmit and napi poll (bsc#1215458). - idpf: add splitq start_xmit (bsc#1215458). - idpf: cancel mailbox work in error path (bsc#1215458). - idpf: configure resources for RX queues (bsc#1215458). - idpf: configure resources for TX queues (bsc#1215458). - idpf: fix potential use-after-free in idpf_tso() (bsc#1215458). - idpf: initialize interrupts and enable vport (bsc#1215458). - idpf: set scheduling mode for completion queue (bsc#1215458). - irqchip/stm32-exti: add missing DT IRQ flag translation (git-fixes). - leds: pwm: Do not disable the PWM when the LED should be off (git-fixes). - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' (git-fixes). - leds: turris-omnia: Do not use SMBUS calls (git-fixes). - lsm: fix default return value for inode_getsecctx (git-fixes). - lsm: fix default return value for vm_enough_memory (git-fixes). - media: bttv: fix use after free error due to btv->timeout timer (git-fixes). - media: ccs: Correctly initialise try compose rectangle (git-fixes). - media: ccs: Fix driver quirk struct documentation (git-fixes). - media: cedrus: Fix clock/reset sequence (git-fixes). - media: cobalt: Use FIELD_GET() to extract Link Width (git-fixes). - media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes). - media: i2c: max9286: Fix some redundant of_node_put() calls (git-fixes). - media: imon: fix access to invalid resource for the second interface (git-fixes). - media: lirc: drop trailing space from scancode transmit (git-fixes). - media: qcom: camss: Fix VFE-17x vfe_disable_output() (git-fixes). - media: qcom: camss: Fix missing vfe_lite clocks check (git-fixes). - media: qcom: camss: Fix pm_domain_on sequence in probe (git-fixes). - media: qcom: camss: Fix vfe_get() error jump (git-fixes). - media: sharp: fix sharp encoding (git-fixes). - media: siano: Drop unnecessary error check for debugfs_create_dir/file() (git-fixes). - media: venus: hfi: add checks to handle capabilities from firmware (git-fixes). - media: venus: hfi: add checks to perform sanity on queue pointers (git-fixes). - media: venus: hfi: fix the check to handle session buffer requirement (git-fixes). - media: venus: hfi_parser: Add check to keep the number of codecs within range (git-fixes). - media: vidtv: mux: Add check and kfree for kstrdup (git-fixes). - media: vidtv: psi: Add check for kstrdup (git-fixes). - media: vivid: avoid integer overflow (git-fixes). - mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs (git-fixes). - mfd: core: Ensure disabled devices are skipped without aborting (git-fixes). - mfd: dln2: Fix double put in dln2_probe (git-fixes). - misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller (git-fixes). - mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#PED-7237, git-fixes). - mmc: block: Be sure to wait while busy in CQE error recovery (git-fixes). - mmc: block: Do not lose cache flush during CQE error recovery (git-fixes). - mmc: block: Retry commands in CQE error recovery (git-fixes). - mmc: cqhci: Fix task clearing in CQE error recovery (git-fixes). - mmc: cqhci: Increase recovery halt timeout (git-fixes). - mmc: cqhci: Warn of halt or task clear failure (git-fixes). - mmc: meson-gx: Remove setting of CMD_CFG_ERROR (git-fixes). - mmc: sdhci-pci-gli: A workaround to allow GL9750 to enter ASPM L1.2 (git-fixes). - mmc: sdhci-pci-gli: GL9750: Mask the replay timer timeout of AER (git-fixes). - mmc: sdhci_am654: fix start loop index for TAP value parsing (git-fixes). - mmc: vub300: fix an error code (git-fixes). - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host (git-fixes). - mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes). - mtd: cfi_cmdset_0001: Byte swap OTP info (git-fixes). - mtd: rawnand: arasan: Include ECC syndrome along with in-band data while checking for ECC failure (git-fixes). - net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759). - net: Avoid address overwrite in kernel_connect (bsc#1216861). - net: add macro netif_subqueue_completed_wake (bsc#1215458). - net: fix use-after-free in tw_timer_handler (bsc#1217195). - net: mana: Fix return type of mana_start_xmit() (git-fixes). - net: piggy back on the memory barrier in bql when waking queues (bsc#1215458). - net: provide macros for commonly copied lockless queue stop/wake code (bsc#1215458). - net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-fixes). - nvme: update firmware version after commit (bsc#1215292). - pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes). - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() (git-fixes). - pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes). - pinctrl: avoid reload of p state in list iteration (git-fixes). - platform/x86/intel-uncore-freq: Return error on write frequency (bsc#1217147). - platform/x86/intel-uncore-freq: Split common and enumeration part (bsc#1217147). - platform/x86/intel-uncore-freq: Support for cluster level controls (bsc#1217147). - platform/x86/intel-uncore-freq: Uncore frequency control via TPMI (bsc#1217147). - platform/x86/intel-uncore-freq: tpmi: Provide cluster level control (bsc#1217147). - platform/x86/intel/tpmi: ADD tpmi external interface for tpmi feature drivers (bsc#1217147). - platform/x86/intel/tpmi: Fix double free reported by Smatch (bsc#1217147). - platform/x86/intel/tpmi: Process CPU package mapping (bsc#1217147). - platform/x86/intel/uncore-freq: Display uncore current frequency (bsc#1217147). - platform/x86/intel/uncore-freq: Move to uncore-frequency folder (bsc#1217147). - platform/x86/intel/uncore-freq: Use sysfs API to create attributes (bsc#1217147). - platform/x86/intel/vsec: Add TPMI ID (bsc#1217147). - platform/x86/intel/vsec: Enhance and Export intel_vsec_add_aux() (bsc#1217147). - platform/x86/intel/vsec: Support private data (bsc#1217147). - platform/x86/intel/vsec: Use mutex for ida_alloc() and ida_free() (bsc#1217147). - platform/x86/intel: Intel TPMI enumeration driver (bsc#1217147). - platform/x86/intel: tpmi: Fix double free in tpmi_create_device() (bsc#1217147). - platform/x86: intel-uncore-freq: Add client processors (bsc#1217147). - platform/x86: intel-uncore-freq: Conditionally create attribute for read frequency (bsc#1217147). - platform/x86: intel-uncore-freq: Prevent driver loading in guests (bsc#1217147). - platform/x86: intel-uncore-freq: Use sysfs_emit() to instead of scnprintf() (bsc#1217147). - platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes (bsc#1217147). - platform/x86: intel-uncore-frequency: Move to intel sub-directory (bsc#1217147). - platform/x86: intel-uncore-frequency: use default_groups in kobj_type (bsc#1217147). - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (git-fixes). - platform/x86: wmi: Fix opening of char device (git-fixes). - platform/x86: wmi: Fix probe failure when failing to register WMI devices (git-fixes). - platform/x86: wmi: remove unnecessary initializations (git-fixes). - powerpc/perf/hv-24x7: Update domain value check (bsc#1215931). - powerpc/vas: Limit open window failure messages in log bufffer (bsc#1216687 ltc#203927). - powerpc: Do not clobber f0/vs0 during fp|altivec register save (bsc#1217780). - pwm: Fix double shift bug (git-fixes). - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume (git-fixes). - pwm: sti: Reduce number of allocations and drop usage of chip_data (git-fixes). - r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes). - r8152: Check for unplug in rtl_phy_patch_request() (git-fixes). - regmap: Ensure range selector registers are updated after cache sync (git-fixes). - regmap: debugfs: Fix a erroneous check after snprintf() (git-fixes). - regmap: prevent noinc writes from clobbering cache (git-fixes). - s390/ap: fix AP bus crash on early config change callback invocation (git-fixes bsc#1217687). - s390/cio: unregister device when the only path is gone (git-fixes bsc#1217609). - s390/cmma: fix detection of DAT pages (LTC#203997 bsc#1217086). - s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203997 bsc#1217086). - s390/cmma: fix initial kernel address space page table walk (LTC#203997 bsc#1217086). - s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217205). - s390/dasd: fix hanging device after request requeue (git-fixes LTC#203629 bsc#1215124). - s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217515). - s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217598). - s390/ipl: add missing IPL_TYPE_ECKD_DUMP case to ipl_init() (git-fixes bsc#1217511). - s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (bsc#1214976 git-fixes). - s390/mm: add missing arch_set_page_dat() call to gmap allocations (LTC#203997 bsc#1217086). - s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (LTC#203997 bsc#1217086). - s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200). - s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes bsc#1217599). - sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196). - sbitmap: fix up kABI for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196). - sbsa_gwdt: Calculate timeout with 64-bit math (git-fixes). - scsi: lpfc: Copyright updates for 14.2.0.16 patches (bsc#1217731). - scsi: lpfc: Correct maximum PCI function value for RAS fw logging (bsc#1217731). - scsi: lpfc: Eliminate unnecessary relocking in lpfc_check_nlp_post_devloss() (bsc#1217731). - scsi: lpfc: Enhance driver logging for selected discovery events (bsc#1217731). - scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() (bsc#1217731). - scsi: lpfc: Fix possible file string name overflow when updating firmware (bsc#1217731). - scsi: lpfc: Introduce LOG_NODE_VERBOSE messaging flag (bsc#1217124). - scsi: lpfc: Refactor and clean up mailbox command memory free (bsc#1217731). - scsi: lpfc: Reject received PRLIs with only initiator fcn role for NPIV ports (bsc#1217124). - scsi: lpfc: Remove unnecessary zero return code assignment in lpfc_sli4_hba_setup (bsc#1217124). - scsi: lpfc: Return early in lpfc_poll_eratt() when the driver is unloading (bsc#1217731). - scsi: lpfc: Treat IOERR_SLI_DOWN I/O completion status the same as pci offline (bsc#1217124). - scsi: lpfc: Update lpfc version to 14.2.0.15 (bsc#1217124). - scsi: lpfc: Update lpfc version to 14.2.0.16 (bsc#1217731). - scsi: lpfc: Validate ELS LS_ACC completion payload (bsc#1217124). - scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes). - scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-fixes). - selftests/efivarfs: create-read: fix a resource leak (git-fixes). - selftests/pidfd: Fix ksft print formats (git-fixes). - selftests/resctrl: Ensure the benchmark commands fits to its array (git-fixes). - selftests/resctrl: Reduce failures due to outliers in MBA/MBM tests (git-fixes). - selftests/resctrl: Remove duplicate feature check from CMT test (git-fixes). - seq_buf: fix a misleading comment (git-fixes). - serial: exar: Revert 'serial: exar: Add support for Sealevel 7xxxC serial cards' (git-fixes). - serial: meson: Use platform_get_irq() to get the interrupt (git-fixes). - soc: qcom: llcc: Handle a second device without data corruption (git-fixes). - spi: nxp-fspi: use the correct ioremap function (git-fixes). - spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes). - spi: tegra: Fix missing IRQ check in tegra_slink_probe() (git-fixes). - staging: media: ipu3: remove ftrace-like logging (git-fixes). - string.h: add array-wrappers for (v)memdup_user() (git-fixes). - supported.conf: marked idpf supported - thermal: core: prevent potential string overflow (git-fixes). - tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes). - tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks (git-fixes). - tty: 8250: Add support for Brainboxes UP cards (git-fixes). - tty: 8250: Add support for Intashield IS-100 (git-fixes). - tty: 8250: Add support for Intashield IX cards (git-fixes). - tty: 8250: Add support for additional Brainboxes PX cards (git-fixes). - tty: 8250: Add support for additional Brainboxes UC cards (git-fixes). - tty: 8250: Fix port count of PX-257 (git-fixes). - tty: 8250: Fix up PX-803/PX-857 (git-fixes). - tty: 8250: Remove UC-257 and UC-431 (git-fixes). - tty: Fix uninit-value access in ppp_sync_receive() (git-fixes). - tty: n_gsm: fix race condition in status line change on dead connections (git-fixes). - tty: serial: meson: fix hard LOCKUP on crtscts mode (git-fixes). - tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes). - tty: vcc: Add check for kstrdup() in vcc_probe() (git-fixes). - usb: cdnsp: Fix deadlock issue during using NCM gadget (git-fixes). - usb: chipidea: Fix DMA overwrite for Tegra (git-fixes). - usb: chipidea: Simplify Tegra DMA alignment code (git-fixes). - usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (git-fixes). - usb: dwc3: Fix default mode initialization (git-fixes). - usb: dwc3: set the dma max_seg_size (git-fixes). - usb: gadget: f_ncm: Always set current gadget in ncm_bind() (git-fixes). - usb: raw-gadget: properly handle interrupted requests (git-fixes). - usb: storage: set 1.50 as the lower bcdDevice for older 'Super Top' compatibility (git-fixes). - usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (git-fixes). - usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes). - virtchnl: add virtchnl version 2 ops (bsc#1215458). - wifi: ath10k: Do not touch the CE interrupt registers after power up (git-fixes). - wifi: ath10k: fix clang-specific fortify warning (git-fixes). - wifi: ath11k: debugfs: fix to work with multiple PCI devices (git-fixes). - wifi: ath11k: fix dfs radar event locking (git-fixes). - wifi: ath11k: fix gtk offload status event locking (git-fixes). - wifi: ath11k: fix htt pktlog locking (git-fixes). - wifi: ath11k: fix temperature event locking (git-fixes). - wifi: ath9k: fix clang-specific fortify warnings (git-fixes). - wifi: iwlwifi: Use FW rate for non-data frames (git-fixes). - wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-fixes). - wifi: iwlwifi: empty overflow queue during flush (git-fixes). - wifi: iwlwifi: honor the enable_ini value (git-fixes). - wifi: iwlwifi: pcie: synchronize IRQs before NAPI (git-fixes). - wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-fixes). - wifi: mac80211: fix # of MSDU in A-MSDU calculation (git-fixes). - wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes). - wifi: rtlwifi: fix EDCA limit set by BT coexistence (git-fixes). - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes). - x86/alternative: Add a __alt_reloc_selftest() prototype (git-fixes). - x86/cpu: Clear SVM feature if disabled by BIOS (bsc#1214700). - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes). - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (git-fixes). - x86/hyperv: Add HV_EXPOSE_INVARIANT_TSC define (git-fixes). - x86/hyperv: Improve code for referencing hyperv_pcpu_input_arg (git-fixes). - x86/hyperv: Make hv_get_nmi_reason public (git-fixes). - x86/hyperv: fix a warning in mshyperv.h (git-fixes). - x86/sev: Do not try to parse for the CC blob on non-AMD hardware (git-fixes). - x86/sev: Fix calculation of end address based on number of pages (git-fixes). - x86/sev: Use the GHCB protocol when available for SNP CPUID requests (git-fixes). - x86: Move gds_ucode_mitigated() declaration to header (git-fixes). - xfs: add attr state machine tracepoints (git-fixes). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - xfs: constify btree function parameters that are not modified (git-fixes). - xfs: convert AGF log flags to unsigned (git-fixes). - xfs: convert AGI log flags to unsigned (git-fixes). - xfs: convert attr type flags to unsigned (git-fixes). - xfs: convert bmap extent type flags to unsigned (git-fixes). - xfs: convert bmapi flags to unsigned (git-fixes). - xfs: convert btree buffer log flags to unsigned (git-fixes). - xfs: convert buffer flags to unsigned (git-fixes). - xfs: convert buffer log item flags to unsigned (git-fixes). - xfs: convert da btree operations flags to unsigned (git-fixes). - xfs: convert dquot flags to unsigned (git-fixes). - xfs: convert inode lock flags to unsigned (git-fixes). - xfs: convert log item tracepoint flags to unsigned (git-fixes). - xfs: convert log ticket and iclog flags to unsigned (git-fixes). - xfs: convert quota options flags to unsigned (git-fixes). - xfs: convert scrub type flags to unsigned (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'blkno', 'block', or 'bno' (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'count' (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'len' (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'offset' (git-fixes). - xfs: make the key parameters to all btree key comparison functions const (git-fixes). - xfs: make the key parameters to all btree query range functions const (git-fixes). - xfs: make the keys and records passed to btree inorder functions const (git-fixes). - xfs: make the pointer passed to btree set_root functions const (git-fixes). - xfs: make the start pointer passed to btree alloc_block functions const (git-fixes). - xfs: make the start pointer passed to btree update_lastrec functions const (git-fixes). - xfs: mark the record passed into btree init_key functions as const (git-fixes). - xfs: mark the record passed into xchk_btree functions as const (git-fixes). - xfs: remove xfs_btree_cur_t typedef (git-fixes). - xfs: rename i_disk_size fields in ftrace output (git-fixes). - xfs: resolve fork names in trace output (git-fixes). - xfs: standardize AG block number formatting in ftrace output (git-fixes). - xfs: standardize AG number formatting in ftrace output (git-fixes). - xfs: standardize daddr formatting in ftrace output (git-fixes). - xfs: standardize inode generation formatting in ftrace output (git-fixes). - xfs: standardize inode number formatting in ftrace output (git-fixes). - xfs: standardize remaining xfs_buf length tracepoints (git-fixes). - xfs: standardize rmap owner number formatting in ftrace output (git-fixes). - xhci: Enable RPM on controllers that support low-power states (git-fixes). - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes). Important SUSE bug 1084909 SUSE bug 1207948 SUSE bug 1210447 SUSE bug 1214286 SUSE bug 1214700 SUSE bug 1214840 SUSE bug 1214976 SUSE bug 1215123 SUSE bug 1215124 SUSE bug 1215292 SUSE bug 1215420 SUSE bug 1215458 SUSE bug 1215710 SUSE bug 1215802 SUSE bug 1215931 SUSE bug 1216058 SUSE bug 1216105 SUSE bug 1216259 SUSE bug 1216527 SUSE bug 1216584 SUSE bug 1216687 SUSE bug 1216693 SUSE bug 1216759 SUSE bug 1216788 SUSE bug 1216844 SUSE bug 1216861 SUSE bug 1216909 SUSE bug 1216959 SUSE bug 1216965 SUSE bug 1216976 SUSE bug 1217036 SUSE bug 1217068 SUSE bug 1217086 SUSE bug 1217095 SUSE bug 1217124 SUSE bug 1217140 SUSE bug 1217147 SUSE bug 1217195 SUSE bug 1217196 SUSE bug 1217200 SUSE bug 1217205 SUSE bug 1217332 SUSE bug 1217366 SUSE bug 1217511 SUSE bug 1217515 SUSE bug 1217598 SUSE bug 1217599 SUSE bug 1217609 SUSE bug 1217687 SUSE bug 1217731 SUSE bug 1217780 CVE-2023-2006 at SUSE CVE-2023-2006 at NVD CVE-2023-25775 at SUSE CVE-2023-25775 at NVD CVE-2023-39197 at SUSE CVE-2023-39197 at NVD CVE-2023-39198 at SUSE CVE-2023-39198 at NVD CVE-2023-4244 at SUSE CVE-2023-4244 at NVD CVE-2023-45863 at SUSE CVE-2023-45863 at NVD CVE-2023-45871 at SUSE CVE-2023-45871 at NVD CVE-2023-46862 at SUSE CVE-2023-46862 at NVD CVE-2023-5158 at SUSE CVE-2023-5158 at NVD CVE-2023-5633 at SUSE CVE-2023-5633 at NVD CVE-2023-5717 at SUSE CVE-2023-5717 at NVD CVE-2023-6039 at SUSE CVE-2023-6039 at NVD CVE-2023-6176 at SUSE CVE-2023-6176 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2006: Fixed a race condition in the RxRPC network protocol (bsc#1210447). - CVE-2023-25775: Fixed improper access control in the Intel Ethernet Controller RDMA driver (bsc#1216959). - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215095) - CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). - CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). - CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). - CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). - CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). - CVE-2023-46813: Fixed SEV-ES local priv escalation (bsc#1212649). - CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo() (bsc#1216693). - CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710). - CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface (bsc#1216527). - CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). - CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in drivers/net/usb/lan78xx.c (bsc#1217068). - CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332). The following non-security bugs were fixed: - acpi: fpdt: properly handle invalid fpdt subtables (git-fixes). - acpi: resource: do irq override on tongfang gmxxgxx (git-fixes). - acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes). - acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes). - alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes). - alsa: hda/realtek - alc287 realtek i2s speaker platform support (git-fixes). - alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes). - alsa: hda/realtek: add quirk for asus ux7602zm (git-fixes). - alsa: hda/realtek: add quirks for asus 2024 zenbooks (git-fixes). - alsa: hda/realtek: add quirks for hp laptops (git-fixes). - alsa: hda/realtek: add support dual speaker for dell (git-fixes). - alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes). - alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes). - alsa: hda: asus um5302la: added quirks for cs35l41/10431a83 on i2c bus (git-fixes). - alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes). - alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes). - alsa: hda: disable power-save on kontron singlepc (bsc#1217140). - alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes). - alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes). - alsa: info: fix potential deadlock at disconnection (git-fixes). - alsa: usb-audio: add quirk flag to enable native dsd for mcintosh devices (git-fixes). - arm/xen: fix xen_vcpu_info allocation alignment (git-fixes). - arm64: add cortex-a520 cpu part definition (git-fixes) - arm64: allow kprobes on el0 handlers (git-fixes) - arm64: armv8_deprecated move emulation functions (git-fixes) - arm64: armv8_deprecated: fix unused-function error (git-fixes) - arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes) - arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes) - arm64: armv8_deprecated: rework deprected instruction handling (git-fixes) - arm64: consistently pass esr_elx to die() (git-fixes) - arm64: die(): pass 'err' as long (git-fixes) - arm64: factor insn read out of call_undef_hook() (git-fixes) - arm64: factor out el1 ssbs emulation hook (git-fixes) - arm64: report el1 undefs better (git-fixes) - arm64: rework bti exception handling (git-fixes) - arm64: rework el0 mrs emulation (git-fixes) - arm64: rework fpac exception handling (git-fixes) - arm64: split el0/el1 undef handlers (git-fixes) - arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes). - asoc: ams-delta.c: use component after check (git-fixes). - asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix (git-fixes). - asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes). - asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes). - asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes). - asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not described (git-fixes). - asoc: hdmi-codec: register hpd callback on component probe (git-fixes). - asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes). - asoc: rt5650: fix the wrong result of key button (git-fixes). - asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes). - asoc: sof: core: ensure sof_ops_free() is still called when probe never ran (git-fixes). - asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes). - ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes). - atl1c: work around the dma rx overflow issue (git-fixes). - atm: iphase: do pci error checks on own line (git-fixes). - blk-mq: do not clear driver tags own mapping (bsc#1217366). - blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() (bsc#1217366). - bluetooth: add device 0bda:887b to device tables (git-fixes). - bluetooth: add device 13d3:3571 to device tables (git-fixes). - bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes). - bluetooth: btusb: add date->evt_skb is null check (git-fixes). - bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-fixes). - bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-fixes). - btrfs: always log symlinks in full mode (bsc#1214840). - can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is accessed out of bounds (git-fixes). - can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes). - can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() (git-fixes). - can: isotp: add local echo tx processing for consecutive frames (git-fixes). - can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-fixes). - can: isotp: fix tx state handling for echo tx processing (git-fixes). - can: isotp: handle wait_event_interruptible() return values (git-fixes). - can: isotp: isotp_bind(): return -einval on incorrect can id formatting (git-fixes). - can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-fixes). - can: isotp: remove re-binding of bound socket (git-fixes). - can: isotp: sanitize can id checks in isotp_bind() (git-fixes). - can: isotp: set max pdu size to 64 kbyte (git-fixes). - can: isotp: split tx timer into transmission and timeout (git-fixes). - can: sja1000: fix comment (git-fixes). - clk: imx: imx8mq: correct error handling path (git-fixes). - clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes). - clk: imx: select mxc_clk for clk_imx8qxp (git-fixes). - clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes). - clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes). - clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes). - clk: npcm7xx: fix incorrect kfree (git-fixes). - clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies (git-fixes). - clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes). - clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes). - clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-fixes). - clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-fixes). - clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes). - clk: sanitize possible_parent_show to handle return value of of_clk_get_parent_name (git-fixes). - clk: scmi: free scmi_clk allocated when the clocks with invalid info are skipped (git-fixes). - clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes). - clk: ti: change ti_clk_register[_omap_hw]() api (git-fixes). - clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes). - clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes). - clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-fixes). - clocksource/drivers/timer-atmel-tcb: fix initialization on sam9 hardware (git-fixes). - clocksource/drivers/timer-imx-gpt: fix potential memory leak (git-fixes). - crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes). - crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes). - crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes). - disable loongson drivers loongson is a mips architecture, it does not make sense to build loongson drivers on other architectures. - dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-fixes). - dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-fixes). - dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes). - dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes). - docs: net: move the probe and open/close sections of driver.rst up (bsc#1215458). - docs: net: reformat driver.rst from a list to sections (bsc#1215458). - docs: net: use c syntax highlight in driver.rst (bsc#1215458). - documentation: networking: correct possessive 'its' (bsc#1215458). - drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-fixes). - drm/amd/display: avoid null dereference of timing generator (git-fixes). - drm/amd/display: change the dmcub mailbox memory location from fb to inbox (git-fixes). - drm/amd/display: refactor dm_get_plane_scale helper (git-fixes). - drm/amd/display: remove useless check in should_enable_fbc() (git-fixes). - drm/amd/display: use full update for clip size increase of large plane source (git-fixes). - drm/amd/pm: handle non-terminated overdrive commands (git-fixes). - drm/amd: disable aspm for vi w/ all intel systems (git-fixes). - drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-fixes). - drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes). - drm/amd: move helper for dynamic speed switch check out of smu13 (git-fixes). - drm/amd: update `update_pcie_parameters` functions to use uint8_t arguments (git-fixes). - drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes). - drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802). - drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-fixes). - drm/amdgpu: do not use atrm for external devices (git-fixes). - drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null (git-fixes). - drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes). - drm/amdgpu: fix potential null pointer derefernce (git-fixes). - drm/amdgpu: fix software pci_unplug on some chips (git-fixes). - drm/amdgpu: not to save bo in the case of ras err_event_athub (git-fixes). - drm/amdgpu: remove unnecessary domain argument (git-fixes). - drm/amdgpu: reserve fences for vm update (git-fixes). - drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802). - drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-fixes). - drm/amdkfd: fix shift out-of-bounds issue (git-fixes). - drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code (git-fixes). - drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in drm_bridge_state (git-fixes). - drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes). - drm/bridge: lt8912b: fix bridge_detach (git-fixes). - drm/bridge: lt8912b: fix crash on bridge detach (git-fixes). - drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-fixes). - drm/bridge: lt8912b: register and attach our dsi device at probe (git-fixes). - drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes). - drm/bridge: lt9611uxc: fix the race in the error path (git-fixes). - drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-fixes). - drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes). - drm/bridge: tc358768: clean up clock period code (git-fixes). - drm/bridge: tc358768: disable non-continuous clock mode (git-fixes). - drm/bridge: tc358768: fix bit updates (git-fixes). - drm/bridge: tc358768: fix tc358768_ns_to_cnt() (git-fixes). - drm/bridge: tc358768: fix use of uninitialized variable (git-fixes). - drm/bridge: tc358768: print logical values, not raw register values (git-fixes). - drm/bridge: tc358768: remove unused variable (git-fixes). - drm/bridge: tc358768: rename dsibclk to hsbyteclk (git-fixes). - drm/bridge: tc358768: use dev for dbg prints, not priv->dev (git-fixes). - drm/bridge: tc358768: use struct videomode (git-fixes). - drm/dp_mst: fix null deref in get_mst_branch_device_by_guid_helper() (git-fixes). - drm/gma500: fix call trace when psb_gem_mm_init() fails (git-fixes). - drm/gud: use size_add() in call to struct_size() (git-fixes). - drm/i915/pmu: check if pmu is closed before stopping event (git-fixes). - drm/i915: fix potential spectre vulnerability (git-fixes). - drm/i915: flush wc ggtt only on required platforms (git-fixes). - drm/komeda: drop all currently held locks if deadlock happens (git-fixes). - drm/mediatek: fix iommu fault by swapping fbs after updating plane state (git-fixes). - drm/mediatek: fix iommu fault during crtc enabling (git-fixes). - drm/mipi-dsi: create devm device attachment (git-fixes). - drm/mipi-dsi: create devm device registration (git-fixes). - drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes). - drm/msm/dsi: free tx buffer in unbind (git-fixes). - drm/msm/dsi: use msm_gem_kernel_put to free tx buffer (git-fixes). - drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-fixes). - drm/panel: fix a possible null pointer dereference (git-fixes). - drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes). - drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes). - drm/panel: st7703: pick different reset sequence (git-fixes). - drm/qxl: prevent memory leak (git-fixes). - drm/radeon: fix a possible null pointer dereference (git-fixes). - drm/radeon: possible buffer overflow (git-fixes). - drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-fixes). - drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-fixes). - drm/rockchip: vop: fix call to crtc reset helper (git-fixes). - drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-fixes). - drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-fixes). - drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes). - drm/ttm: reorder sys manager cleanup step (git-fixes). - drm/vc4: fix typo (git-fixes). - drm/vmwgfx: remove the duplicate bo_free function (bsc#1216527) - drm/vmwgfx: rename vmw_buffer_object to vmw_bo (bsc#1216527) - drm: bridge: it66121: fix invalid connector dereference (git-fixes). - drm: mediatek: mtk_dsi: fix no_eot_packet settings/handling (git-fixes). - drm: vmwgfx_surface.c: copy user-array safely (git-fixes). - dt-bindings: usb: hcd: add missing phy name to example (git-fixes). - dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes). - ensure ia32_emulation is always enabled for kernel-obs-build if ia32_emulation is disabled by default, ensure it is enabled back for obs kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the parameter, no need to grep through the config which may not be very reliable] - fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes). - fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes). - fbdev: imsttfb: fix a resource leak in probe (git-fixes). - fbdev: imsttfb: fix double free in probe() (git-fixes). - fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes). - fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-fixes). - fbdev: omapfb: drop unused remove function (git-fixes). - fbdev: uvesafb: call cn_del_callback() at the end of uvesafb_exit() (git-fixes). - firewire: core: fix possible memory leak in create_units() (git-fixes). - firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-fixes). - fix termination state for idr_for_each_entry_ul() (git-fixes). - fix x86/mm: print the encryption features in hyperv is disabled - gpio: mockup: fix kerneldoc (git-fixes). - gpio: mockup: remove unused field (git-fixes). - gpu: host1x: correct allocated size for contexts (git-fixes). - hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes). - hid: cp2112: fix duplicate workqueue initialization (git-fixes). - hid: hyperv: avoid struct memcpy overrun warning (git-fixes). - hid: hyperv: remove unused struct synthhid_msg (git-fixes). - hid: hyperv: replace one-element array with flexible-array member (git-fixes). - hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround (git-fixes). - hid: logitech-hidpp: do not restart io, instead defer hid_connect() only (git-fixes). - hid: logitech-hidpp: move get_wireless_feature_index() check to hidpp_connect_event() (git-fixes). - hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes). - hid: logitech-hidpp: revert 'do not restart communication if not necessary' (git-fixes). - hv: simplify sysctl registration (git-fixes). - hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (git-fixes). - hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes). - hv_netvsc: fix race of register_netdevice_notifier and vf register (git-fixes). - hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes). - hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-fixes). - i2c: aspeed: fix i2c bus hang in slave read (git-fixes). - i2c: core: run atomic i2c xfer when !preemptible (git-fixes). - i2c: designware: disable tx_empty irq while waiting for block length byte (git-fixes). - i2c: dev: copy userspace array safely (git-fixes). - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-fixes). - i2c: iproc: handle invalid slave state (git-fixes). - i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes). - i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes). - i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes). - i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes). - i2c: sun6i-p2wi: prevent potential division by zero (git-fixes). - i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-fixes). - i3c: master: cdns: fix reading status register (git-fixes). - i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-fixes). - i3c: master: svc: fix check wrong status register in irq handler (git-fixes). - i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes). - i3c: master: svc: fix race condition in ibi work thread (git-fixes). - i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-fixes). - i3c: master: svc: fix wrong data return when ibi happen during start frame (git-fixes). - i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-fixes). - i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes). - idpf: add controlq init and reset checks (bsc#1215458). - idpf: add core init and interrupt request (bsc#1215458). - idpf: add create vport and netdev configuration (bsc#1215458). - idpf: add ethtool callbacks (bsc#1215458). - idpf: add module register and probe functionality (bsc#1215458). - idpf: add ptypes and mac filter support (bsc#1215458). - idpf: add rx splitq napi poll support (bsc#1215458). - idpf: add singleq start_xmit and napi poll (bsc#1215458). - idpf: add splitq start_xmit (bsc#1215458). - idpf: add sriov support and other ndo_ops (bsc#1215458). - idpf: add tx splitq napi poll support (bsc#1215458). - idpf: cancel mailbox work in error path (bsc#1215458). - idpf: configure resources for rx queues (bsc#1215458). - idpf: configure resources for tx queues (bsc#1215458). - idpf: fix potential use-after-free in idpf_tso() (bsc#1215458). - idpf: initialize interrupts and enable vport (bsc#1215458). - idpf: set scheduling mode for completion queue (bsc#1215458). - iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-fixes). - iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds (git-fixes). - iio: exynos-adc: request second interupt only when touchscreen mode is used (git-fixes). - input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (git-fixes). - input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-fixes). - input: xpad - add vid for turtle beach controllers (git-fixes). - irqchip/stm32-exti: add missing dt irq flag translation (git-fixes). - kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is built since sle15-sp3 but it is not shipped as part of any sle product, only in leap (in kernel-*-optional). - kernel-binary: suse-module-tools is also required when installed requires(pre) adds dependency for the specific sciptlet. however, suse-module-tools also ships modprobe.d files which may be needed at posttrans time or any time the kernel is on the system for generating ramdisk. add plain requires as well. - kernel-source: move provides after sources - kernel/fork: beware of __put_task_struct() calling context (bsc#1216761). - leds: pwm: do not disable the pwm when the led should be off (git-fixes). - leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu' (git-fixes). - leds: turris-omnia: do not use smbus calls (git-fixes). - lsm: fix default return value for inode_getsecctx (git-fixes). - lsm: fix default return value for vm_enough_memory (git-fixes). - media: bttv: fix use after free error due to btv->timeout timer (git-fixes). - media: ccs: correctly initialise try compose rectangle (git-fixes). - media: ccs: fix driver quirk struct documentation (git-fixes). - media: cedrus: fix clock/reset sequence (git-fixes). - media: cobalt: use field_get() to extract link width (git-fixes). - media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes). - media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes). - media: imon: fix access to invalid resource for the second interface (git-fixes). - media: lirc: drop trailing space from scancode transmit (git-fixes). - media: qcom: camss: fix missing vfe_lite clocks check (git-fixes). - media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes). - media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes). - media: qcom: camss: fix vfe_get() error jump (git-fixes). - media: sharp: fix sharp encoding (git-fixes). - media: siano: drop unnecessary error check for debugfs_create_dir/file() (git-fixes). - media: venus: hfi: add checks to handle capabilities from firmware (git-fixes). - media: venus: hfi: add checks to perform sanity on queue pointers (git-fixes). - media: venus: hfi: fix the check to handle session buffer requirement (git-fixes). - media: venus: hfi_parser: add check to keep the number of codecs within range (git-fixes). - media: vidtv: mux: add check and kfree for kstrdup (git-fixes). - media: vidtv: psi: add check for kstrdup (git-fixes). - media: vivid: avoid integer overflow (git-fixes). - mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-fixes). - mfd: core: ensure disabled devices are skipped without aborting (git-fixes). - mfd: dln2: fix double put in dln2_probe (git-fixes). - misc: fastrpc: clean buffers on remote invocation failures (git-fixes). - misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-fixes). - mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237, git-fixes). - mmc: block: be sure to wait while busy in cqe error recovery (git-fixes). - mmc: block: do not lose cache flush during cqe error recovery (git-fixes). - mmc: block: retry commands in cqe error recovery (git-fixes). - mmc: cqhci: fix task clearing in cqe error recovery (git-fixes). - mmc: cqhci: increase recovery halt timeout (git-fixes). - mmc: cqhci: warn of halt or task clear failure (git-fixes). - mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes). - mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-fixes). - mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-fixes). - mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes). - mmc: vub300: fix an error code (git-fixes). - modpost: fix tee module_device_table built on big-endian host (git-fixes). - mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes). - mtd: cfi_cmdset_0001: byte swap otp info (git-fixes). - mtd: rawnand: arasan: include ecc syndrome along with in-band data while checking for ecc failure (git-fixes). - net-memcg: fix scope of sockmem pressure indicators (bsc#1216759). - net: add macro netif_subqueue_completed_wake (bsc#1215458). - net: avoid address overwrite in kernel_connect (bsc#1216861). - net: fix use-after-free in tw_timer_handler (bsc#1217195). - net: ieee802154: adf7242: fix some potential buffer overflow in adf7242_stats_show() (git-fixes). - net: mana: fix return type of mana_start_xmit() (git-fixes). - net: piggy back on the memory barrier in bql when waking queues (bsc#1215458). - net: provide macros for commonly copied lockless queue stop/wake code (bsc#1215458). - net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-fixes). - net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git-fixes). - nfs: fix access to page->mapping (bsc#1216788). - nvme: update firmware version after commit (bsc#1215292). - pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes). - pci/sysfs: protect driver's d3cold preference from user space (git-fixes). - pci: disable ats for specific intel ipu e2000 devices (bsc#1215458). - pci: extract ats disabling to a helper function (bsc#1215458). - pci: exynos: do not discard .remove() callback (git-fixes). - pci: keystone: do not discard .probe() callback (git-fixes). - pci: keystone: do not discard .remove() callback (git-fixes). - pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git-fixes). - pci: tegra194: use field_get()/field_prep() with link width fields (git-fixes). - pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes). - pci: use field_get() to extract link width (git-fixes). - pci: vmd: correct pci header type register's multi-function check (git-fixes). - pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes). - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() (git-fixes). - pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes). - pinctrl: avoid reload of p state in list iteration (git-fixes). - platform/x86/intel-uncore-freq: return error on write frequency (bsc#1217147). - platform/x86/intel-uncore-freq: split common and enumeration part (bsc#1217147). - platform/x86/intel-uncore-freq: support for cluster level controls (bsc#1217147). - platform/x86/intel-uncore-freq: tpmi: provide cluster level control (bsc#1217147). - platform/x86/intel-uncore-freq: uncore frequency control via tpmi (bsc#1217147). - platform/x86/intel/tpmi: add tpmi external interface for tpmi feature drivers (bsc#1217147). - platform/x86/intel/tpmi: fix double free reported by smatch (bsc#1217147). - platform/x86/intel/tpmi: process cpu package mapping (bsc#1217147). - platform/x86/intel/uncore-freq: display uncore current frequency (bsc#1217147). - platform/x86/intel/uncore-freq: move to uncore-frequency folder (bsc#1217147). - platform/x86/intel/uncore-freq: use sysfs api to create attributes (bsc#1217147). - platform/x86/intel/vsec: add tpmi id (bsc#1217147). - platform/x86/intel/vsec: enhance and export intel_vsec_add_aux() (bsc#1217147). - platform/x86/intel/vsec: support private data (bsc#1217147). - platform/x86/intel/vsec: use mutex for ida_alloc() and ida_free() (bsc#1217147). - platform/x86/intel: intel tpmi enumeration driver (bsc#1217147). - platform/x86/intel: tpmi: fix double free in tpmi_create_device() (bsc#1217147). - platform/x86: intel-uncore-freq: add client processors (bsc#1217147). - platform/x86: intel-uncore-freq: conditionally create attribute for read frequency (bsc#1217147). - platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes (bsc#1217147). - platform/x86: intel-uncore-freq: prevent driver loading in guests (bsc#1217147). - platform/x86: intel-uncore-freq: use sysfs_emit() to instead of scnprintf() (bsc#1217147). - platform/x86: intel-uncore-frequency: move to intel sub-directory (bsc#1217147). - platform/x86: intel-uncore-frequency: use default_groups in kobj_type (bsc#1217147). - platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git-fixes). - platform/x86: wmi: fix opening of char device (git-fixes). - platform/x86: wmi: fix probe failure when failing to register wmi devices (git-fixes). - platform/x86: wmi: remove unnecessary initializations (git-fixes). - pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes). - pm: hibernate: use __get_safe_page() rather than touching the list (git-fixes). - powerpc/perf/hv-24x7: update domain value check (bsc#1215931). - powerpc/vas: limit open window failure messages in log bufffer (bsc#1216687 ltc#203927). - powerpc: do not clobber f0/vs0 during fp|altivec register save (bsc#1217780). - pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes). - pwm: fix double shift bug (git-fixes). - pwm: sti: reduce number of allocations and drop usage of chip_data (git-fixes). - quota: fix slow quotaoff (bsc#1216621). - r8152: cancel hw_phy_work if we have an error in probe (git-fixes). - r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes). - r8152: check for unplug in rtl_phy_patch_request() (git-fixes). - r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes). - r8152: release firmware if we have an error in probe (git-fixes). - r8152: run the unload routine if we have errors during probe (git-fixes). - regmap: debugfs: fix a erroneous check after snprintf() (git-fixes). - regmap: ensure range selector registers are updated after cache sync (git-fixes). - regmap: prevent noinc writes from clobbering cache (git-fixes). - revert 'i2c: pxa: move to generic gpio recovery' (git-fixes). - revert 'mmc: core: capture correct oemid-bits for emmc cards' (git-fixes). - revert 'tracing: fix warning in trace_buffered_event_disable()' (bsc#1217036) - revert amdgpu patches that caused a regression (bsc#1215802) - rpm/check-for-config-changes: add as_wruss to ignored_configs_re add as_wruss as an ignored_configs_re entry in check-for-config-changes to fix build on x86_32. there was a fix submitted to upstream but it was not accepted: https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.local/ so carry this in ignored_configs_re instead. - rpm/check-for-config-changes: add have_shadow_call_stack to ignored_configs_re not supported by our compiler. - rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage - run scripts/renamepatches for sle15-sp4 - s390/ap: fix ap bus crash on early config change callback invocation (git-fixes bsc#1217687). - s390/cio: unregister device when the only path is gone (git-fixes bsc#1217609). - s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086). - s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997 bsc#1217086). - s390/cmma: fix initial kernel address space page table walk (ltc#203997 bsc#1217086). - s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205). - s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629 bsc#1215124). - s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217515). - s390/dasd: use correct number of retries for erp requests (git-fixes bsc#1217598). - s390/ipl: add missing ipl_type_eckd_dump case to ipl_init() (git-fixes bsc#1217511). - s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (bsc#1214976 git-fixes). - s390/mm: add missing arch_set_page_dat() call to gmap allocations (ltc#203997 bsc#1217086). - s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (ltc#203997 bsc#1217086). - s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200). - s390/ptrace: fix ptrace_get_last_break error handling (git-fixes bsc#1217599). - sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196). - sbitmap: fix up kabi for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196). - sbsa_gwdt: calculate timeout with 64-bit math (git-fixes). - scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731). - scsi: lpfc: correct maximum pci function value for ras fw logging (bsc#1217731). - scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss() (bsc#1217731). - scsi: lpfc: enhance driver logging for selected discovery events (bsc#1217731). - scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi() (bsc#1217731). - scsi: lpfc: fix possible file string name overflow when updating firmware (bsc#1217731). - scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124). - scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731). - scsi: lpfc: reject received prlis with only initiator fcn role for npiv ports (bsc#1217124). - scsi: lpfc: remove unnecessary zero return code assignment in lpfc_sli4_hba_setup (bsc#1217124). - scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading (bsc#1217731). - scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci offline (bsc#1217124). - scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124). - scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731). - scsi: lpfc: validate els ls_acc completion payload (bsc#1217124). - scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes). - scsi: qla2xxx: use field_get() to extract pcie capability fields (git-fixes). - selftests/efivarfs: create-read: fix a resource leak (git-fixes). - selftests/pidfd: fix ksft print formats (git-fixes). - selftests/resctrl: ensure the benchmark commands fits to its array (git-fixes). - selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git-fixes). - selftests/resctrl: remove duplicate feature check from cmt test (git-fixes). - seq_buf: fix a misleading comment (git-fixes). - serial: exar: revert 'serial: exar: add support for sealevel 7xxxc serial cards' (git-fixes). - serial: meson: use platform_get_irq() to get the interrupt (git-fixes). - soc: qcom: llcc: handle a second device without data corruption (git-fixes). - spi: nxp-fspi: use the correct ioremap function (git-fixes). - spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes). - spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes). - staging: media: ipu3: remove ftrace-like logging (git-fixes). - string.h: add array-wrappers for (v)memdup_user() (git-fixes). - supported.conf: marked idpf supported - thermal: core: prevent potential string overflow (git-fixes). - treewide: spelling fix in comment (git-fixes). - tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes). - tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes). - tty: 8250: add support for additional brainboxes px cards (git-fixes). - tty: 8250: add support for additional brainboxes uc cards (git-fixes). - tty: 8250: add support for brainboxes up cards (git-fixes). - tty: 8250: add support for intashield is-100 (git-fixes). - tty: 8250: add support for intashield ix cards (git-fixes). - tty: 8250: fix port count of px-257 (git-fixes). - tty: 8250: fix up px-803/px-857 (git-fixes). - tty: 8250: remove uc-257 and uc-431 (git-fixes). - tty: fix uninit-value access in ppp_sync_receive() (git-fixes). - tty: n_gsm: fix race condition in status line change on dead connections (git-fixes). - tty: serial: meson: fix hard lockup on crtscts mode (git-fixes). - tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes). - tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes). - update ath11k hibernation fix patch set (bsc#1207948) - update metadata s390-ipl-add-missing-secure-has_secure-file-to-ipl-type-unknown (bsc#1214976 git-fixes). - usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes). - usb: chipidea: fix dma overwrite for tegra (git-fixes). - usb: chipidea: simplify tegra dma alignment code (git-fixes). - usb: dwc2: fix possible null pointer dereference caused by driver concurrency (git-fixes). - usb: dwc2: write hcint with intmask applied (bsc#1214286). - usb: dwc3: fix default mode initialization (git-fixes). - usb: dwc3: qcom: fix acpi platform device leak (git-fixes). - usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes). - usb: dwc3: qcom: fix software node leak on probe errors (git-fixes). - usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes). - usb: dwc3: set the dma max_seg_size (git-fixes). - usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes). - usb: raw-gadget: properly handle interrupted requests (git-fixes). - usb: serial: option: add fibocom l7xx modules (git-fixes). - usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes). - usb: serial: option: fix fm101r-gl defines (git-fixes). - usb: storage: set 1.50 as the lower bcddevice for older 'super top' compatibility (git-fixes). - usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git-fixes). - usb: typec: tcpm: skip hard reset when in error recovery (git-fixes). - usb: usbip: fix stub_dev hub disconnect (git-fixes). - virtchnl: add virtchnl version 2 ops (bsc#1215458). - wifi: ath10k: do not touch the ce interrupt registers after power up (git-fixes). - wifi: ath10k: fix clang-specific fortify warning (git-fixes). - wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes). - wifi: ath11k: fix dfs radar event locking (git-fixes). - wifi: ath11k: fix gtk offload status event locking (git-fixes). - wifi: ath11k: fix htt pktlog locking (git-fixes). - wifi: ath11k: fix temperature event locking (git-fixes). - wifi: ath9k: fix clang-specific fortify warnings (git-fixes). - wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-fixes). - wifi: iwlwifi: empty overflow queue during flush (git-fixes). - wifi: iwlwifi: honor the enable_ini value (git-fixes). - wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes). - wifi: iwlwifi: use fw rate for non-data frames (git-fixes). - wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-fixes). - wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes). - wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes). - wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes). - wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file() (git-fixes). - x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes). - x86/cpu: clear svm feature if disabled by bios (bsc#1214700). - x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes). - x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git-fixes). - x86/hyperv: add hv_expose_invariant_tsc define (git-fixes). - x86/hyperv: fix a warning in mshyperv.h (git-fixes). - x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes). - x86/hyperv: make hv_get_nmi_reason public (git-fixes). - x86/sev: do not try to parse for the cc blob on non-amd hardware (git-fixes). - x86/sev: fix calculation of end address based on number of pages (git-fixes). - x86/sev: use the ghcb protocol when available for snp cpuid requests (git-fixes). - x86: move gds_ucode_mitigated() declaration to header (git-fixes). - xfs: add attr state machine tracepoints (git-fixes). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - xfs: constify btree function parameters that are not modified (git-fixes). - xfs: convert agf log flags to unsigned (git-fixes). - xfs: convert agi log flags to unsigned (git-fixes). - xfs: convert attr type flags to unsigned (git-fixes). - xfs: convert bmap extent type flags to unsigned (git-fixes). - xfs: convert bmapi flags to unsigned (git-fixes). - xfs: convert btree buffer log flags to unsigned (git-fixes). - xfs: convert buffer flags to unsigned (git-fixes). - xfs: convert buffer log item flags to unsigned (git-fixes). - xfs: convert da btree operations flags to unsigned (git-fixes). - xfs: convert dquot flags to unsigned (git-fixes). - xfs: convert inode lock flags to unsigned (git-fixes). - xfs: convert log item tracepoint flags to unsigned (git-fixes). - xfs: convert log ticket and iclog flags to unsigned (git-fixes). - xfs: convert quota options flags to unsigned (git-fixes). - xfs: convert scrub type flags to unsigned (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'blkno', 'block', or 'bno' (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'count' (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'len' (git-fixes). - xfs: disambiguate units for ftrace fields tagged 'offset' (git-fixes). - xfs: make the key parameters to all btree key comparison functions const (git-fixes). - xfs: make the key parameters to all btree query range functions const (git-fixes). - xfs: make the keys and records passed to btree inorder functions const (git-fixes). - xfs: make the pointer passed to btree set_root functions const (git-fixes). - xfs: make the start pointer passed to btree alloc_block functions const (git-fixes). - xfs: make the start pointer passed to btree update_lastrec functions const (git-fixes). - xfs: mark the record passed into btree init_key functions as const (git-fixes). - xfs: mark the record passed into xchk_btree functions as const (git-fixes). - xfs: remove xfs_btree_cur_t typedef (git-fixes). - xfs: rename i_disk_size fields in ftrace output (git-fixes). - xfs: resolve fork names in trace output (git-fixes). - xfs: standardize ag block number formatting in ftrace output (git-fixes). - xfs: standardize ag number formatting in ftrace output (git-fixes). - xfs: standardize daddr formatting in ftrace output (git-fixes). - xfs: standardize inode generation formatting in ftrace output (git-fixes). - xfs: standardize inode number formatting in ftrace output (git-fixes). - xfs: standardize remaining xfs_buf length tracepoints (git-fixes). - xfs: standardize rmap owner number formatting in ftrace output (git-fixes). - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes). - xhci: enable rpm on controllers that support low-power states (git-fixes). Important SUSE bug 1207948 SUSE bug 1210447 SUSE bug 1212649 SUSE bug 1214286 SUSE bug 1214700 SUSE bug 1214840 SUSE bug 1214976 SUSE bug 1215095 SUSE bug 1215123 SUSE bug 1215124 SUSE bug 1215292 SUSE bug 1215420 SUSE bug 1215458 SUSE bug 1215710 SUSE bug 1215802 SUSE bug 1215931 SUSE bug 1216058 SUSE bug 1216105 SUSE bug 1216259 SUSE bug 1216527 SUSE bug 1216584 SUSE bug 1216621 SUSE bug 1216687 SUSE bug 1216693 SUSE bug 1216759 SUSE bug 1216761 SUSE bug 1216788 SUSE bug 1216844 SUSE bug 1216861 SUSE bug 1216909 SUSE bug 1216959 SUSE bug 1216965 SUSE bug 1216976 SUSE bug 1217036 SUSE bug 1217068 SUSE bug 1217086 SUSE bug 1217095 SUSE bug 1217124 SUSE bug 1217140 SUSE bug 1217147 SUSE bug 1217195 SUSE bug 1217196 SUSE bug 1217200 SUSE bug 1217205 SUSE bug 1217332 SUSE bug 1217366 SUSE bug 1217511 SUSE bug 1217515 SUSE bug 1217598 SUSE bug 1217599 SUSE bug 1217609 SUSE bug 1217687 SUSE bug 1217731 SUSE bug 1217780 CVE-2023-2006 at SUSE CVE-2023-2006 at NVD CVE-2023-25775 at SUSE CVE-2023-25775 at NVD CVE-2023-3777 at SUSE CVE-2023-3777 at NVD CVE-2023-39197 at SUSE CVE-2023-39197 at NVD CVE-2023-39198 at SUSE CVE-2023-39198 at NVD CVE-2023-4244 at SUSE CVE-2023-4244 at NVD CVE-2023-45863 at SUSE CVE-2023-45863 at NVD CVE-2023-45871 at SUSE CVE-2023-45871 at NVD CVE-2023-46813 at SUSE CVE-2023-46813 at NVD CVE-2023-46862 at SUSE CVE-2023-46862 at NVD CVE-2023-5158 at SUSE CVE-2023-5158 at NVD CVE-2023-5633 at SUSE CVE-2023-5633 at NVD CVE-2023-5717 at SUSE CVE-2023-5717 at NVD CVE-2023-6039 at SUSE CVE-2023-6039 at NVD CVE-2023-6176 at SUSE CVE-2023-6176 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3-cryptography (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS#7 bundle (bsc#1217592). Moderate SUSE bug 1217592 CVE-2023-49083 at SUSE CVE-2023-49083 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Important) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2023-2731: Fix null pointer deference in LZWDecode() (bsc#1211478). - CVE-2023-1916: Fix out-of-bounds read in extractImageSection() (bsc#1210231). - CVE-2023-26965: Fix heap-based use after free in loadImage() (bsc#1212398). - CVE-2022-40090: Fix infinite loop in TIFFReadDirectory() (bsc#1214680). Important SUSE bug 1199483 SUSE bug 1210231 SUSE bug 1211478 SUSE bug 1212398 SUSE bug 1214680 CVE-2022-1622 at SUSE CVE-2022-1622 at NVD CVE-2022-40090 at SUSE CVE-2022-40090 at NVD CVE-2023-1916 at SUSE CVE-2023-1916 at NVD CVE-2023-26965 at SUSE CVE-2023-26965 at NVD CVE-2023-2731 at SUSE CVE-2023-2731 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ncurses (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ncurses fixes the following issues: - CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014) - Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384) Moderate SUSE bug 1201384 SUSE bug 1218014 CVE-2023-50495 at SUSE CVE-2023-50495 at NVD cpe:/o:suse:sle-micro:5.5 Security update for avahi (Moderate) SUSE Linux Enterprise Micro 5.5 This update for avahi fixes the following issues: - CVE-2023-38472: Fixed reachable assertion in avahi_rdata_parse (bsc#1216853). Moderate SUSE bug 1216853 CVE-2023-38472 at SUSE CVE-2023-38472 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssh (Important) SUSE Linux Enterprise Micro 5.5 This update for openssh fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity (bsc#1217950). the following non-security bug was fixed: - Fix the 'no route to host' error when connecting via ProxyJump Important SUSE bug 1214788 SUSE bug 1217950 CVE-2023-48795 at SUSE CVE-2023-48795 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker, rootlesskit (Important) SUSE Linux Enterprise Micro 5.5 This update for docker, rootlesskit fixes the following issues: docker: - Update to Docker 24.0.7-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/#2407>. bsc#1217513 * Deny containers access to /sys/devices/virtual/powercap by default. - CVE-2020-8694 bsc#1170415 - CVE-2020-8695 bsc#1170446 - CVE-2020-12912 bsc#1178760 - Update to Docker 24.0.6-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/#2406 . bsc#1215323 - Add a docker.socket unit file, but with socket activation effectively disabled to ensure that Docker will always run even if you start the socket individually. Users should probably just ignore this unit file. bsc#1210141 - Update to Docker 24.0.5-ce. See upstream changelong online at https://docs.docker.com/engine/release-notes/24.0/#2405 . bsc#1213229 This update ships docker-rootless support in the docker-rootless-extra package. (jsc#PED-6180) rootlesskit: - new package, for docker rootless support. (jsc#PED-6180) Important SUSE bug 1170415 SUSE bug 1170446 SUSE bug 1178760 SUSE bug 1210141 SUSE bug 1213229 SUSE bug 1213500 SUSE bug 1215323 SUSE bug 1217513 CVE-2020-12912 at SUSE CVE-2020-12912 at NVD CVE-2020-8694 at SUSE CVE-2020-8694 at NVD CVE-2020-8695 at SUSE CVE-2020-8695 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-46836: Fixed BTC/SRSO fixes not fully effective (bsc#1216807). - CVE-2023-46835: Fixed mismatch in IOMMU quarantine page table levels on x86/AMD (bsc#1216654). Update to Xen 4.17.3 bug fix release (bsc#1027519). Important SUSE bug 1027519 SUSE bug 1216654 SUSE bug 1216807 CVE-2023-46835 at SUSE CVE-2023-46835 at NVD CVE-2023-46836 at SUSE CVE-2023-46836 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ppp (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ppp fixes the following issues: - CVE-2022-4603: Fixed improper validation of array index of the component pppdump (bsc#1218251). Moderate SUSE bug 1218251 CVE-2022-4603 at SUSE CVE-2022-4603 at NVD cpe:/o:suse:sle-micro:5.5 Security update for jbigkit (Low) SUSE Linux Enterprise Micro 5.5 This update for jbigkit fixes the following issues: - CVE-2022-1210: Fixed denial of service in TIFF File Handler (bsc#1198146). Low SUSE bug 1198146 CVE-2022-1210 at SUSE CVE-2022-1210 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange (bsc#1217277). Moderate SUSE bug 1217277 CVE-2023-5981 at SUSE CVE-2023-5981 at NVD cpe:/o:suse:sle-micro:5.5 Security update for shadow (Moderate) SUSE Linux Enterprise Micro 5.5 This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507). - CVE-2023-4641: Fixed possible password leak during passwd(1) change (bsc#1214806). The following non-security bugs were fixed: - bsc#1176006: Fix chage date miscalculation - bsc#1188307: Fix passwd segfault - bsc#1203823: Remove pam_keyinit from PAM config files - bsc#1213189: Change lock mechanism to file locking to prevent lock files after power interruptions - bsc#1206627: Add --prefix support to passwd, chpasswd and chage - bsc#1205502: useradd audit event user id field cannot be interpretedd Moderate SUSE bug 1144060 SUSE bug 1176006 SUSE bug 1188307 SUSE bug 1203823 SUSE bug 1205502 SUSE bug 1206627 SUSE bug 1210507 SUSE bug 1213189 SUSE bug 1214806 CVE-2023-29383 at SUSE CVE-2023-29383 at NVD CVE-2023-4641 at SUSE CVE-2023-4641 at NVD cpe:/o:suse:sle-micro:5.5 Security update for avahi (Moderate) SUSE Linux Enterprise Micro 5.5 This update for avahi fixes the following issues: - CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name (bsc#1216594). - CVE-2023-38469: Fixed reachable assertions in avahi (bsc#1216598). Moderate SUSE bug 1216594 SUSE bug 1216598 CVE-2023-38469 at SUSE CVE-2023-38469 at NVD CVE-2023-38471 at SUSE CVE-2023-38471 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libvirt (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libvirt fixes the following issues: - CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815) - CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces() (bsc#1221468). - CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus (bsc#1221237) - qemu: domain: Fix logic when tainting domain (bsc#1220512) - conf: Remove some firmware validation checks (bsc#1216980) - libxl: Fix connection to modular network daemon (bsc#1214223) Moderate SUSE bug 1214223 SUSE bug 1216980 SUSE bug 1220512 SUSE bug 1221237 SUSE bug 1221468 SUSE bug 1221815 CVE-2024-1441 at SUSE CVE-2024-1441 at NVD CVE-2024-2494 at SUSE CVE-2024-2494 at NVD CVE-2024-2496 at SUSE CVE-2024-2496 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-28746: Register File Data Sampling (bsc#1221332) - CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334) - CVE-2023-46841: Hhadow stack vs exceptions from emulation stubs (bsc#1219885) Moderate SUSE bug 1027519 SUSE bug 1219885 SUSE bug 1221332 SUSE bug 1221334 CVE-2023-28746 at SUSE CVE-2023-28746 at NVD CVE-2023-46841 at SUSE CVE-2023-46841 at NVD CVE-2024-2193 at SUSE CVE-2024-2193 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value (bsc#1220062). - CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command (bsc#1220134). - CVE-2023-6693: Fixed stack buffer overflow in virtio_net_flush_tx() (bsc#1218484). - CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read() (bsc#1209554). - CVE-2024-26328: Fixed invalid NumVFs value handled in NVME SR/IOV implementation (bsc#1220065). The following non-security bug was fixed: - Removing in-use mediated device should fail with error message instead of hang (bsc#1205316). Important SUSE bug 1205316 SUSE bug 1209554 SUSE bug 1218484 SUSE bug 1220062 SUSE bug 1220065 SUSE bug 1220134 CVE-2023-1544 at SUSE CVE-2023-1544 at NVD CVE-2023-6693 at SUSE CVE-2023-6693 at NVD CVE-2024-24474 at SUSE CVE-2024-24474 at NVD CVE-2024-26327 at SUSE CVE-2024-26327 at NVD CVE-2024-26328 at SUSE CVE-2024-26328 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Important) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559) - CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289) Important SUSE bug 1219559 SUSE bug 1221289 CVE-2023-52425 at SUSE CVE-2023-52425 at NVD CVE-2024-28757 at SUSE CVE-2024-28757 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ncurses (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ncurses fixes the following issues: - CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). Moderate SUSE bug 1220061 CVE-2023-45918 at SUSE CVE-2023-45918 at NVD cpe:/o:suse:sle-micro:5.5 Security update for c-ares (Moderate) SUSE Linux Enterprise Micro 5.5 This update for c-ares fixes the following issues: - CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). Moderate SUSE bug 1220279 CVE-2024-25629 at SUSE CVE-2024-25629 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Updated to Intel CPU Microcode 20240312 release. (bsc#1221323) - CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access - CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access. - CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access. - CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel? SGX may allow a privileged user to potentially enable information disclosure via local access. Moderate SUSE bug 1221323 CVE-2023-22655 at SUSE CVE-2023-22655 at NVD CVE-2023-28746 at SUSE CVE-2023-28746 at NVD CVE-2023-38575 at SUSE CVE-2023-38575 at NVD CVE-2023-39368 at SUSE CVE-2023-39368 at NVD CVE-2023-43490 at SUSE CVE-2023-43490 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677) Important SUSE bug 1221677 CVE-2024-1753 at SUSE CVE-2024-1753 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447). - CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946). - CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559). - CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237). - CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947). - CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335). - CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258). - CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253). - CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938). - CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250). The following non-security bugs were fixed: - Documentation: KVM: add separate directories for architecture-specific documentation (jsc#PED-7167). - Documentation: KVM: update amd-memory-encryption.rst references (jsc#PED-7167). - Documentation: KVM: update msr.rst reference (jsc#PED-7167). - Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167). - Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167). - Documentation: drop more IDE boot options and ide-cd.rst (git-fixes). - Documentation: qat: Use code block for qat sysfs example (git-fixes). - Drop Documentation/ide/ (git-fixes). - Fix crash on screen resize (bsc#1218229) - Fix drm gem object underflow (bsc#1218092) - KVM: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167). - KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218056). - KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933). - Revert 'PCI/ASPM: Remove pcie_aspm_pm_state_change()' (git-fixes). - Revert 'PCI: acpiphp: Reassign resources on bridge if necessary' (git-fixes). - Revert 'md: unlock mddev before reap sync_thread in action_store' (git-fixes). - Revert 'swiotlb: panic if nslabs is too small' (git-fixes). - Revert 'xhci: Loosen RPM as default policy to cover for AMD xHC 1.1' (git-fixes). - USB: serial: ftdi_sio: update Actisense PIDs constant names (git-fixes). - USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes). - USB: serial: option: add Quectel EG912Y module support (git-fixes). - USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes). - Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces - acpi: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (git-fixes). - acpi: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects (git-fixes). - acpica: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes). - afs: Fix afs_server_list to be cleaned up with RCU (git-fixes). - afs: Fix dynamic root lookup DNS check (git-fixes). - afs: Fix file locking on R/O volumes to operate in local mode (git-fixes). - afs: Fix overwriting of result of DNS query (git-fixes). - afs: Fix refcount underflow from error handling race (git-fixes). - afs: Fix the dynamic root's d_delete to always delete unused dentries (git-fixes). - afs: Fix use-after-free due to get/remove race in volume tree (git-fixes). - afs: Make error on cell lookup failure consistent with OpenAFS (git-fixes). - afs: Return ENOENT if no cell DNS record can be found (git-fixes). - alsa: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro (git-fixes). - alsa: hda/hdmi: add force-connect quirk for NUC5CPYB (git-fixes). - alsa: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (git-fixes). - alsa: hda/realtek: Add Framework laptop 16 to quirks (git-fixes). - alsa: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes). - alsa: hda/realtek: Add supported ALC257 for ChromeOS (git-fixes). - alsa: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes). - alsa: hda/realtek: Enable headset on Lenovo M90 Gen5 (git-fixes). - alsa: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (git-fixes). - alsa: hda/realtek: Headset Mic VREF to 100% (git-fixes). - alsa: hda/realtek: add new Framework laptop to quirks (git-fixes). - alsa: hda/realtek: enable SND_PCI_QUIRK for hp pavilion 14-ec1xxx series (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for a HP ZBook (git-fixes). - alsa: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes). - alsa: hda: intel-dsp-cfg: add LunarLake support (git-fixes). - alsa: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes). - alsa: seq: oss: Fix racy open/close of MIDI devices (git-fixes). - alsa: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes). - alsa: usb-audio: Increase delay in MOTU M quirk (git-fixes). - apparmor: Free up __cleanup() name (jsc#PED-7167). - arm64: dts: arm: add missing cache properties (git-fixes) - arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes) - arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes) - arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes) - arm64: kdump: Skip kmemleak scan reserved memory for kdump (jsc#PED-7167). - arm64: mm: Fix 'rodata=on' when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes) - arm: oMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (git-fixes). - arm: pL011: Fix DMA support (git-fixes). - asoc: fsl_rpmsg: Fix error handler with pm_runtime_enable (git-fixes). - asoc: hdmi-codec: fix missing report for jack initial status (git-fixes). - asoc: meson: g12a-toacodec: Fix event generation (git-fixes). - asoc: meson: g12a-toacodec: Validate written enum values (git-fixes). - asoc: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (git-fixes). - asoc: meson: g12a-tohdmitx: Validate written enum values (git-fixes). - asoc: wm_adsp: fix memleak in wm_adsp_buffer_populate (git-fixes). - bitmap: unify find_bit operations (jsc#PED-7167). - block: fix revalidate performance regression (bsc#1216057). - bluetooth: Fix deadlock in vhci_send_frame (git-fixes). - bluetooth: L2CAP: Send reject on command corrupted request (git-fixes). - bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (git-fixes). - bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 (bsc#1218461). - bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (git-fixes). - bluetooth: hci_event: shut up a false-positive warning (git-fixes). - bluetooth: hci_qca: Fix the teardown problem for real (git-fixes). - bnxt: do not handle XDP in netpoll (jsc#PED-1495). - bnxt_en: Clear resource reservation during resume (jsc#PED-1495). - bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic (jsc#PED-1495). - bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495). - bnxt_en: Fix page pool logic for page size >= 64K (jsc#PED-1495). - bnxt_en: Fix wrong return value check in bnxt_close_nic() (jsc#PED-1495). - bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI (jsc#PED-1495). - bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes). - bus: ti-sysc: Flush posted write only after srst_udelay (git-fixes). - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1217980). - ceph: fix type promotion bug on 32bit systems (bsc#1217982). - cleanup: Make no_free_ptr() __must_check (jsc#PED-7167). - clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885 bsc#1217217). - clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested (bsc#1215885 bsc#1217217). - clocksource: Handle negative skews in 'skew is too large' messages (bsc#1215885 bsc#1217217). - clocksource: Improve 'skew is too large' messages (bsc#1215885 bsc#1217217). - clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217). - clocksource: Loosen clocksource watchdog constraints (bsc#1215885 bsc#1217217). - clocksource: Print clocksource name when clocksource is tested unstable (bsc#1215885 bsc#1217217). - clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885 bsc#1217217). - configfs-tsm: Introduce a shared ABI for attestation reports (jsc#PED-7167). - crypto: ccp - Add SEV_INIT rc error logging on init (jsc#PED-7167). - crypto: ccp - Add SEV_INIT_EX support (jsc#PED-7167). - crypto: ccp - Add a header for multiple drivers to use `__psp_pa` (jsc#PED-7167). - crypto: ccp - Add a quirk to firmware update (jsc#PED-7167). - crypto: ccp - Add psp_init_on_probe module parameter (jsc#PED-7167). - crypto: ccp - Drop TEE support for IRQ handler (jsc#PED-7167). - crypto: ccp - Ensure psp_ret is always init'd in __sev_platform_init_locked() (jsc#PED-7167). - crypto: ccp - Fail the PSP initialization when writing psp data file failed (jsc#PED-7167). - crypto: ccp - Fix the INIT_EX data file open failure (jsc#PED-7167). - crypto: ccp - Fix whitespace in sev_cmd_buffer_len() (jsc#PED-7167). - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (jsc#PED-7167). - crypto: ccp - Initialize PSP when reading psp data file failed (jsc#PED-7167). - crypto: ccp - Log when resetting PSP SEV state (jsc#PED-7167). - crypto: ccp - Move SEV_INIT retry for corrupted data (jsc#PED-7167). - crypto: ccp - Move some PSP mailbox bit definitions into common header (jsc#PED-7167). - crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (jsc#PED-7167). - crypto: ccp - Refactor out sev_fw_alloc() (jsc#PED-7167). - crypto: ccp - remove unneeded semicolon (jsc#PED-7167). - crypto: ccp: Get rid of __sev_platform_init_locked()'s local function pointer (jsc#PED-7167). - dm verity: initialize fec io before freeing it (git-fixes). - dm-verity: do not use blocking calls from tasklets (git-fixes). - dm: add cond_resched() to dm_wq_requeue_work() (git-fixes). - dm: do not attempt to queue IO under RCU protection (git-fixes). - dm: fix __send_duplicate_bios() to always allow for splitting IO (bsc#1215952). - dm: fix improper splitting for abnormal bios (bsc#1215952). - dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter (git-fixes). - dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776). - dmaengine: ioat: Free up __cleanup() name (jsc#PED-7167). - doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021) - doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021) - doc/README.SUSE: Simplify the list of references (jsc#PED-5021) - drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (git-fixes). - drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (bsc#1212139). - drm/amdgpu: Add EEPROM I2C address support for ip discovery (git-fixes). - drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes). - drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes). - drm/amdgpu: Decouple RAS EEPROM addresses from chips (git-fixes). - drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes). - drm/amdgpu: Remove second moot switch to set EEPROM I2C address (git-fixes). - drm/amdgpu: Return from switch early for EEPROM I2C address (git-fixes). - drm/amdgpu: Update EEPROM I2C address for smu v13_0_0 (git-fixes). - drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10 (git-fixes). - drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes). - drm/amdgpu: correct the amdgpu runtime dereference usage count (git-fixes). - drm/amdgpu: fix tear down order in amdgpu_vm_pt_free (git-fixes). - drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes). - drm/bridge: parade-ps8640: Never store more than msg->size bytes in AUX xfer (git-fixes). - drm/bridge: ps8640: Fix size mismatch warning w/ len (git-fixes). - drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS (git-fixes). - drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer (git-fixes). - drm/i915/display: Drop check for doublescan mode in modevalid (git-fixes). - drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (git-fixes). - drm/i915/dpt: Only do the POT stride remap when using DPT (git-fixes). - drm/i915/lvds: Use REG_BIT() & co (git-fixes). - drm/i915/mtl: limit second scaler vertical scaling in ver >= 14 (git-fixes). - drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo (git-fixes). - drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (git-fixes). - drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes). - drm/i915: Reject async flips with bigjoiner (git-fixes). - drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes). - drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal() (jsc#PED-7167). - drm/mediatek: Add spinlock for setting vblank event in atomic_begin (git-fixes). - drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (git-fixes). - efi/libstub: Implement support for unaccepted memory (jsc#PED-7167). - efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory (jsc#PED-7167). - efi/unaccepted: Fix off-by-one when checking for overlapping ranges (jsc#PED-7167). - efi/unaccepted: Fix soft lockups caused by parallel memory acceptance (jsc#PED-7167). - efi/unaccepted: Make sure unaccepted table is mapped (jsc#PED-7167). - efi/unaccepted: Use ACPI reclaim memory for unaccepted memory table (jsc#PED-7167). - efi/x86: Get full memory map in allocate_e820() (jsc#PED-7167). - efi: Add unaccepted memory support (jsc#PED-7167). - efi: libstub: avoid efi_get_memory_map() for allocating the virt map (jsc#PED-7167). - efi: libstub: install boot-time memory map as config table (jsc#PED-7167). - efi: libstub: remove DT dependency from generic stub (jsc#PED-7167). - efi: libstub: remove pointless goto kludge (jsc#PED-7167). - efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap (jsc#PED-7167). - efi: libstub: unify initrd loading between architectures (jsc#PED-7167). - floppy: fix MAX_ORDER usage (jsc#PED-7167). - fprobe: Fix to ensure the number of active retprobes is not zero (git-fixes). - fs/jfs: Add check for negative db_l2nbperpage (git-fixes). - fs/jfs: Add validity check for db_maxag and db_agpref (git-fixes). - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (git-fixes). - fs/remap: constrain dedupe of EOF blocks (git-fixes). - fs: avoid empty option when generating legacy mount string (git-fixes). - fs: fix an infinite loop in iomap_fiemap (git-fixes). - fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes). - genwqe: fix MAX_ORDER usage (jsc#PED-7167). - gfs2: Add wrapper for iomap_file_buffered_write (git-fixes). - gfs2: Check sb_bsize_shift after reading superblock (git-fixes). - gfs2: Clean up function may_grant (git-fixes). - gfs2: Fix filesystem block deallocation for short writes (git-fixes). - gfs2: Fix gfs2_release for non-writers regression (git-fixes). - gfs2: Fix inode height consistency check (git-fixes). - gfs2: Fix length of holes reported at end-of-file (git-fixes). - gfs2: Fix possible data races in gfs2_show_options() (git-fixes). - gfs2: Improve gfs2_make_fs_rw error handling (git-fixes). - gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes). - gfs2: Silence 'suspicious RCU usage in gfs2_permission' warning (git-fixes). - gfs2: Switch from strlcpy to strscpy (git-fixes). - gfs2: fix an oops in gfs2_permission (git-fixes). - gfs2: gfs2_setattr_size error path fix (git-fixes). - gfs2: ignore negated quota changes (git-fixes). - gfs2: jdata writepage fix (git-fixes). - gfs2: use i_lock spin_lock for inode qadata (git-fixes). - gpiolib: sysfs: Fix error handling on failed export (git-fixes). - gve: Fixes for napi_poll when budget is 0 (git-fixes). - gve: Use size_add() in call to struct_size() (git-fixes). - hid: add ALWAYS_POLL quirk for Apple kb (git-fixes). - hid: glorious: fix Glorious Model I HID report (git-fixes). - hid: hid-asus: add const to read-only outgoing usb buffer (git-fixes). - hid: hid-asus: reset the backlight brightness level on resume (git-fixes). - hid: lenovo: Restrict detection of patched firmware only to USB cptkbd (git-fixes). - hid: multitouch: Add quirk for HONOR GLO-GXXX touchpad (git-fixes). - hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes). - hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (git-fixes). - i2c: aspeed: Handle the coalesced stop conditions with the start conditions (git-fixes). - i2c: core: Fix atomic xfer check for non-preempt config (git-fixes). - i2c: designware: Fix corrupted memory seen in the ISR (git-fixes). - i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372). - i40e: Fix VF VLAN offloading when port VLAN is configured (jsc#PED-372). - i40e: Fix unexpected MFS warning message (jsc#PED-372). - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (jsc#PED-372). - i40e: fix misleading debug logs (jsc#PED-372). - i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() (jsc#PED-372). - i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372). - i40e: prevent crash on probe if hw registers have invalid values (jsc#PED-372). - ib/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes) - ib/mlx5: Fix rdma counter binding for RAW QP (git-fixes) - igb: Avoid starting unnecessary workqueues (jsc#PED-370). - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370). - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (jsc#PED-370). - igb: clean up in all error paths when enabling SR-IOV (jsc#PED-370). - igb: disable virtualization features on 82580 (jsc#PED-370). - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370). - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-375). - igc: Expose tx-usecs coalesce setting to user (jsc#PED-375). - igc: Fix ambiguity in the ethtool advertising (jsc#PED-375). - igc: Fix infinite initialization loop with early XDP redirect (jsc#PED-375). - igc: Fix the typo in the PTM Control macro (jsc#PED-375). - iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (git-fixes). - iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (git-fixes). - iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (git-fixes). - iio: triggered-buffer: prevent possible freeing of wrong buffer (git-fixes). - input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN (git-fixes). - input: ipaq-micro-keys - add error handling for devm_kmemdup (git-fixes). - input: soc_button_array - add mapping for airplane mode button (git-fixes). - input: xpad - add HyperX Clutch Gladiate Support (git-fixes). - interconnect: Treat xlate() returning NULL node as an error (git-fixes). - iomap: Fix iomap_dio_rw return value for user copies (git-fixes). - iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (jsc#PED-7167). - iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes). - jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes). - jfs: fix array-index-out-of-bounds in diAlloc (git-fixes). - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount (git-fixes). - jfs: validate max amount of blocks before allocation (git-fixes). - kABI: Preserve the type of rethook::handler (git-fixes). - kABI: restore void return to typec_altmode_attention (git-fixes). - kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes, as used only locally for asus-wmi stuff - kabi/severities: make snp_issue_guest_request PASS (jsc#PED-7167) - kabi: fix of_reserved_mem_* due to struct vm_struct became defined (jsc#PED-7167). - kabi: fix sev-dev due to fs_struct became defined (jsc#PED-7167). - kabi: fix struct efi after adding unaccepted memory table (jsc#PED-7167). - kabi: fix struct zone kabi after adding unaccepted_pages and NR_UNACCEPTED (jsc#PED-7167). - kbuild: Drop -Wdeclaration-after-statement (jsc#PED-7167). - kconfig: fix memory leak from range properties (git-fixes). - kernel-source: Remove config-options.changes (jsc#PED-5021) - kprobes: consistent rcu api usage for kretprobe holder (git-fixes). - lib/vsprintf: Fix %pfwf when current node refcount == 0 (git-fixes). - libceph: use kernel_connect() (bsc#1217981). - locking: Introduce __cleanup() based infrastructure (jsc#PED-7167). - locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes). - md/bitmap: do not set max_write_behind if there is no write mostly device (git-fixes). - md/md-bitmap: hold 'reconfig_mutex' in backlog_store() (git-fixes). - md/md-bitmap: remove unnecessary local variable in backlog_store() (git-fixes). - md/raid0: add discard support for the 'original' layout (git-fixes). - md/raid10: do not call bio_start_io_acct twice for bio which experienced read error (git-fixes). - md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (git-fixes). - md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes). - md/raid10: fix io loss while replacement replace rdev (git-fixes). - md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes). - md/raid10: fix memleak for 'conf->bio_split' (git-fixes). - md/raid10: fix memleak of md thread (git-fixes). - md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes). - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes). - md/raid10: fix overflow of md/safe_mode_delay (git-fixes). - md/raid10: fix task hung in raid10d (git-fixes). - md/raid10: fix the condition to call bio_end_io_acct() (git-fixes). - md/raid10: fix wrong setting of max_corr_read_errors (git-fixes). - md/raid10: prevent soft lockup while flush writes (git-fixes). - md/raid10: use dereference_rdev_and_rrdev() to get devices (git-fixes). - md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes). - md/raid1: free the r1bio before waiting for blocked rdev (git-fixes). - md/raid1: hold the barrier until handle_read_error() finishes (git-fixes). - md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes). - md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() (git-fixes). - md/raid5: fix miscalculation of 'end_sector' in raid5_read_one_chunk() (git-fixes). - md: Put the right device in md_seq_next (bsc#1217822). - md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes). - md: avoid signed overflow in slot_store() (git-fixes). - md: do not update recovery_cp when curr_resync is ACTIVE (git-fixes). - md: drop queue limitation for RAID1 and RAID10 (git-fixes). - md: raid0: account for split bio in iostat accounting (git-fixes). - md: raid10 add nowait support (git-fixes). - md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes). - md: restore 'noio_flag' for the last mddev_resume() (git-fixes). - md: select BLOCK_LEGACY_AUTOLOAD (git-fixes). - memblock: exclude MEMBLOCK_NOMAP regions from kmemleak (jsc#PED-7167). - memblock: make memblock_find_in_range method private (jsc#PED-7167). - misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write (git-fixes). - misc: mei: client.c: return negative error code in mei_cl_write (git-fixes). - mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files. - mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks (jsc#PED-7167). - mm/pgtable: Fix multiple -Wstringop-overflow warnings (jsc#PED-7167). - mm/slab: Add __free() support for kvfree (jsc#PED-7167). - mm/slub: fix MAX_ORDER usage in calculate_order() (jsc#PED-7167). - mm: Add PAGE_ALIGN_DOWN macro (jsc#PED-7167). - mm: Add support for unaccepted memory (jsc#PED-7167). - mm: add pageblock_align() macro (jsc#PED-7167). - mm: add pageblock_aligned() macro (jsc#PED-7167). - mm: avoid passing 0 to __ffs() (jsc#PED-7167). - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515). - mm: move kvmalloc-related functions to slab.h (jsc#PED-7167). - mm: new primitive kvmemdup() (jsc#PED-7167). - mm: reuse pageblock_start/end_pfn() macro (jsc#PED-7167). - mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes). - mmc: rpmb: fixes pause retune on all RPMB partitions (git-fixes). - mmc: sdhci-sprd: Fix eMMC init failure after hw reset (git-fixes). - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (git-fixes). - net/rose: Fix Use-After-Free in rose_ioctl (git-fixes). - net/smc: Fix pos miscalculation in statistics (bsc#1218139). - net/tg3: fix race condition in tg3_reset_task() (bsc#1217801). - net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes). - net: bnxt: fix a potential use-after-free in bnxt_init_tc (jsc#PED-1495). - net: ena: Destroy correct number of xdp queues upon failure (git-fixes). - net: ena: Fix XDP redirection error (git-fixes). - net: ena: Fix xdp drops handling due to multibuf packets (git-fixes). - net: ena: Flush XDP packets on error (git-fixes). - net: mana: select PAGE_POOL (git-fixes). - net: rfkill: gpio: set GPIO direction (git-fixes). - net: usb: ax88179_178a: avoid failed operations when device is disconnected (git-fixes). - net: usb: ax88179_178a: clean up pm calls (git-fixes). - net: usb: ax88179_178a: wol optimizations (git-fixes). - net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes). - nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local (git-fixes). - nfs: Fix O_DIRECT locking issues (bsc#1211162). - nfs: Fix a few more clear_bit() instances that need release semantics (bsc#1211162). - nfs: Fix a potential data corruption (bsc#1211162). - nfs: Fix a use after free in nfs_direct_join_group() (bsc#1211162). - nfs: Fix error handling for O_DIRECT write scheduling (bsc#1211162). - nfs: More O_DIRECT accounting fixes for error paths (bsc#1211162). - nfs: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162). - nfs: Use the correct commit info in nfs_join_page_group() (bsc#1211162). - nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162). - nilfs2: fix missing error check for sb_set_blocksize call (git-fixes). - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (git-fixes). - nlm: Defend against file_lock changes after vfs_test_lock() (bsc#1217692). - null_blk: fix poll request timeout handling (git-fixes). - nvme-core: check for too small lba shift (bsc#1214117). - nvme-pci: Add sleep quirk for Kingston drives (git-fixes). - nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev (git-fixes). - nvme-pci: do not set the NUMA node of device if it has none (git-fixes). - nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes). - nvme-rdma: do not try to stop unallocated queues (git-fixes). - nvme: sanitize metadata bounce buffer for reads (git-fixes). - nvmet-auth: complete a request only after freeing the dhchap pointers (git-fixes). - of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem (jsc#PED-7167). - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes). - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (git-fixes). - orangefs: Fix sysfs not cleanup when dev init failed (git-fixes). - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (git-fixes). - padata: Fix refcnt handling in padata_free_shell() (git-fixes). - parport: Add support for Brainboxes IX/UC/PX parallel cards (git-fixes). - pci: loongson: Limit MRRS to 256 (git-fixes). - perf/core: fix MAX_ORDER usage in rb_alloc_aux_page() (jsc#PED-7167). - pinctrl: at91-pio4: use dedicated lock class for IRQ (git-fixes). - platform/surface: aggregator: fix recv_buf() return value (git-fixes). - platform/x86: asus-wmi: Add support for ROG X13 tablet mode (git-fixes). - platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (git-fixes). - platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (git-fixes). - platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code (git-fixes). - platform/x86: asus-wmi: Simplify tablet-mode-switch handling (git-fixes). - platform/x86: asus-wmi: Simplify tablet-mode-switch probing (git-fixes). - platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct wmi_driver (git-fixes). - platform/x86: wmi: Skip blocks with zero instances (git-fixes). - powerpc/pseries/vas: Migration suspend waits for no in-progress open windows (bsc#1218397 ltc#204523). - qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info (jsc#PED-1526). - qed: Fix a potential use-after-free in qed_cxt_tables_alloc (jsc#PED-1526). - qed: fix LL2 RX buffer allocation (jsc#PED-1526). - qede: fix firmware halt over suspend and resume (jsc#PED-1526). - qla2xxx: add debug log for deprecated hw detected (bsc#1216032). - r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes). - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes). - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (git-fixes). - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (git-fixes). - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes). - r8169: Fix PCI error on system resume (git-fixes). - rdma/bnxt_re: Correct module description string (jsc#PED-1495). - rdma/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes) - rdma/hfi1: Use FIELD_GET() to extract Link Width (git-fixes) - rdma/hfi1: Workaround truncation compilation error (git-fixes) - rdma/hns: Add check for SL (git-fixes) - rdma/hns: Fix printing level of asynchronous events (git-fixes) - rdma/hns: Fix signed-unsigned mixed comparisons (git-fixes) - rdma/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes) - rdma/hns: The UD mode can only be configured with DCQCN (git-fixes) - regmap: fix bogus error on regcache_sync success (git-fixes). - reiserfs: Check the return value from __getblk() (git-fixes). - reiserfs: Replace 1-element array with C99 style flex-array (git-fixes). - remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569). - reset: Fix crash when freeing non-existent optional resets (git-fixes). - restore renamed device IDs for USB HID devices (git-fixes). - rethook: Fix to use WRITE_ONCE() for rethook:: Handler (git-fixes). - rethook: Use __rcu pointer for rethook::handler (git-fixes). - ring-buffer: Do not try to put back write_stamp (git-fixes). - ring-buffer: Do not update before stamp when switching sub-buffers (git-fixes). - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (git-fixes). - ring-buffer: Fix memory leak of free page (git-fixes). - ring-buffer: Fix slowpath of interrupted event (git-fixes). - ring-buffer: Fix wake ups when buffer_percent is set to 100 (git-fixes). - ring-buffer: Fix writing to the buffer with max_data_size (git-fixes). - ring-buffer: Force absolute timestamp on discard of event (git-fixes). - ring-buffer: Have saved event hold the entire event (git-fixes). - ring-buffer: Remove useless update to write_stamp in rb_try_to_discard() (git-fixes). - s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218357). - scsi: lpfc: use unsigned type for num_sge (bsc#1214747). - serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (git-fixes). - serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (git-fixes). - serial: sc16is7xx: address RX timeout interrupt errata (git-fixes). - soundwire: stream: fix NULL pointer dereference for multi_link (git-fixes). - spi: atmel: Fix clock issue when using devices with different polarities (git-fixes). - statfs: enforce statfs[64] structure initialization (git-fixes). - supported.conf: add drivers/virt/coco/tsm (jsc#PED-7167) - swiotlb: always set the number of areas before allocating the pool (git-fixes). - swiotlb: do not panic! (git-fixes). - swiotlb: fix a braino in the alignment check fix (bsc#1216559). - swiotlb: fix debugfs reporting of reserved memory pools (git-fixes). - swiotlb: fix slot alignment checks (bsc#1216559). - swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes). - swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes). - swiotlb: reduce the number of areas to match actual memory pool size (git-fixes). - swiotlb: reduce the swiotlb buffer size on allocation failure (git-fixes). - swiotlb: use the calculated number of areas (git-fixes). - tracing / synthetic: Disable events after testing in synth_event_gen_test_init() (git-fixes). - tracing/kprobes: Fix the description of variable length arguments (git-fixes). - tracing/kprobes: Fix the order of argument descriptions (git-fixes). - tracing/perf: Add interrupt_context_level() helper (git-fixes). - tracing/synthetic: fix kernel-doc warnings (git-fixes). - tracing: Always update snapshot buffer size (git-fixes). - tracing: Disable preemption when using the filter buffer (bsc#1217036). - tracing: Disable snapshot buffer when stopping instance tracers (git-fixes). - tracing: Fix a possible race when disabling buffered events (bsc#1217036). - tracing: Fix a warning when allocating buffered events fails (bsc#1217036). - tracing: Fix blocked reader of snapshot buffer (git-fixes). - tracing: Fix incomplete locking when disabling buffered events (bsc#1217036). - tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036). - tracing: Have the user copy of synthetic event address use correct context (git-fixes). - tracing: Reuse logic from perf's get_recursion_context() (git-fixes). - tracing: Set actual size after ring buffer resize (git-fixes). - tracing: Stop current tracer when resizing buffer (git-fixes). - tracing: Update snapshot buffer on resize if it is allocated (git-fixes). - tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver() (bsc#1217036). - tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes). - uapi: propagate __struct_group() attributes to the container union (jsc#SLE-18978). - ubifs: Fix memory leak of bud->log_hash (git-fixes). - ubifs: fix possible dereference after free (git-fixes). - usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate 3.0 G3 (git-fixes). - usb: aqc111: check packet for fixup for true limit (git-fixes). - usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (git-fixes). - usb: host: xhci-plat: fix possible kernel oops while resuming (git-fixes). - usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes). - usb: typec: bus: verify partner exists in typec_altmode_attention (git-fixes). - usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). - usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325 (git-fixes). - virt/coco/sev-guest: Double-buffer messages (jsc#PED-7167). - virt: coco: Add a coco/Makefile and coco/Kconfig (jsc#PED-7167). - virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT (jsc#PED-7167). - virt: sevguest: Fix passing a stack buffer as a scatterlist target (jsc#PED-7167). - virt: sevguest: Prep for kernel internal get_ext_report() (jsc#PED-7167). - virt: tdx-guest: Add Quote generation support using TSM_REPORTS (jsc#PED-7167). - vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602). - wifi: cfg80211: Add my certificate (git-fixes). - wifi: cfg80211: fix certs build to not depend on file order (git-fixes). - wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (git-fixes). - wifi: iwlwifi: pcie: do not synchronize IRQs from IRQ (git-fixes). - wifi: mac80211: mesh: check element parsing succeeded (git-fixes). - wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes). - x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes). - x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes). - x86/alternatives: Disable interrupts and sync when optimizing NOPs in place (git-fixes). - x86/alternatives: Sync core before enabling interrupts (git-fixes). - x86/boot/compressed: Handle unaccepted memory (jsc#PED-7167). - x86/boot/compressed: Reserve more memory for page tables (git-fixes). - x86/boot: Add an efi.h header for the decompressor (jsc#PED-7167). - x86/boot: Centralize __pa()/__va() definitions (jsc#PED-7167). - x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes). - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes). - x86/cpu: Do not write CSTAR MSR on Intel CPUs (jsc#PED-7167). - x86/cpu: Fix amd_check_microcode() declaration (git-fixes). - x86/efi: Safely enable unaccepted memory in UEFI (jsc#PED-7167). - x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927). - x86/entry: Do not allow external 0x80 interrupts (bsc#1217927). - x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes). - x86/fpu: Invalidate FPU state correctly on exec() (git-fixes). - x86/platform/uv: Use alternate source for socket to node data (bsc#1215696 bsc#1217790). - x86/purgatory: Remove LTO flags (git-fixes). - x86/resctrl: Fix kernel-doc warnings (git-fixes). - x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (jsc#PED-7167). - x86/sev-es: Use insn_decode_mmio() for MMIO implementation (jsc#PED-7167). - x86/sev: Add SNP-specific unaccepted memory support (jsc#PED-7167). - x86/sev: Allow for use of the early boot GHCB for PSC requests (jsc#PED-7167). - x86/sev: Change npages to unsigned long in snp_accept_memory() (jsc#PED-7167). - x86/sev: Change snp_guest_issue_request()'s fw_err argument (jsc#PED-7167). - x86/sev: Fix address space sparse warning (jsc#PED-7167). - x86/sev: Get rid of special sev_es_enable_key (jsc#PED-7167). - x86/sev: Mark snp_abort() noreturn (jsc#PED-7167). - x86/sev: Put PSC struct on the stack in prep for unaccepted memory support (jsc#PED-7167). - x86/sev: Use large PSC requests if applicable (jsc#PED-7167). - x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes). - x86/srso: Add SRSO mitigation for Hygon processors (git-fixes). - x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes). - x86/srso: Fix vulnerability reporting for missing microcode (git-fixes). - x86/tdx: Add unaccepted memory support (jsc#PED-7167). - x86/tdx: Disable NOTIFY_ENABLES (jsc#PED-7167). - x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot stub (jsc#PED-7167). - x86/tdx: Refactor try_accept_one() (jsc#PED-7167). - x86/tdx: Relax SEPT_VE_DISABLE check for debug TD (jsc#PED-7167). - x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE (jsc#PED-7167). - x86/tsc: Add option to force frequency recalibration with HW timer (bsc#1215885 bsc#1217217). - x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217). - x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885 bsc#1217217). - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes). - xfs: Rename __xfs_attr_rmtval_remove (git-fixes). - xfs: Use kvcalloc() instead of kvzalloc() (git-fixes). - xfs: aborting inodes on shutdown may need buffer lock (git-fixes). - xfs: add selinux labels to whiteout inodes (git-fixes). - xfs: clean up '%Ld/%Lu' which does not meet C standard (git-fixes). - xfs: convert flex-array declarations in struct xfs_attrlist* (git-fixes). - xfs: convert flex-array declarations in xfs attr leaf blocks (git-fixes). - xfs: convert flex-array declarations in xfs attr shortform objects (git-fixes). - xfs: decode scrub flags in ftrace output (git-fixes). - xfs: dump log intent items that cannot be recovered due to corruption (git-fixes). - xfs: fix a bug in the online fsck directory leaf1 bestcount check (git-fixes). - xfs: fix agf_fllast when repairing an empty AGFL (git-fixes). - xfs: fix incorrect unit conversion in scrub tracepoint (git-fixes). - xfs: fix silly whitespace problems with kernel libxfs (git-fixes). - xfs: fix uninit warning in xfs_growfs_data (git-fixes). - xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes). - xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes). - xfs: remove kmem_alloc_io() (git-fixes). - xfs: remove the xfs_dinode_t typedef (git-fixes). - xfs: remove the xfs_dqblk_t typedef (git-fixes). - xfs: remove the xfs_dsb_t typedef (git-fixes). - xfs: rename xfs_has_attr() (git-fixes). - xfs: replace snprintf in show functions with sysfs_emit (git-fixes). - xfs: return EINTR when a fatal signal terminates scrub (git-fixes). - xfs: sb verifier does not handle uncached sb buffer (git-fixes). - xfs: simplify two-level sysctl registration for xfs_table (git-fixes). - xfs: sysfs: use default_groups in kobj_type (git-fixes). - xfs: use swap() to make dabtree code cleaner (git-fixes). - xhci: Clear EHB bit only at end of interrupt handler (git-fixes). Important SUSE bug 1179610 SUSE bug 1183045 SUSE bug 1211162 SUSE bug 1211226 SUSE bug 1212139 SUSE bug 1212584 SUSE bug 1214117 SUSE bug 1214747 SUSE bug 1214823 SUSE bug 1215237 SUSE bug 1215696 SUSE bug 1215885 SUSE bug 1215952 SUSE bug 1216032 SUSE bug 1216057 SUSE bug 1216559 SUSE bug 1216776 SUSE bug 1217036 SUSE bug 1217217 SUSE bug 1217250 SUSE bug 1217602 SUSE bug 1217692 SUSE bug 1217790 SUSE bug 1217801 SUSE bug 1217822 SUSE bug 1217927 SUSE bug 1217933 SUSE bug 1217938 SUSE bug 1217946 SUSE bug 1217947 SUSE bug 1217980 SUSE bug 1217981 SUSE bug 1217982 SUSE bug 1218056 SUSE bug 1218092 SUSE bug 1218139 SUSE bug 1218184 SUSE bug 1218229 SUSE bug 1218234 SUSE bug 1218253 SUSE bug 1218258 SUSE bug 1218335 SUSE bug 1218357 SUSE bug 1218397 SUSE bug 1218447 SUSE bug 1218461 SUSE bug 1218515 SUSE bug 1218559 SUSE bug 1218569 SUSE bug 1218643 CVE-2020-26555 at SUSE CVE-2020-26555 at NVD CVE-2023-51779 at SUSE CVE-2023-51779 at NVD CVE-2023-6121 at SUSE CVE-2023-6121 at NVD CVE-2023-6531 at SUSE CVE-2023-6531 at NVD CVE-2023-6546 at SUSE CVE-2023-6546 at NVD CVE-2023-6606 at SUSE CVE-2023-6606 at NVD CVE-2023-6610 at SUSE CVE-2023-6610 at NVD CVE-2023-6622 at SUSE CVE-2023-6622 at NVD CVE-2023-6931 at SUSE CVE-2023-6931 at NVD CVE-2023-6932 at SUSE CVE-2023-6932 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) - CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) Moderate SUSE bug 1221665 SUSE bug 1221667 CVE-2024-2004 at SUSE CVE-2024-2004 at NVD CVE-2024-2398 at SUSE CVE-2024-2398 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (Important) SUSE Linux Enterprise Micro 5.5 This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: - rebuild against current security and bugfixes. Important cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Important) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: - rebuild against current security updates - Install qemu-hw-usb-host to enable USB passthrough (bsc#1221538) - Group together arch specific parts of the code - Cleanup after writing config files with augtool Important SUSE bug 1221538 cpe:/o:suse:sle-micro:5.5 Security update for nghttp2 (Important) SUSE Linux Enterprise Micro 5.5 This update for nghttp2 fixes the following issues: - CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) Important SUSE bug 1221399 CVE-2024-28182 at SUSE CVE-2024-28182 at NVD cpe:/o:suse:sle-micro:5.5 Security update for util-linux (Important) SUSE Linux Enterprise Micro 5.5 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) Important SUSE bug 1207987 SUSE bug 1221831 CVE-2024-28085 at SUSE CVE-2024-28085 at NVD cpe:/o:suse:sle-micro:5.5 Security update for less (Important) SUSE Linux Enterprise Micro 5.5 This update for less fixes the following issues: - CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901). Important SUSE bug 1219901 CVE-2022-48624 at SUSE CVE-2022-48624 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746) - CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747) Other fixes: - jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtreads as there is also a pre-intitization done in the main thread (bsc#1221242) Moderate SUSE bug 1221242 SUSE bug 1221746 SUSE bug 1221747 CVE-2024-28834 at SUSE CVE-2024-28834 at NVD CVE-2024-28835 at SUSE CVE-2024-28835 at NVD cpe:/o:suse:sle-micro:5.5 Security update for vim (Important) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: Updated to version 9.1.0111, fixes the following security problems - CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316). - CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320). - CVE-2023-48233: overflow with count for :s command (bsc#1217321). - CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324). - CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235). - CVE-2023-48236: overflow in get_number (bsc#1217329). - CVE-2023-48237: overflow in shift_line (bsc#1217330). - CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432). - CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581). - CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005). Important SUSE bug 1215005 SUSE bug 1217316 SUSE bug 1217320 SUSE bug 1217321 SUSE bug 1217324 SUSE bug 1217326 SUSE bug 1217329 SUSE bug 1217330 SUSE bug 1217432 SUSE bug 1219581 CVE-2023-4750 at SUSE CVE-2023-4750 at NVD CVE-2023-48231 at SUSE CVE-2023-48231 at NVD CVE-2023-48232 at SUSE CVE-2023-48232 at NVD CVE-2023-48233 at SUSE CVE-2023-48233 at NVD CVE-2023-48234 at SUSE CVE-2023-48234 at NVD CVE-2023-48235 at SUSE CVE-2023-48235 at NVD CVE-2023-48236 at SUSE CVE-2023-48236 at NVD CVE-2023-48237 at SUSE CVE-2023-48237 at NVD CVE-2023-48706 at SUSE CVE-2023-48706 at NVD CVE-2024-22667 at SUSE CVE-2024-22667 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-46842: Fixed denial of service due to Xen bug check triggered by HVM hypercalls (XSA-454) in xen x86 (bsc#1221984) - CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455) in xen x86 (bsc#1222302) - CVE-2024-2201: Fixed memory disclosure via Native Branch History Injection (XSA-456) in xen x86 (bsc#1222453) Other fixes: - Update to Xen 4.17.4 (bsc#1027519) Moderate SUSE bug 1027519 SUSE bug 1221984 SUSE bug 1222302 SUSE bug 1222453 CVE-2023-46842 at SUSE CVE-2023-46842 at NVD CVE-2024-2201 at SUSE CVE-2024-2201 at NVD CVE-2024-31142 at SUSE CVE-2024-31142 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Important) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: - Improve the OrdinalPodInterfaceName mechanism (bsc#1222699) Also containers were rebuilt against the current released updates. Important SUSE bug 1222699 cpe:/o:suse:sle-micro:5.5 Security update for pam (Moderate) SUSE Linux Enterprise Micro 5.5 This update for pam fixes the following issues: - CVE-2024-22365: Fixed a local denial of service during PAM login due to a missing check during path manipulation (bsc#1218475). - Check localtime_r() return value to fix crashing (bsc#1217000) Moderate SUSE bug 1217000 SUSE bug 1218475 CVE-2024-22365 at SUSE CVE-2024-22365 at NVD cpe:/o:suse:sle-micro:5.5 Security update for shim (Important) SUSE Linux Enterprise Micro 5.5 This update for shim fixes the following issues: - Update shim-install to set the TPM2 SRK algorithm (bsc#1213945) - Limit the requirement of fde-tpm-helper-macros to the distro with suse_version 1600 and above (bsc#1219460) Update to version 15.8: Security issues fixed: - mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546) - avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547) - Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548) - Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549) - pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550) - pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551) The NX flag is disable which is same as the default value of shim-15.8, hence, not need to enable it by this patch now. - Generate dbx during build so we don't include binary files in sources - Don't require grub so shim can still be used with systemd-boot - Update shim-install to fix boot failure of ext4 root file system on RAID10 (bsc#1205855) - Adopt the macros from fde-tpm-helper-macros to update the signature in the sealed key after a bootloader upgrade - Update shim-install to amend full disk encryption support - Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector - Use the long name to specify the grub2 key protector - cryptodisk: support TPM authorized policies - Do not use tpm_record_pcrs unless the command is in command.lst - Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to enable the NX compatibility flag when using post-process-pe after discussed with grub2 experts in mail. It's useful for further development and testing. (bsc#1205588) Important SUSE bug 1198101 SUSE bug 1205588 SUSE bug 1205855 SUSE bug 1210382 SUSE bug 1213945 SUSE bug 1215098 SUSE bug 1215099 SUSE bug 1215100 SUSE bug 1215101 SUSE bug 1215102 SUSE bug 1215103 SUSE bug 1219460 CVE-2022-28737 at SUSE CVE-2022-28737 at NVD CVE-2023-40546 at SUSE CVE-2023-40546 at NVD CVE-2023-40547 at SUSE CVE-2023-40547 at NVD CVE-2023-40548 at SUSE CVE-2023-40548 at NVD CVE-2023-40549 at SUSE CVE-2023-40549 at NVD CVE-2023-40550 at SUSE CVE-2023-40550 at NVD CVE-2023-40551 at SUSE CVE-2023-40551 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Important) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: - iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) Important SUSE bug 1222992 CVE-2024-2961 at SUSE CVE-2024-2961 at NVD cpe:/o:suse:sle-micro:5.5 Security update for polkit (Low) SUSE Linux Enterprise Micro 5.5 This update for polkit fixes the following issues: - Change permissions for rules folders (bsc#1209282) Low SUSE bug 1209282 cpe:/o:suse:sle-micro:5.5 Security update for libssh (Important) SUSE Linux Enterprise Micro 5.5 This update for libssh fixes the following issues: Security fixes: - CVE-2023-6004: Fixed command injection using proxycommand (bsc#1218209) - CVE-2023-48795: Fixed potential downgrade attack using strict kex (bsc#1218126) - CVE-2023-6918: Fixed missing checks for return values of MD functions (bsc#1218186) - CVE-2023-1667: Fixed NULL dereference during rekeying with algorithm guessing (bsc#1211188) - CVE-2023-2283: Fixed possible authorization bypass in pki_verify_data_signature under low-memory conditions (bsc#1211190) Other fixes: - Update to version 0.9.8 - Allow @ in usernames when parsing from URI composes - Update to version 0.9.7 - Fix several memory leaks in GSSAPI handling code Important SUSE bug 1211188 SUSE bug 1211190 SUSE bug 1218126 SUSE bug 1218186 SUSE bug 1218209 CVE-2023-1667 at SUSE CVE-2023-1667 at NVD CVE-2023-2283 at SUSE CVE-2023-2283 at NVD CVE-2023-48795 at SUSE CVE-2023-48795 at NVD CVE-2023-6004 at SUSE CVE-2023-6004 at NVD CVE-2023-6918 at SUSE CVE-2023-6918 at NVD cpe:/o:suse:sle-micro:5.5 Security update for opensc (Moderate) SUSE Linux Enterprise Micro 5.5 This update for opensc fixes the following issues: - CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386) Moderate SUSE bug 1219386 CVE-2023-5992 at SUSE CVE-2023-5992 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cockpit-wicked (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cockpit-wicked fixes the following issues: - CVE-2023-26364: Fixed denial of service due to improper input validation during CSS parsing (bsc#1217325) Other fixes: - Update to version 5~git8.c06c55b. Moderate SUSE bug 1217325 CVE-2023-26364 at SUSE CVE-2023-26364 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2024-3447: Fixed heap buffer overflow in sdhci_write_dataport() (bsc#1222845) - CVE-2023-6683: Fixed NULL pointer dereference in qemu_clipboard_request() (bsc#1218889) - CVE-2024-3446: Fixed DMA reentrancy issue leads to double free vulnerability (bsc#1222843) - CVE-2023-3019: Fixed heap use-after-free in e1000e_write_packet_to_guest() (bsc#1213269) Important SUSE bug 1213269 SUSE bug 1218889 SUSE bug 1222843 SUSE bug 1222845 CVE-2023-3019 at SUSE CVE-2023-3019 at NVD CVE-2023-6683 at SUSE CVE-2023-6683 at NVD CVE-2024-3446 at SUSE CVE-2024-3446 at NVD CVE-2024-3447 at SUSE CVE-2024-3447 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-idna (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-idna fixes the following issues: - CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842). Moderate SUSE bug 1222842 CVE-2024-3651 at SUSE CVE-2024-3651 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openCryptoki (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openCryptoki fixes the following issues: Upgrade openCryptoki to version 3.23 (jsc#PED-3360, jsc#PED-3361) * EP11: Add support for FIPS-session mode * CVE-2024-0914: Updates to harden against RSA timing attacks (bsc#1219217) * Bug fixes - provide user(pkcs11) and group(pkcs11) Upgrade to version 3.22 (jsc#PED-3361) - CCA: Add support for the AES-XTS key type using CPACF protected keys - p11sak: Add support for managing certificate objects - p11sak: Add support for public sessions (no-login option) - p11sak: Add support for logging in as SO (security Officer) - p11sak: Add support for importing/exporting Edwards and Montgomery keys - p11sak: Add support for importing of RSA-PSS keys and certificates - CCA/EP11/Soft/ICA: Ensure that the 2 key parts of an AES-XTS key are different Update to version 3.21 (jsc#PED-3360, jsc#PED-3361) - EP11 and CCA: Support concurrent HSM master key changes - CCA: protected-key option - pkcsslotd: no longer run as root user and further hardening - p11sak: Add support for additional key types (DH, DSA, generic secret) - p11sak: Allow wildcards in label filter - p11sak: Allow to specify hex value for CKA_ID attribute - p11sak: Support sorting when listing keys - p11sak: New commands: set-key-attr, copy-key to modify and copy keys - p11sak: New commands: import-key, export-key to import and export keys - Remove support for --disable-locks (transactional memory) - Updates to harden against RSA timing attacks - Bug fixes Moderate SUSE bug 1219217 CVE-2024-0914 at SUSE CVE-2024-0914 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel mitigation, which led to incorrect selection of other CPU mitigations. The following security bugs were fixed: - CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). - CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478). - CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). - CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). - CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). - CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). - CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). - CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). - CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). - CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). - CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). - CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). - CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). - CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). - CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). - CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). - CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). - CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). - CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). - CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). - CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). - CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). - CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). - CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). - CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). - CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). - CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). - CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). - CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). - CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848). - CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). - CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). - CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). - CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). - CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). - CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). - CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). - CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). - CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325). - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). - CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). - CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). - CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). - CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). - CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). - CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). - CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). - CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). - CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). - CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). - CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). - CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). - CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). - CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). - CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). - CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). - CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). - CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). - CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). - CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). - CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). - CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). - CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). - CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). - CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). - CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). - CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). - CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). - CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). - CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). - CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). - CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). - CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). - CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). - CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). - CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). - CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). - CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). - CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). - CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). - CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). - CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). - CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). - CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). - CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). - CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). - CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). - CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). - CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). - CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). - CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). - CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). - CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). - CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). - CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). - CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). - CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). - CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). - CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). - CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) - CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). - CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). - CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). - CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). - CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). - CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). - CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). - CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). - CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). - CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). - CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). - CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). - CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). - CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). - CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). - CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). - CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). - CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). - CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). - CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). - CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). - CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). - CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). - CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). - CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). - CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). - CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). - CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). - CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). - CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). - CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). - CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). - CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). - CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). - CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: - acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-fixes). - acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-fixes). - acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). - acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-fixes). - acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). - acpi: scan: Fix device check notification handling (git-fixes). - acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). - alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). - alsa: aoa: avoid false-positive format truncation warning (git-fixes). - alsa: aw2: avoid casting function pointers (git-fixes). - alsa: ctxfi: avoid casting function pointers (git-fixes). - alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-fixes). - alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-fixes). - alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). - alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). - alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). - alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). - alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). - alsa: seq: fix function cast warnings (git-fixes). - alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). - alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). - arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) - arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) - arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes) - arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) - arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) - arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) - arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) - arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) - arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) - arm64: mm: fix VA-range sanity check (git-fixes) - arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) - asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). - asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). - asoc: amd: acp: fix for acp_init function error handling (git-fixes). - asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). - asoc: meson: Use dev_err_probe() helper (stable-fixes). - asoc: meson: aiu: fix function pointer type mismatch (git-fixes). - asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). - asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). - asoc: meson: t9015: fix function pointer type mismatch (git-fixes). - asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). - asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). - asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). - asoc: rt5682-sdw: fix locking sequence (git-fixes). - asoc: rt711-sdca: fix locking sequence (git-fixes). - asoc: rt711-sdw: fix locking sequence (git-fixes). - asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-fixes). - asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). - asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-fixes). - ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes). - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). - backlight: da9052: Fully initialize backlight_properties during probe (git-fixes). - backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git-fixes). - backlight: lm3630a: Initialize backlight_properties on init (git-fixes). - backlight: lm3639: Fully initialize backlight_properties during probe (git-fixes). - backlight: lp8788: Fully initialize backlight_properties during probe (git-fixes). - blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). - bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes). - bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes). - bluetooth: hci_core: Fix possible buffer overflow (git-fixes). - bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). - bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-fixes). - bpf, scripts: Correct GPL license name (git-fixes). - bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). - can: softing: remove redundant NULL check (git-fixes). - clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git-fixes). - comedi: comedi_test: Prevent timers rescheduling during deletion (git-fixes). - coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) - coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) - coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) - cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). - crypto: arm/sha - fix function cast warnings (git-fixes). - crypto: qat - avoid division by zero (git-fixes). - crypto: qat - fix deadlock in backlog processing (git-fixes). - crypto: qat - fix double free during reset (git-fixes). - crypto: qat - fix state machines cleanup paths (bsc#1218321). - crypto: qat - fix unregistration of compression algorithms (git-fixes). - crypto: qat - fix unregistration of crypto algorithms (git-fixes). - crypto: qat - ignore subsequent state up commands (git-fixes). - crypto: qat - increase size of buffers (git-fixes). - crypto: qat - resolve race condition during AER recovery (git-fixes). - crypto: xilinx - call finalize with bh disabled (git-fixes). - doc-guide: kernel-doc: tell about object-like macros (git-fixes). - doc/README.SUSE: Update information about module support status (jsc#PED-5759) - drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). - drm/amd/display: Add FAMS validation before trying to use it (git-fixes). - drm/amd/display: Add function for validate and update new stream (git-fixes). - drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). - drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git-fixes). - drm/amd/display: Check if link state is valid (git-fixes). - drm/amd/display: Copy DC context in the commit streams (git-fixes). - drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). - drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). - drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). - drm/amd/display: Exit idle optimizations before attempt to access PHY (git-fixes). - drm/amd/display: Expand kernel doc for DC (git-fixes). - drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). - drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). - drm/amd/display: Fix possible underflow for displays with large vblank (git-fixes). - drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). - drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). - drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git-fixes). - drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git-fixes). - drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). - drm/amd/display: Handle seamless boot stream (git-fixes). - drm/amd/display: Handle virtual hardware detect (git-fixes). - drm/amd/display: Include surface of unaffected streams (git-fixes). - drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). - drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). - drm/amd/display: Keep PHY active for dp config (git-fixes). - drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). - drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). - drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). - drm/amd/display: Return the correct HDCP error code (stable-fixes). - drm/amd/display: Revert vblank change that causes null pointer crash (git-fixes). - drm/amd/display: Rework comments on dc file (git-fixes). - drm/amd/display: Rework context change check (git-fixes). - drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git-fixes). - drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git-fixes). - drm/amd/display: Update OTG instance in the commit stream (git-fixes). - drm/amd/display: Update correct DCN314 register header (git-fixes). - drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git-fixes). - drm/amd/display: Use DRAM speed from validation for dummy p-state (git-fixes). - drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). - drm/amd/display: Use min transition for all SubVP plane add/remove (git-fixes). - drm/amd/display: Write to correct dirty_rect (git-fixes). - drm/amd/display: Wrong colorimetry workaround (git-fixes). - drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). - drm/amd/display: add ODM case when looking for first split pipe (git-fixes). - drm/amd/display: always switch off ODM before committing more streams (git-fixes). - drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-fixes). - drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). - drm/amd/display: ensure async flips are only accepted for fast updates (git-fixes). - drm/amd/display: fix ABM disablement (git-fixes). - drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). - drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). - drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). - drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). - drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). - drm/amd/display: handle range offsets in VRR ranges (stable-fixes). - drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). - drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). - drm/amd/display: update extended blank for dcn314 onwards (git-fixes). - drm/amd/display: use low clocks for no plane configs (git-fixes). - drm/amd/pm: Fix error of MACO flag setting code (git-fixes). - drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). - drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). - drm/amd: Enable PCIe PME from D3 (git-fixes). - drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). - drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). - drm/amdgpu/smu13: drop compute workload workaround (git-fixes). - drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes). - drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). - drm/amdgpu: Force order between a read and write to the same address (git-fixes). - drm/amdgpu: Match against exact bootloader status (git-fixes). - drm/amdgpu: Unset context priority is now invalid (git-fixes). - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). - drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). - drm/amdgpu: lower CS errors to debug severity (git-fixes). - drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). - drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). - drm/display: fix typo (git-fixes). - drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). - drm/etnaviv: Restore some id values (git-fixes). - drm/exynos: do not return negative values from .get_modes() (stable-fixes). - drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). - drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). - drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes). - drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). - drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). - drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). - drm/i915: Add missing CCS documentation (git-fixes). - drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). - drm/i915: Check before removing mm notifier (git-fixes). - drm/lima: fix a memleak in lima_heap_alloc (git-fixes). - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). - drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). - drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git-fixes). - drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). - drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). - drm/msm/dpu: improve DSC allocation (git-fixes). - drm/panel-edp: use put_sync in unprepare (git-fixes). - drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git-fixes). - drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). - drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). - drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). - drm/panfrost: fix power transition timeout warnings (git-fixes). - drm/probe-helper: warn about negative .get_modes() (stable-fixes). - drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes). - drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes). - drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git-fixes). - drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). - drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). - drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). - drm/rockchip: inno_hdmi: Fix video timing (git-fixes). - drm/rockchip: lvds: do not overwrite error code (git-fixes). - drm/rockchip: lvds: do not print scary message when probing defer (git-fixes). - drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git-fixes). - drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). - drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). - drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git-fixes). - drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable-fixes). - drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). - drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git-fixes). - drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). - drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). - drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). - drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git-fixes). - drm/tidss: Fix initial plane zpos values (git-fixes). - drm/tidss: Fix sync-lost issue with two displays (git-fixes). - drm/ttm: Do not leak a resource on eviction error (git-fixes). - drm/ttm: Do not print error message if eviction was interrupted (git-fixes). - drm/vc4: Add module dependency on hdmi-codec (git-fixes). - drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes). - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git-fixes). - drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). - drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). - drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). - firewire: core: use long bus reset on gap count error (stable-fixes). - fix 'coresight: etm4x: Change etm4_platform_driver driver for MMIO devices' (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. - hid: amd_sfh: Update HPD sensor structure elements (git-fixes). - hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). - hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes). - hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git-fixes). - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git-fixes). - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git-fixes). - i2c: aspeed: Fix the dummy irq expected print (git-fixes). - i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git-fixes). - i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). - ib/ipoib: Fix mcast list locking (git-fixes) - iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). - iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). - input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes). - input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). - input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). - input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). - input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). - input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). - input: pm8941-pwrkey - add software key press debouncing support (git-fixes). - input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). - input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). - input: xpad - add Lenovo Legion Go controllers (git-fixes). - iommu/amd: Mark interrupt as managed (git-fixes). - iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). - iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git-fixes). - iommu/mediatek: Fix forever loop in error handling (git-fixes). - iommu/vt-d: Allow to use flush-queue when first level is default (git-fixes). - iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). - iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). - iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). - kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). - kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes). - kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). - lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit). - leds: aw2013: Unlock mutex before destroying it (git-fixes). - lib/cmdline: Fix an invalid format specifier in an assertion msg (git-fixes). - make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156) - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). - md/raid5: release batch_last before waiting for another stripe_head (git-fixes). - md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes). - md: Do not ignore suspended array in md_check_recovery() (git-fixes). - md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes). - md: Whenassemble the array, consult the superblock of the freshest device (git-fixes). - md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes). - md: fix data corruption for raid456 when reshape restart while grow up (git-fixes). - md: introduce md_ro_state (git-fixes). - media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). - media: edia: dvbdev: fix a use-after-free (git-fixes). - media: em28xx: annotate unchecked call to media_device_register() (git-fixes). - media: go7007: add check of return value of go7007_read_addr() (git-fixes). - media: go7007: fix a memleak in go7007_load_encoder (git-fixes). - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). - media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). - media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). - media: pvrusb2: remove redundant NULL check (git-fixes). - media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git-fixes). - media: sun8i-di: Fix chroma difference threshold (git-fixes). - media: sun8i-di: Fix coefficient writes (git-fixes). - media: sun8i-di: Fix power on/off sequences (git-fixes). - media: tc358743: register v4l2 async device only after successful setup (git-fixes). - media: ttpci: fix two memleaks in budget_av_attach (git-fixes). - media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). - media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). - media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). - mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). - mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). - mm,page_owner: Defer enablement of static branch (bsc#1222366). - mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). - mm,page_owner: Fix printing of stack records (bsc#1222366). - mm,page_owner: Fix refcount imbalance (bsc#1222366). - mm,page_owner: Update metadata for tail pages (bsc#1222366). - mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). - mm,page_owner: drop unnecessary check (bsc#1222366). - mm,page_owner: fix recursion (bsc#1222366). - mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829). - mmc: core: Avoid negative index with array access (git-fixes). - mmc: core: Fix switch on gp3 partition (git-fixes). - mmc: core: Initialize mmc_blk_ioc_data (git-fixes). - mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). - mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). - mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). - mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). - mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). - net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). - net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). - net: Fix features skip in for_each_netdev_feature() (git-fixes). - net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). - net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). - net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). - net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). - net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). - nfs: fix an off by one in root_nfs_cat() (git-fixes). - nfs: rename nfs_client_kset to nfs_kset (git-fixes). - nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). - nfsd: convert the callback workqueue to use delayed_work (git-fixes). - nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). - nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes). - nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes). - nfsd: fix file memleak on client_opens_release (git-fixes). - nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). - nfsd: lock_rename() needs both directories to live on the same fs (git-fixes). - nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes). - nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). - nfsd: retransmit callbacks after client reconnects (git-fixes). - nfsd: use vfs setgid helper (git-fixes). - nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). - nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). - nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). - nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). - nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). - nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). - nfsv4.2: fix wrong shrinker_id (git-fixes). - nfsv4: fix a nfs4_state_manager() race (git-fixes). - nfsv4: fix a state manager thread deadlock regression (git-fixes). - nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). - nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). - nouveau/dmem: handle kcalloc() allocation failure (git-fixes). - nouveau: reset the bo resource bus info after an eviction (git-fixes). - ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). - nvme-fc: do not wait in vain when unloading module (git-fixes). - nvme: fix reconnection fail due to reserved tag allocation (git-fixes). - nvmet-fc: abort command when there is no binding (git-fixes). - nvmet-fc: avoid deadlock on delete association path (git-fixes). - nvmet-fc: defer cleanup using RCU properly (git-fixes). - nvmet-fc: hold reference on hostport match (git-fixes). - nvmet-fc: release reference on target port (git-fixes). - nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). - nvmet-fcloop: swap the list_add_tail arguments (git-fixes). - nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). - pci/aer: fix rootport attribute paths in ABI docs (git-fixes). - pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). - pci/dpc: print all TLP Prefixes, not just the first (git-fixes). - pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) - pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). - pci: add locking to RMW PCI Express Capability Register accessors (git-fixes). - pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). - pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). - pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-fixes). - pci: fu740: Set the number of MSI vectors (git-fixes). - pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-fixes). - pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). - pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). - pci: mediatek-gen3: Fix translation window size calculation (git-fixes). - pci: mediatek: Clear interrupt status before dispatching handler (git-fixes). - pci: qcom: Enable BDF to SID translation properly (git-fixes). - pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes). - pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). - pci: rockchip: Fix window mapping and address translation for endpoint (git-fixes). - pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). - pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-fixes). - pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git-fixes). - platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). - pm: suspend: Set mem_sleep_current during kernel command line setup (git-fixes). - pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). - pnfs: Fix a hang in nfs4_evict_inode() (git-fixes). - pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). - powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). - powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). - powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). - powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). - powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__ (bsc#1194869). - powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). - powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). - powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). - powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). - powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). - powerpc: add compile-time support for lbarx, lharx (bsc#1194869). - pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-fixes). - qedf: Do not process stag work during unload (bsc#1214852). - qedf: Wait for stag work during unload (bsc#1214852). - raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). - ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). - ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). - ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). - ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). - ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). - ras/amd/fmpm: Save SPA values (jsc#PED-7619). - ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). - ras: export helper to get ras_debugfs_dir (jsc#PED-7619). - rdma/device: Fix a race between mad_client and cm_client init (git-fixes) - rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) - rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) - rdma/irdma: Remove duplicate assignment (git-fixes) - rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). - rdma/mlx5: fix fortify source warning while accessing Eth segment (git-fixes) - rdma/mlx5: relax DEVX access upon modify commands (git-fixes) - rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes) - rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) - revert 'PCI: tegra194: Enable support for 256 Byte payload' (git-fixes). - revert 'Revert 'drm/amdgpu/display: change pipe policy for DCN 2.0'' (git-fixes). - revert 'SUNRPC dont update timeout value on connection reset' (git-fixes). - revert 'drm/amd: Disable PSR-SU on Parade 0803 TCON' (git-fixes). - revert 'drm/amd: Disable S/G for APUs when 64GB or more host memory' (git-fixes). - revert 'drm/amdgpu/display: change pipe policy for DCN 2.0' (git-fixes). - revert 'drm/amdgpu/display: change pipe policy for DCN 2.1' (git-fixes). - revert 'drm/vc4: hdmi: Enforce the minimum rate at runtime_resume' (git-fixes). - revert 'fbdev: flush deferred IO before closing (git-fixes).' (bsc#1221814) - ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). - rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). - s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). - s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). - s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). - s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). - s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). - sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). - scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). - scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). - scsi: qedf: Remove unused declaration (bsc#1214852). - scsi: qla2xxx: Change debug message during driver unload (bsc1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). - scsi: qla2xxx: Fix double free of fcport (bsc1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). - scsi: qla2xxx: Update manufacturer detail (bsc1221816). - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). - scsi: storvsc: Fix ring buffer size calculation (git-fixes). - scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). - selftests/bpf: add generic BPF program tester-loader (bsc#1222033). - serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). - serial: max310x: fix syntax error in IRQ error message (git-fixes). - slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes). - soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). - spi: lm70llp: fix links in doc and comments (git-fixes). - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). - sr9800: Add check for usbnet_get_endpoints (git-fixes). - stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). - staging: vc04_services: fix information leak in create_component() (git-fixes). - sunrpc: Add an IS_ERR() check back to where it was (git-fixes). - sunrpc: ECONNRESET might require a rebind (git-fixes). - sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). - sunrpc: Fix a suspicious RCU usage warning (git-fixes). - sunrpc: fix a memleak in gss_import_v2_context (git-fixes). - sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). - svcrdma: Drop connection after an RDMA Read error (git-fixes). - topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). - topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). - tracing/probes: Fix to show a parse error for bad type for $comm (git-fixes). - tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). - tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-fixes). - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). - tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). - ubifs: Queue up space reservation tasks if retrying many times (git-fixes). - ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). - ubifs: Set page uptodate in the correct place (git-fixes). - ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). - ubifs: fix sort function prototype (git-fixes). - usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). - usb: cdc-wdm: close race between read and workqueue (git-fixes). - usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). - usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). - usb: dwc2: gadget: LPM flow fix (git-fixes). - usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). - usb: dwc2: host: Fix hibernation flow (git-fixes). - usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). - usb: dwc3: Properly set system wakeup (git-fixes). - usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). - usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes). - usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). - usb: port: Do not try to peer unused USB ports based on location (git-fixes). - usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). - usb: typec: ucsi: Check for notifications after init (git-fixes). - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). - usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). - usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes). - usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). - vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). - vt: fix unicode buffer corruption when deleting characters (git-fixes). - watchdog: stm32_iwdg: initialize default timeout (git-fixes). - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). - wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). - wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). - wifi: b43: Disable QoS for bcm4331 (git-fixes). - wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-fixes). - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-fixes). - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-fixes). - wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-fixes). - wifi: brcmsmac: avoid function pointer casts (git-fixes). - wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). - wifi: iwlwifi: fix EWRD table validity check (git-fixes). - wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). - wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). - wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). - wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). - wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-fixes). - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). - wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). - wifi: rtw88: 8821c: Fix false alarm count (git-fixes). - wifi: wilc1000: fix RCU usage in connect path (git-fixes). - wifi: wilc1000: fix declarations ordering (stable-fixes). - wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). - wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). - x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). - x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). - x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). - xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). - xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). Important SUSE bug 1194869 SUSE bug 1200465 SUSE bug 1205316 SUSE bug 1207948 SUSE bug 1209635 SUSE bug 1209657 SUSE bug 1212514 SUSE bug 1213456 SUSE bug 1214852 SUSE bug 1215221 SUSE bug 1215322 SUSE bug 1217339 SUSE bug 1217829 SUSE bug 1217959 SUSE bug 1217987 SUSE bug 1217988 SUSE bug 1217989 SUSE bug 1218321 SUSE bug 1218336 SUSE bug 1218479 SUSE bug 1218562 SUSE bug 1218643 SUSE bug 1218777 SUSE bug 1219169 SUSE bug 1219170 SUSE bug 1219264 SUSE bug 1219834 SUSE bug 1220114 SUSE bug 1220176 SUSE bug 1220237 SUSE bug 1220251 SUSE bug 1220320 SUSE bug 1220325 SUSE bug 1220328 SUSE bug 1220337 SUSE bug 1220340 SUSE bug 1220365 SUSE bug 1220366 SUSE bug 1220398 SUSE bug 1220411 SUSE bug 1220413 SUSE bug 1220433 SUSE bug 1220439 SUSE bug 1220443 SUSE bug 1220445 SUSE bug 1220466 SUSE bug 1220469 SUSE bug 1220478 SUSE bug 1220482 SUSE bug 1220484 SUSE bug 1220486 SUSE bug 1220487 SUSE bug 1220492 SUSE bug 1220703 SUSE bug 1220735 SUSE bug 1220736 SUSE bug 1220775 SUSE bug 1220790 SUSE bug 1220797 SUSE bug 1220831 SUSE bug 1220833 SUSE bug 1220836 SUSE bug 1220839 SUSE bug 1220840 SUSE bug 1220843 SUSE bug 1220845 SUSE bug 1220848 SUSE bug 1220870 SUSE bug 1220871 SUSE bug 1220872 SUSE bug 1220878 SUSE bug 1220879 SUSE bug 1220883 SUSE bug 1220885 SUSE bug 1220887 SUSE bug 1220898 SUSE bug 1220917 SUSE bug 1220918 SUSE bug 1220920 SUSE bug 1220921 SUSE bug 1220926 SUSE bug 1220927 SUSE bug 1220929 SUSE bug 1220930 SUSE bug 1220931 SUSE bug 1220932 SUSE bug 1220933 SUSE bug 1220937 SUSE bug 1220938 SUSE bug 1220940 SUSE bug 1220954 SUSE bug 1220955 SUSE bug 1220959 SUSE bug 1220960 SUSE bug 1220961 SUSE bug 1220965 SUSE bug 1220969 SUSE bug 1220978 SUSE bug 1220979 SUSE bug 1220981 SUSE bug 1220982 SUSE bug 1220983 SUSE bug 1220985 SUSE bug 1220986 SUSE bug 1220987 SUSE bug 1220989 SUSE bug 1220990 SUSE bug 1221009 SUSE bug 1221012 SUSE bug 1221015 SUSE bug 1221022 SUSE bug 1221039 SUSE bug 1221040 SUSE bug 1221044 SUSE bug 1221045 SUSE bug 1221046 SUSE bug 1221048 SUSE bug 1221055 SUSE bug 1221056 SUSE bug 1221058 SUSE bug 1221060 SUSE bug 1221061 SUSE bug 1221062 SUSE bug 1221066 SUSE bug 1221067 SUSE bug 1221068 SUSE bug 1221069 SUSE bug 1221070 SUSE bug 1221071 SUSE bug 1221077 SUSE bug 1221082 SUSE bug 1221090 SUSE bug 1221097 SUSE bug 1221156 SUSE bug 1221252 SUSE bug 1221273 SUSE bug 1221274 SUSE bug 1221276 SUSE bug 1221277 SUSE bug 1221291 SUSE bug 1221293 SUSE bug 1221298 SUSE bug 1221337 SUSE bug 1221338 SUSE bug 1221375 SUSE bug 1221379 SUSE bug 1221551 SUSE bug 1221553 SUSE bug 1221613 SUSE bug 1221614 SUSE bug 1221616 SUSE bug 1221618 SUSE bug 1221631 SUSE bug 1221633 SUSE bug 1221713 SUSE bug 1221725 SUSE bug 1221777 SUSE bug 1221814 SUSE bug 1221816 SUSE bug 1221830 SUSE bug 1221951 SUSE bug 1222033 SUSE bug 1222056 SUSE bug 1222060 SUSE bug 1222070 SUSE bug 1222073 SUSE bug 1222117 SUSE bug 1222274 SUSE bug 1222291 SUSE bug 1222300 SUSE bug 1222304 SUSE bug 1222317 SUSE bug 1222331 SUSE bug 1222355 SUSE bug 1222356 SUSE bug 1222360 SUSE bug 1222366 SUSE bug 1222373 SUSE bug 1222619 SUSE bug 1222952 CVE-2021-46925 at SUSE CVE-2021-46925 at NVD CVE-2021-46926 at SUSE CVE-2021-46926 at NVD CVE-2021-46927 at SUSE CVE-2021-46927 at NVD CVE-2021-46929 at SUSE CVE-2021-46929 at NVD CVE-2021-46930 at SUSE CVE-2021-46930 at NVD CVE-2021-46931 at SUSE CVE-2021-46931 at NVD CVE-2021-46933 at SUSE CVE-2021-46933 at NVD CVE-2021-46934 at SUSE CVE-2021-46934 at NVD CVE-2021-46936 at SUSE CVE-2021-46936 at NVD CVE-2021-47082 at SUSE CVE-2021-47082 at NVD CVE-2021-47083 at SUSE CVE-2021-47083 at NVD CVE-2021-47087 at SUSE CVE-2021-47087 at NVD CVE-2021-47091 at SUSE CVE-2021-47091 at NVD CVE-2021-47093 at SUSE CVE-2021-47093 at NVD CVE-2021-47094 at SUSE CVE-2021-47094 at NVD CVE-2021-47095 at SUSE CVE-2021-47095 at NVD CVE-2021-47096 at SUSE CVE-2021-47096 at NVD CVE-2021-47097 at SUSE CVE-2021-47097 at NVD CVE-2021-47098 at SUSE CVE-2021-47098 at NVD CVE-2021-47099 at SUSE CVE-2021-47099 at NVD CVE-2021-47100 at SUSE CVE-2021-47100 at NVD CVE-2021-47101 at SUSE CVE-2021-47101 at NVD CVE-2021-47102 at SUSE CVE-2021-47102 at NVD CVE-2021-47104 at SUSE CVE-2021-47104 at NVD CVE-2021-47105 at SUSE CVE-2021-47105 at NVD CVE-2021-47107 at SUSE CVE-2021-47107 at NVD CVE-2021-47108 at SUSE CVE-2021-47108 at NVD CVE-2022-4744 at SUSE CVE-2022-4744 at NVD CVE-2022-48626 at SUSE CVE-2022-48626 at NVD CVE-2022-48627 at SUSE CVE-2022-48627 at NVD CVE-2022-48628 at SUSE CVE-2022-48628 at NVD CVE-2022-48629 at SUSE CVE-2022-48629 at NVD CVE-2022-48630 at SUSE CVE-2022-48630 at NVD CVE-2023-0160 at SUSE CVE-2023-0160 at NVD CVE-2023-28746 at SUSE CVE-2023-28746 at NVD CVE-2023-35827 at SUSE CVE-2023-35827 at NVD CVE-2023-4881 at SUSE CVE-2023-4881 at NVD CVE-2023-52447 at SUSE CVE-2023-52447 at NVD CVE-2023-52450 at SUSE CVE-2023-52450 at NVD CVE-2023-52453 at SUSE CVE-2023-52453 at NVD CVE-2023-52454 at SUSE CVE-2023-52454 at NVD CVE-2023-52462 at SUSE CVE-2023-52462 at NVD CVE-2023-52463 at SUSE CVE-2023-52463 at NVD CVE-2023-52467 at SUSE CVE-2023-52467 at NVD CVE-2023-52469 at SUSE CVE-2023-52469 at NVD CVE-2023-52470 at SUSE CVE-2023-52470 at NVD CVE-2023-52474 at SUSE CVE-2023-52474 at NVD CVE-2023-52476 at SUSE CVE-2023-52476 at NVD CVE-2023-52477 at SUSE CVE-2023-52477 at NVD CVE-2023-52481 at SUSE CVE-2023-52481 at NVD CVE-2023-52482 at SUSE CVE-2023-52482 at NVD CVE-2023-52484 at SUSE CVE-2023-52484 at NVD CVE-2023-52486 at SUSE CVE-2023-52486 at NVD CVE-2023-52492 at SUSE CVE-2023-52492 at NVD CVE-2023-52493 at SUSE CVE-2023-52493 at NVD CVE-2023-52494 at SUSE CVE-2023-52494 at NVD CVE-2023-52497 at SUSE CVE-2023-52497 at NVD CVE-2023-52500 at SUSE CVE-2023-52500 at NVD CVE-2023-52501 at SUSE CVE-2023-52501 at NVD CVE-2023-52502 at SUSE CVE-2023-52502 at NVD CVE-2023-52504 at SUSE CVE-2023-52504 at NVD CVE-2023-52507 at SUSE CVE-2023-52507 at NVD CVE-2023-52508 at SUSE CVE-2023-52508 at NVD CVE-2023-52509 at SUSE CVE-2023-52509 at NVD CVE-2023-52510 at SUSE CVE-2023-52510 at NVD CVE-2023-52511 at SUSE CVE-2023-52511 at NVD CVE-2023-52513 at SUSE CVE-2023-52513 at NVD CVE-2023-52515 at SUSE CVE-2023-52515 at NVD CVE-2023-52517 at SUSE CVE-2023-52517 at NVD CVE-2023-52518 at SUSE CVE-2023-52518 at NVD CVE-2023-52519 at SUSE CVE-2023-52519 at NVD CVE-2023-52520 at SUSE CVE-2023-52520 at NVD CVE-2023-52523 at SUSE CVE-2023-52523 at NVD CVE-2023-52524 at SUSE CVE-2023-52524 at NVD CVE-2023-52525 at SUSE CVE-2023-52525 at NVD CVE-2023-52528 at SUSE CVE-2023-52528 at NVD CVE-2023-52529 at SUSE CVE-2023-52529 at NVD CVE-2023-52530 at SUSE CVE-2023-52530 at NVD CVE-2023-52531 at SUSE CVE-2023-52531 at NVD CVE-2023-52532 at SUSE CVE-2023-52532 at NVD CVE-2023-52559 at SUSE CVE-2023-52559 at NVD CVE-2023-52563 at SUSE CVE-2023-52563 at NVD CVE-2023-52564 at SUSE CVE-2023-52564 at NVD CVE-2023-52566 at SUSE CVE-2023-52566 at NVD CVE-2023-52567 at SUSE CVE-2023-52567 at NVD CVE-2023-52569 at SUSE CVE-2023-52569 at NVD CVE-2023-52574 at SUSE CVE-2023-52574 at NVD CVE-2023-52575 at SUSE CVE-2023-52575 at NVD CVE-2023-52576 at SUSE CVE-2023-52576 at NVD CVE-2023-52582 at SUSE CVE-2023-52582 at NVD CVE-2023-52583 at SUSE CVE-2023-52583 at NVD CVE-2023-52587 at SUSE CVE-2023-52587 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52594 at SUSE CVE-2023-52594 at NVD CVE-2023-52595 at SUSE CVE-2023-52595 at NVD CVE-2023-52597 at SUSE CVE-2023-52597 at NVD CVE-2023-52598 at SUSE CVE-2023-52598 at NVD CVE-2023-52599 at SUSE CVE-2023-52599 at NVD CVE-2023-52600 at SUSE CVE-2023-52600 at NVD CVE-2023-52601 at SUSE CVE-2023-52601 at NVD CVE-2023-52602 at SUSE CVE-2023-52602 at NVD CVE-2023-52603 at SUSE CVE-2023-52603 at NVD CVE-2023-52604 at SUSE CVE-2023-52604 at NVD CVE-2023-52605 at SUSE CVE-2023-52605 at NVD CVE-2023-52606 at SUSE CVE-2023-52606 at NVD CVE-2023-52607 at SUSE CVE-2023-52607 at NVD CVE-2023-52608 at SUSE CVE-2023-52608 at NVD CVE-2023-52612 at SUSE CVE-2023-52612 at NVD CVE-2023-52615 at SUSE CVE-2023-52615 at NVD CVE-2023-52617 at SUSE CVE-2023-52617 at NVD CVE-2023-52619 at SUSE CVE-2023-52619 at NVD CVE-2023-52621 at SUSE CVE-2023-52621 at NVD CVE-2023-52623 at SUSE CVE-2023-52623 at NVD CVE-2023-52628 at SUSE CVE-2023-52628 at NVD CVE-2023-52632 at SUSE CVE-2023-52632 at NVD CVE-2023-52637 at SUSE CVE-2023-52637 at NVD CVE-2023-52639 at SUSE CVE-2023-52639 at NVD CVE-2023-6270 at SUSE CVE-2023-6270 at NVD CVE-2023-6356 at SUSE CVE-2023-6356 at NVD CVE-2023-6535 at SUSE CVE-2023-6535 at NVD CVE-2023-6536 at SUSE CVE-2023-6536 at NVD CVE-2023-7042 at SUSE CVE-2023-7042 at NVD CVE-2023-7192 at SUSE CVE-2023-7192 at NVD CVE-2024-0841 at SUSE CVE-2024-0841 at NVD CVE-2024-2201 at SUSE CVE-2024-2201 at NVD CVE-2024-22099 at SUSE CVE-2024-22099 at NVD CVE-2024-23307 at SUSE CVE-2024-23307 at NVD CVE-2024-25739 at SUSE CVE-2024-25739 at NVD CVE-2024-25742 at SUSE CVE-2024-25742 at NVD CVE-2024-26599 at SUSE CVE-2024-26599 at NVD CVE-2024-26600 at SUSE CVE-2024-26600 at NVD CVE-2024-26602 at SUSE CVE-2024-26602 at NVD CVE-2024-26607 at SUSE CVE-2024-26607 at NVD CVE-2024-26612 at SUSE CVE-2024-26612 at NVD CVE-2024-26614 at SUSE CVE-2024-26614 at NVD CVE-2024-26620 at SUSE CVE-2024-26620 at NVD CVE-2024-26627 at SUSE CVE-2024-26627 at NVD CVE-2024-26629 at SUSE CVE-2024-26629 at NVD CVE-2024-26642 at SUSE CVE-2024-26642 at NVD CVE-2024-26645 at SUSE CVE-2024-26645 at NVD CVE-2024-26646 at SUSE CVE-2024-26646 at NVD CVE-2024-26651 at SUSE CVE-2024-26651 at NVD CVE-2024-26654 at SUSE CVE-2024-26654 at NVD CVE-2024-26659 at SUSE CVE-2024-26659 at NVD CVE-2024-26664 at SUSE CVE-2024-26664 at NVD CVE-2024-26667 at SUSE CVE-2024-26667 at NVD CVE-2024-26670 at SUSE CVE-2024-26670 at NVD CVE-2024-26695 at SUSE CVE-2024-26695 at NVD CVE-2024-26717 at SUSE CVE-2024-26717 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). - CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478). - CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). - CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). - CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). - CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). - CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). - CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). - CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). - CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). - CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). - CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). - CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). - CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). - CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). - CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). - CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). - CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). - CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). - CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). - CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). - CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). - CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). - CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). - CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). - CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). - CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). - CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). - CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). - CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848). - CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). - CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). - CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). - CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). - CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). - CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). - CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). - CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). - CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325). - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). - CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). - CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). - CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). - CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). - CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). - CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). - CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). - CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). - CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). - CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). - CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). - CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). - CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). - CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). - CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). - CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). - CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). - CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). - CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). - CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). - CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). - CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). - CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). - CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). - CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). - CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). - CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). - CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). - CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). - CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). - CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). - CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). - CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). - CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). - CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). - CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). - CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). - CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). - CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). - CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). - CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). - CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). - CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). - CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). - CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). - CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). - CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). - CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). - CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). - CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). - CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). - CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). - CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). - CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). - CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). - CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). - CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). - CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). - CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). - CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) - CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). - CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). - CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). - CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). - CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). - CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). - CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). - CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). - CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). - CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). - CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). - CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). - CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). - CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). - CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). - CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). - CVE-2024-25743: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). - CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). - CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). - CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). - CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). - CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). - CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). - CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). - CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). - CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). - CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). - CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). - CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). - CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). - CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). - CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). - CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). - CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). - CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). - CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: - acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-fixes). - acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-fixes). - acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). - acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-fixes). - acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). - acpi: scan: Fix device check notification handling (git-fixes). - acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). - alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). - alsa: aoa: avoid false-positive format truncation warning (git-fixes). - alsa: aw2: avoid casting function pointers (git-fixes). - alsa: ctxfi: avoid casting function pointers (git-fixes). - alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-fixes). - alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-fixes). - alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). - alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). - alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). - alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). - alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). - alsa: seq: fix function cast warnings (git-fixes). - alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). - alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). - arm64: dts: allwinner: h6: add rx dma channel for spdif (git-fixes) - arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) - arm64: dts: imx8mm-kontron: add support for ultra high speed modes on (git-fixes) - arm64: dts: imx8mm-venice-gw71xx: fix usb otg vbus (git-fixes) - arm64: dts: marvell: reorder crypto interrupts on armada socs (git-fixes) - arm64: dts: rockchip: add es8316 codec for rock pi 4 (git-fixes) - arm64: dts: rockchip: add spdif node for rock pi 4 (git-fixes) - arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) - arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) - arm64: mm: fix va-range sanity check (git-fixes) - arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) - asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). - asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). - asoc: amd: acp: fix for acp_init function error handling (git-fixes). - asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). - asoc: meson: Use dev_err_probe() helper (stable-fixes). - asoc: meson: aiu: fix function pointer type mismatch (git-fixes). - asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). - asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). - asoc: meson: t9015: fix function pointer type mismatch (git-fixes). - asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). - asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). - asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). - asoc: rt5682-sdw: fix locking sequence (git-fixes). - asoc: rt711-sdca: fix locking sequence (git-fixes). - asoc: rt711-sdw: fix locking sequence (git-fixes). - asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-fixes). - asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). - asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-fixes). - ata: sata_mv: fix pci device id table declaration compilation warning (git-fixes). - ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). - backlight: da9052: fully initialize backlight_properties during probe (git-fixes). - backlight: lm3630a: do not set bl->props.brightness in get_brightness (git-fixes). - backlight: lm3630a: initialize backlight_properties on init (git-fixes). - backlight: lm3639: fully initialize backlight_properties during probe (git-fixes). - backlight: lp8788: fully initialize backlight_properties during probe (git-fixes). - blocklayoutdriver: fix reference leak of pnfs_device_node (git-fixes). - bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes). - bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes). - bluetooth: hci_core: Fix possible buffer overflow (git-fixes). - bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). - bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-fixes). - bpf, scripts: correct gpl license name (git-fixes). - bpf, sockmap: fix preempt_rt splat when using raw_spin_lock_t (git-fixes). - can: softing: remove redundant null check (git-fixes). - clk: zynq: prevent null pointer dereference caused by kmalloc failure (git-fixes). - comedi: comedi_test: prevent timers rescheduling during deletion (git-fixes). - coresight: etm4x: do not access trcidr1 for identification (bsc#1220775) - coresight: etm4x: fix accesses to trcseqrstevr and trcseqstr (bsc#1220775) - coresight: etm: override trcidr3.ccitmin on errata affected cpus (bsc#1220775) - cpufreq: amd-pstate: fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). - crypto: arm/sha - fix function cast warnings (git-fixes). - crypto: qat - avoid division by zero (git-fixes). - crypto: qat - fix deadlock in backlog processing (git-fixes). - crypto: qat - fix double free during reset (git-fixes). - crypto: qat - fix state machines cleanup paths (bsc#1218321). - crypto: qat - fix unregistration of compression algorithms (git-fixes). - crypto: qat - fix unregistration of crypto algorithms (git-fixes). - crypto: qat - ignore subsequent state up commands (git-fixes). - crypto: qat - increase size of buffers (git-fixes). - crypto: qat - resolve race condition during aer recovery (git-fixes). - crypto: xilinx - call finalize with bh disabled (git-fixes). - doc-guide: kernel-doc: tell about object-like macros (git-fixes). - doc/readme.suse: update information about module support status (jsc#ped-5759) - drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). - drm/amd/display: add fams validation before trying to use it (git-fixes). - drm/amd/display: add fb_damage_clips support (git-fixes). - drm/amd/display: add function for validate and update new stream (git-fixes). - drm/amd/display: add odm case when looking for first split pipe (git-fixes). - drm/amd/display: always switch off odm before committing more streams (git-fixes). - drm/amd/display: avoid abm when odm combine is enabled for edp (git-fixes). - drm/amd/display: blocking invalid 420 modes on hdmi tmds for dcn31 (git-fixes). - drm/amd/display: check if link state is valid (git-fixes). - drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-fixes). - drm/amd/display: copy dc context in the commit streams (git-fixes). - drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). - drm/amd/display: disable psr-su on parade 0803 tcon again (git-fixes). - drm/amd/display: enable fast plane updates on dcn3.2 and above (git-fixes). - drm/amd/display: enable new commit sequence only for dcn32x (git-fixes). - drm/amd/display: ensure async flips are only accepted for fast updates (git-fixes). - drm/amd/display: exit idle optimizations before attempt to access phy (git-fixes). - drm/amd/display: expand kernel doc for dc (git-fixes). - drm/amd/display: fix a bug when searching for insert_above_mpcc (git-fixes). - drm/amd/display: fix a null pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). - drm/amd/display: fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). - drm/amd/display: fix abm disablement (git-fixes). - drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). - drm/amd/display: fix hw rotated modes when psr-su is enabled (git-fixes). - drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). - drm/amd/display: fix possible underflow for displays with large vblank (git-fixes). - drm/amd/display: fix the delta clamping for shaper lut (git-fixes). - drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). - drm/amd/display: fix underflow issue on 175hz timing (git-fixes). - drm/amd/display: for prefetch mode > 0, extend prefetch if possible (git-fixes). - drm/amd/display: guard against invalid rptr/wptr being set (git-fixes). - drm/amd/display: guard dcn31 phyd32clk logic against chip family (git-fixes). - drm/amd/display: handle range offsets in vrr ranges (stable-fixes). - drm/amd/display: handle seamless boot stream (git-fixes). - drm/amd/display: handle virtual hardware detect (git-fixes). - drm/amd/display: include surface of unaffected streams (git-fixes). - drm/amd/display: include udelay when waiting for inbox0 ack (git-fixes). - drm/amd/display: increase frame warning limit with kasan or kcsan in dml (git-fixes). - drm/amd/display: keep phy active for dp config (git-fixes). - drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). - drm/amd/display: prevent vtotal from being set to 0 (git-fixes). - drm/amd/display: remove min_dst_y_next_start check for z8 (git-fixes). - drm/amd/display: restore rptr/wptr for dmcub as workaround (git-fixes). - drm/amd/display: return the correct hdcp error code (stable-fixes). - drm/amd/display: revert vblank change that causes null pointer crash (git-fixes). - drm/amd/display: rework comments on dc file (git-fixes). - drm/amd/display: rework context change check (git-fixes). - drm/amd/display: set minimum requirement for using psr-su on phoenix (git-fixes). - drm/amd/display: set minimum requirement for using psr-su on rembrandt (git-fixes). - drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). - drm/amd/display: update correct dcn314 register header (git-fixes). - drm/amd/display: update extended blank for dcn314 onwards (git-fixes). - drm/amd/display: update min z8 residency time to 2100 for dcn314 (git-fixes). - drm/amd/display: update otg instance in the commit stream (git-fixes). - drm/amd/display: use dram speed from validation for dummy p-state (git-fixes). - drm/amd/display: use dtbclk as refclk instead of dprefclk (git-fixes). - drm/amd/display: use low clocks for no plane configs (git-fixes). - drm/amd/display: use min transition for all subvp plane add/remove (git-fixes). - drm/amd/display: write to correct dirty_rect (git-fixes). - drm/amd/display: wrong colorimetry workaround (git-fixes). - drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). - drm/amd/pm: fix error of maco flag setting code (git-fixes). - drm/amd/smu: use averagegfxclkfrequency* to replace previous gfx curr clock (git-fixes). - drm/amd: enable pcie pme from d3 (git-fixes). - drm/amdgpu/pm: fix the error of pwm1_enable setting (stable-fixes). - drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). - drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). - drm/amdgpu/smu13: drop compute workload workaround (git-fixes). - drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). - drm/amdgpu: enable gpu reset for s3 abort cases on raven series (stable-fixes). - drm/amdgpu: fix missing break in atom_arg_imm case of atom_get_src_int() (git-fixes). - drm/amdgpu: force order between a read and write to the same address (git-fixes). - drm/amdgpu: lower cs errors to debug severity (git-fixes). - drm/amdgpu: match against exact bootloader status (git-fixes). - drm/amdgpu: unset context priority is now invalid (git-fixes). - drm/amdgpu: update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). - drm/amdkfd: fix tlb flush after unmap for gfx9.4.2 (stable-fixes). - drm/bridge: tc358762: instruct dsi host to generate hse packets (git-fixes). - drm/display: fix typo (git-fixes). - drm/edid: add quirk for osvr hdk 2.0 (git-fixes). - drm/etnaviv: restore some id values (git-fixes). - drm/exynos: do not return negative values from .get_modes() (stable-fixes). - drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). - drm/i915/bios: tolerate devdata==null in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). - drm/i915/gt: do not generate the command streamer for all the ccs (git-fixes). - drm/i915/gt: reset queue_priority_hint on parking (git-fixes). - drm/i915/gt: use i915_vm_put on ppgtt_create error paths (git-fixes). - drm/i915/selftests: fix dependency of some timeouts on hz (git-fixes). - drm/i915: add missing ccs documentation (git-fixes). - drm/i915: call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). - drm/i915: check before removing mm notifier (git-fixes). - drm/lima: fix a memleak in lima_heap_alloc (git-fixes). - drm/mediatek: dsi: fix dsi rgb666 formats and definitions (git-fixes). - drm/mediatek: fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). - drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). - drm/msm/dpu: fix the programming of intf_cfg2_data_hctl_en (git-fixes). - drm/msm/dpu: improve dsc allocation (git-fixes). - drm/msm/dpu: only enable dsc_mode_multiplex if dsc_merge is enabled (git-fixes). - drm/panel-edp: use put_sync in unprepare (git-fixes). - drm/panel: auo,b101uan08.3: fine tune the panel power sequence (git-fixes). - drm/panel: boe-tv101wum-nl6: fine tune the panel power sequence (git-fixes). - drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). - drm/panel: move aux b116xw03 out of panel-edp back to panel-simple (git-fixes). - drm/panfrost: fix power transition timeout warnings (git-fixes). - drm/probe-helper: warn about negative .get_modes() (stable-fixes). - drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes). - drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes). - drm/radeon/ni: fix wrong firmware size logging in ni_init_microcode() (git-fixes). - drm/radeon/ni_dpm: remove redundant null check (git-fixes). - drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). - drm/rockchip: dsi: clean up 'usage_mode' when failing to attach (git-fixes). - drm/rockchip: inno_hdmi: fix video timing (git-fixes). - drm/rockchip: lvds: do not overwrite error code (git-fixes). - drm/rockchip: lvds: do not print scary message when probing defer (git-fixes). - drm/tegra: dpaux: fix pm disable depth imbalance in tegra_dpaux_probe (git-fixes). - drm/tegra: dsi: add missing check for of_find_device_by_node (git-fixes). - drm/tegra: dsi: fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). - drm/tegra: dsi: fix some error handling paths in tegra_dsi_probe() (git-fixes). - drm/tegra: dsi: make use of the helper function dev_err_probe() (stable-fixes). - drm/tegra: hdmi: convert to devm_platform_ioremap_resource() (stable-fixes). - drm/tegra: hdmi: fix some error handling paths in tegra_hdmi_probe() (git-fixes). - drm/tegra: output: fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). - drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). - drm/tegra: rgb: fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). - drm/tegra: rgb: fix some error handling paths in tegra_dc_rgb_probe() (git-fixes). - drm/tidss: fix initial plane zpos values (git-fixes). - drm/tidss: fix sync-lost issue with two displays (git-fixes). - drm/ttm: do not leak a resource on eviction error (git-fixes). - drm/ttm: do not print error message if eviction was interrupted (git-fixes). - drm/vc4: add module dependency on hdmi-codec (git-fixes). - drm/vmwgfx: create debugfs ttm_resource_manager entry only if needed (git-fixes). - drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). - drm/vmwgfx: fix possible null pointer derefence with invalid contexts (git-fixes). - drm: do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). - drm: fix drm_fixp2int_round() making it add 0.5 (git-fixes). - drm: panel-orientation-quirks: add quirk for acer switch v 10 (sw5-017) (git-fixes). - firewire: core: use long bus reset on gap count error (stable-fixes). - fix 'coresight: etm4x: Change etm4_platform_driver driver for MMIO devices' (bsc#1220775) - hid: amd_sfh: Update HPD sensor structure elements (git-fixes). - hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). - hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes). - hv_netvsc: calculate correct ring size when page_size is not 4 kbytes (git-fixes). - hv_netvsc: fix race condition between netvsc_probe and netvsc_remove (git-fixes). - hv_netvsc: register vf in netvsc_probe if net_device_register missed (git-fixes). - i2c: aspeed: fix the dummy irq expected print (git-fixes). - i2c: i801: avoid potential double call to gpiod_remove_lookup_table (git-fixes). - i2c: wmt: fix an error handling path in wmt_i2c_probe() (git-fixes). - ib/ipoib: Fix mcast list locking (git-fixes) - iio: dummy_evgen: remove excess kernel-doc comments (git-fixes). - iio: pressure: dlhl60d: initialize empty dlh bytes (git-fixes). - input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes). - input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). - input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). - input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). - input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). - input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). - input: pm8941-pwrkey - add software key press debouncing support (git-fixes). - input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). - input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). - input: xpad - add Lenovo Legion Go controllers (git-fixes). - iommu/amd: mark interrupt as managed (git-fixes). - iommu/dma: trace bounce buffer usage when mapping buffers (git-fixes). - iommu/mediatek-v1: fix an error handling path in mtk_iommu_v1_probe() (git-fixes). - iommu/mediatek: fix forever loop in error handling (git-fixes). - iommu/vt-d: allow to use flush-queue when first level is default (git-fixes). - iommu/vt-d: do not issue ats invalidation request when device is disconnected (git-fixes). - iommu/vt-d: fix pasid directory pointer coherency (git-fixes). - iommu/vt-d: set no execute enable bit in pasid table entry (git-fixes). - kabi: pci: add locking to rmw pci express capability register accessors (kabi). - kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes). - kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). - lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-commit). - leds: aw2013: unlock mutex before destroying it (git-fixes). - lib/cmdline: fix an invalid format specifier in an assertion msg (git-fixes). - make nvidiA Grace-Hopper TPM related drivers build-ins (bsc#1221156) - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). - md/raid5: release batch_last before waiting for another stripe_head (git-fixes). - md/raid6: use valid sector values to determine if an i/o should wait on the reshape (git-fixes). - md: do not ignore suspended array in md_check_recovery() (git-fixes). - md: do not leave 'md_recovery_frozen' in error path of md_set_readonly() (git-fixes). - md: fix data corruption for raid456 when reshape restart while grow up (git-fixes). - md: introduce md_ro_state (git-fixes). - md: make sure md_do_sync() will set md_recovery_done (git-fixes). - md: whenassemble the array, consult the superblock of the freshest device (git-fixes). - media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). - media: edia: dvbdev: fix a use-after-free (git-fixes). - media: em28xx: annotate unchecked call to media_device_register() (git-fixes). - media: go7007: add check of return value of go7007_read_addr() (git-fixes). - media: go7007: fix a memleak in go7007_load_encoder (git-fixes). - media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). - media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). - media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). - media: pvrusb2: remove redundant null check (git-fixes). - media: staging: ipu3-imgu: set fields before media_entity_pads_init() (git-fixes). - media: sun8i-di: fix chroma difference threshold (git-fixes). - media: sun8i-di: fix coefficient writes (git-fixes). - media: sun8i-di: fix power on/off sequences (git-fixes). - media: tc358743: register v4l2 async device only after successful setup (git-fixes). - media: ttpci: fix two memleaks in budget_av_attach (git-fixes). - media: usbtv: remove useless locks in usbtv_video_free() (git-fixes). - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). - media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). - media: xc4000: fix atomicity violation in xc4000_get_frequency (git-fixes). - mfd: altera-sysmgr: call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). - mfd: syscon: call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). - mm,page_owner: Defer enablement of static branch (bsc#1222366). - mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). - mm,page_owner: drop unnecessary check (bsc#1222366). - mm,page_owner: fix accounting of pages when migrating (bsc#1222366). - mm,page_owner: fix printing of stack records (bsc#1222366). - mm,page_owner: fix recursion (bsc#1222366). - mm,page_owner: fix refcount imbalance (bsc#1222366). - mm,page_owner: update metadata for tail pages (bsc#1222366). - mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829). - mmc: core: avoid negative index with array access (git-fixes). - mmc: core: fix switch on gp3 partition (git-fixes). - mmc: core: initialize mmc_blk_ioc_data (git-fixes). - mmc: mmci: stm32: fix dma api overlapping mappings warning (git-fixes). - mmc: mmci: stm32: use a buffer for unaligned dma requests (git-fixes). - mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). - mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). - mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). - mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). - mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). - net/bnx2x: prevent access to a freed page in page_pool (bsc#1215322). - net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). - net: fix features skip in for_each_netdev_feature() (git-fixes). - net: lan78xx: fix runtime pm count underflow on link stop (git-fixes). - net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). - net: mana: fix rx dma datasize and skb_over_panic (git-fixes). - net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). - net: sunrpc: fix an off by one in rpc_sockaddr2uaddr() (git-fixes). - net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). - nfc: nci: fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). - nfs: fix an off by one in root_nfs_cat() (git-fixes). - nfs: rename nfs_client_kset to nfs_kset (git-fixes). - nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). - nfsd: convert the callback workqueue to use delayed_work (git-fixes). - nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). - nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes). - nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes). - nfsd: fix file memleak on client_opens_release (git-fixes). - nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). - nfsd: lock_rename() needs both directories to live on the same fs (git-fixes). - nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes). - nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). - nfsd: retransmit callbacks after client reconnects (git-fixes). - nfsd: use vfs setgid helper (git-fixes). - nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). - nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). - nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). - nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). - nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). - nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). - nfsv4.2: fix wrong shrinker_id (git-fixes). - nfsv4: fix a nfs4_state_manager() race (git-fixes). - nfsv4: fix a state manager thread deadlock regression (git-fixes). - nilfs2: fix failure to detect dat corruption in btree and direct mappings (git-fixes). - nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). - nouveau/dmem: handle kcalloc() allocation failure (git-fixes). - nouveau: reset the bo resource bus info after an eviction (git-fixes). - ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). - nvme-fc: do not wait in vain when unloading module (git-fixes). - nvme: fix reconnection fail due to reserved tag allocation (git-fixes). - nvmet-fc: abort command when there is no binding (git-fixes). - nvmet-fc: avoid deadlock on delete association path (git-fixes). - nvmet-fc: defer cleanup using rcu properly (git-fixes). - nvmet-fc: hold reference on hostport match (git-fixes). - nvmet-fc: release reference on target port (git-fixes). - nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). - nvmet-fcloop: swap the list_add_tail arguments (git-fixes). - nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). - pci/aer: fix rootport attribute paths in ABI docs (git-fixes). - pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). - pci/dpc: print all TLP Prefixes, not just the first (git-fixes). - pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) - pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). - pci: add locking to RMW PCI Express Capability Register accessors (git-fixes). - pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). - pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). - pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-fixes). - pci: fu740: Set the number of MSI vectors (git-fixes). - pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-fixes). - pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). - pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). - pci: mediatek-gen3: Fix translation window size calculation (git-fixes). - pci: mediatek: Clear interrupt status before dispatching handler (git-fixes). - pci: qcom: Enable BDF to SID translation properly (git-fixes). - pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes). - pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). - pci: rockchip: Fix window mapping and address translation for endpoint (git-fixes). - pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). - pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-fixes). - pinctrl: mediatek: drop bogus slew rate register range for mt8192 (git-fixes). - platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). - pm: suspend: Set mem_sleep_current during kernel command line setup (git-fixes). - pnfs/flexfiles: check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). - pnfs: fix a hang in nfs4_evict_inode() (git-fixes). - pnfs: fix the pnfs block driver's calculation of layoutget size (git-fixes). - powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). - powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). - powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). - powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). - powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__ (bsc#1194869). - powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). - powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). - powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). - powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). - powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). - powerpc: add compile-time support for lbarx, lharx (bsc#1194869). - pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-fixes). - qedf: Do not process stag work during unload (bsc#1214852). - qedf: Wait for stag work during unload (bsc#1214852). - raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). - ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). - ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). - ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). - ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). - ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). - ras/amd/fmpm: Save SPA values (jsc#PED-7619). - ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). - ras: export helper to get ras_debugfs_dir (jsc#PED-7619). - rdma/device: fix a race between mad_client and cm_client init (git-fixes) - rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) - rdma/ipoib: fix error code return in ipoib_mcast_join (git-fixes) - rdma/irdma: remove duplicate assignment (git-fixes) - rdma/mana_ib: fix bug in creation of dma regions (git-fixes). - rdma/mlx5: fix fortify source warning while accessing eth segment (git-fixes) - rdma/mlx5: relax devx access upon modify commands (git-fixes) - rdma/rtrs-clt: check strnlen return len in sysfs mpath_policy_store() (git-fixes) - rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) - revert 'drm/amd: disable psr-su on parade 0803 tcon' (git-fixes). - revert 'drm/amd: disable s/g for apus when 64gb or more host memory' (git-fixes). - revert 'drm/amdgpu/display: change pipe policy for dcn 2.0' (git-fixes). - revert 'drm/amdgpu/display: change pipe policy for dcn 2.1' (git-fixes). - revert 'drm/vc4: hdmi: enforce the minimum rate at runtime_resume' (git-fixes). - revert 'fbdev: flush deferred io before closing (git-fixes).' (bsc#1221814) - revert 'pci: tegra194: enable support for 256 byte payload' (git-fixes). - revert 'revert 'drm/amdgpu/display: change pipe policy for dcn 2.0'' (git-fixes). - revert 'sunrpc dont update timeout value on connection reset' (git-fixes). - ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). - rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). - s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). - s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). - s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). - s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). - s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). - sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). - scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). - scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). - scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). - scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). - scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). - scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). - scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). - scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). - scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). - scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). - scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). - scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). - scsi: qedf: Remove unused declaration (bsc#1214852). - scsi: qla2xxx: Change debug message during driver unload (bsc1221816). - scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). - scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). - scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). - scsi: qla2xxx: Fix double free of fcport (bsc1221816). - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). - scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). - scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). - scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). - scsi: qla2xxx: Update manufacturer detail (bsc1221816). - scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). - scsi: storvsc: Fix ring buffer size calculation (git-fixes). - scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). - selftests/bpf: add generic BPF program tester-loader (bsc#1222033). - serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). - serial: max310x: fix syntax error in IRQ error message (git-fixes). - slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes). - soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). - spi: lm70llp: fix links in doc and comments (git-fixes). - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). - sr9800: Add check for usbnet_get_endpoints (git-fixes). - stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). - staging: vc04_services: fix information leak in create_component() (git-fixes). - sunrpc: add an is_err() check back to where it was (git-fixes). - sunrpc: econnreset might require a rebind (git-fixes). - sunrpc: fix a memleak in gss_import_v2_context (git-fixes). - sunrpc: fix a suspicious rcu usage warning (git-fixes). - sunrpc: fix rpc client cleaned up the freed pipefs dentries (git-fixes). - sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). - svcrdma: Drop connection after an RDMA Read error (git-fixes). - topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). - topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). - tracing/probes: Fix to show a parse error for bad type for $comm (git-fixes). - tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). - tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). - tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-fixes). - tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). - tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). - ubifs: Queue up space reservation tasks if retrying many times (git-fixes). - ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). - ubifs: Set page uptodate in the correct place (git-fixes). - ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). - ubifs: fix sort function prototype (git-fixes). - usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). - usb: cdc-wdm: close race between read and workqueue (git-fixes). - usb: core: fix deadlock in usb_deauthorize_interface() (git-fixes). - usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). - usb: dwc2: gadget: LPM flow fix (git-fixes). - usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). - usb: dwc2: host: Fix hibernation flow (git-fixes). - usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). - usb: dwc3: Properly set system wakeup (git-fixes). - usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). - usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). - usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes). - usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). - usb: port: Do not try to peer unused USB ports based on location (git-fixes). - usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). - usb: typec: ucsi: Check for notifications after init (git-fixes). - usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). - usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). - usb: usb-storage: prevent divide-by-0 error in isd200_ata_command (git-fixes). - usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). - vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). - vt: fix unicode buffer corruption when deleting characters (git-fixes). - watchdog: stm32_iwdg: initialize default timeout (git-fixes). - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). - wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). - wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). - wifi: b43: Disable QoS for bcm4331 (git-fixes). - wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-fixes). - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-fixes). - wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-fixes). - wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-fixes). - wifi: brcmsmac: avoid function pointer casts (git-fixes). - wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). - wifi: iwlwifi: fix EWRD table validity check (git-fixes). - wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). - wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). - wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). - wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). - wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-fixes). - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). - wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). - wifi: rtw88: 8821c: Fix false alarm count (git-fixes). - wifi: wilc1000: fix RCU usage in connect path (git-fixes). - wifi: wilc1000: fix declarations ordering (stable-fixes). - wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). - wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). - x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). - x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). - x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). - xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). - xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). Important SUSE bug 1194869 SUSE bug 1200465 SUSE bug 1205316 SUSE bug 1207948 SUSE bug 1209635 SUSE bug 1209657 SUSE bug 1212514 SUSE bug 1213456 SUSE bug 1214852 SUSE bug 1215221 SUSE bug 1215322 SUSE bug 1217339 SUSE bug 1217829 SUSE bug 1217959 SUSE bug 1217987 SUSE bug 1217988 SUSE bug 1217989 SUSE bug 1218321 SUSE bug 1218336 SUSE bug 1218479 SUSE bug 1218562 SUSE bug 1218643 SUSE bug 1218777 SUSE bug 1219169 SUSE bug 1219170 SUSE bug 1219264 SUSE bug 1219443 SUSE bug 1219834 SUSE bug 1220114 SUSE bug 1220176 SUSE bug 1220237 SUSE bug 1220251 SUSE bug 1220320 SUSE bug 1220325 SUSE bug 1220328 SUSE bug 1220337 SUSE bug 1220340 SUSE bug 1220365 SUSE bug 1220366 SUSE bug 1220393 SUSE bug 1220398 SUSE bug 1220411 SUSE bug 1220413 SUSE bug 1220433 SUSE bug 1220439 SUSE bug 1220443 SUSE bug 1220445 SUSE bug 1220466 SUSE bug 1220469 SUSE bug 1220478 SUSE bug 1220482 SUSE bug 1220484 SUSE bug 1220486 SUSE bug 1220487 SUSE bug 1220492 SUSE bug 1220703 SUSE bug 1220735 SUSE bug 1220736 SUSE bug 1220775 SUSE bug 1220790 SUSE bug 1220797 SUSE bug 1220831 SUSE bug 1220833 SUSE bug 1220836 SUSE bug 1220839 SUSE bug 1220840 SUSE bug 1220843 SUSE bug 1220845 SUSE bug 1220848 SUSE bug 1220870 SUSE bug 1220871 SUSE bug 1220872 SUSE bug 1220878 SUSE bug 1220879 SUSE bug 1220883 SUSE bug 1220885 SUSE bug 1220887 SUSE bug 1220898 SUSE bug 1220917 SUSE bug 1220918 SUSE bug 1220920 SUSE bug 1220921 SUSE bug 1220926 SUSE bug 1220927 SUSE bug 1220929 SUSE bug 1220930 SUSE bug 1220931 SUSE bug 1220932 SUSE bug 1220933 SUSE bug 1220937 SUSE bug 1220938 SUSE bug 1220940 SUSE bug 1220954 SUSE bug 1220955 SUSE bug 1220959 SUSE bug 1220960 SUSE bug 1220961 SUSE bug 1220965 SUSE bug 1220969 SUSE bug 1220978 SUSE bug 1220979 SUSE bug 1220981 SUSE bug 1220982 SUSE bug 1220983 SUSE bug 1220985 SUSE bug 1220986 SUSE bug 1220987 SUSE bug 1220989 SUSE bug 1220990 SUSE bug 1221009 SUSE bug 1221012 SUSE bug 1221015 SUSE bug 1221022 SUSE bug 1221039 SUSE bug 1221040 SUSE bug 1221044 SUSE bug 1221045 SUSE bug 1221046 SUSE bug 1221048 SUSE bug 1221055 SUSE bug 1221056 SUSE bug 1221058 SUSE bug 1221060 SUSE bug 1221061 SUSE bug 1221062 SUSE bug 1221066 SUSE bug 1221067 SUSE bug 1221068 SUSE bug 1221069 SUSE bug 1221070 SUSE bug 1221071 SUSE bug 1221077 SUSE bug 1221082 SUSE bug 1221090 SUSE bug 1221097 SUSE bug 1221156 SUSE bug 1221252 SUSE bug 1221273 SUSE bug 1221274 SUSE bug 1221276 SUSE bug 1221277 SUSE bug 1221291 SUSE bug 1221293 SUSE bug 1221298 SUSE bug 1221337 SUSE bug 1221338 SUSE bug 1221375 SUSE bug 1221379 SUSE bug 1221551 SUSE bug 1221553 SUSE bug 1221613 SUSE bug 1221614 SUSE bug 1221616 SUSE bug 1221618 SUSE bug 1221631 SUSE bug 1221633 SUSE bug 1221713 SUSE bug 1221725 SUSE bug 1221777 SUSE bug 1221814 SUSE bug 1221816 SUSE bug 1221830 SUSE bug 1221951 SUSE bug 1222033 SUSE bug 1222056 SUSE bug 1222060 SUSE bug 1222070 SUSE bug 1222073 SUSE bug 1222117 SUSE bug 1222274 SUSE bug 1222291 SUSE bug 1222300 SUSE bug 1222304 SUSE bug 1222317 SUSE bug 1222331 SUSE bug 1222355 SUSE bug 1222356 SUSE bug 1222360 SUSE bug 1222366 SUSE bug 1222373 SUSE bug 1222619 SUSE bug 1222952 CVE-2021-46925 at SUSE CVE-2021-46925 at NVD CVE-2021-46926 at SUSE CVE-2021-46926 at NVD CVE-2021-46927 at SUSE CVE-2021-46927 at NVD CVE-2021-46929 at SUSE CVE-2021-46929 at NVD CVE-2021-46930 at SUSE CVE-2021-46930 at NVD CVE-2021-46931 at SUSE CVE-2021-46931 at NVD CVE-2021-46933 at SUSE CVE-2021-46933 at NVD CVE-2021-46934 at SUSE CVE-2021-46934 at NVD CVE-2021-46936 at SUSE CVE-2021-46936 at NVD CVE-2021-47082 at SUSE CVE-2021-47082 at NVD CVE-2021-47083 at SUSE CVE-2021-47083 at NVD CVE-2021-47087 at SUSE CVE-2021-47087 at NVD CVE-2021-47091 at SUSE CVE-2021-47091 at NVD CVE-2021-47093 at SUSE CVE-2021-47093 at NVD CVE-2021-47094 at SUSE CVE-2021-47094 at NVD CVE-2021-47095 at SUSE CVE-2021-47095 at NVD CVE-2021-47096 at SUSE CVE-2021-47096 at NVD CVE-2021-47097 at SUSE CVE-2021-47097 at NVD CVE-2021-47098 at SUSE CVE-2021-47098 at NVD CVE-2021-47099 at SUSE CVE-2021-47099 at NVD CVE-2021-47100 at SUSE CVE-2021-47100 at NVD CVE-2021-47101 at SUSE CVE-2021-47101 at NVD CVE-2021-47102 at SUSE CVE-2021-47102 at NVD CVE-2021-47104 at SUSE CVE-2021-47104 at NVD CVE-2021-47105 at SUSE CVE-2021-47105 at NVD CVE-2021-47107 at SUSE CVE-2021-47107 at NVD CVE-2021-47108 at SUSE CVE-2021-47108 at NVD CVE-2022-4744 at SUSE CVE-2022-4744 at NVD CVE-2022-48626 at SUSE CVE-2022-48626 at NVD CVE-2022-48627 at SUSE CVE-2022-48627 at NVD CVE-2022-48628 at SUSE CVE-2022-48628 at NVD CVE-2022-48629 at SUSE CVE-2022-48629 at NVD CVE-2022-48630 at SUSE CVE-2022-48630 at NVD CVE-2023-0160 at SUSE CVE-2023-0160 at NVD CVE-2023-28746 at SUSE CVE-2023-28746 at NVD CVE-2023-35827 at SUSE CVE-2023-35827 at NVD CVE-2023-4881 at SUSE CVE-2023-4881 at NVD CVE-2023-52447 at SUSE CVE-2023-52447 at NVD CVE-2023-52450 at SUSE CVE-2023-52450 at NVD CVE-2023-52453 at SUSE CVE-2023-52453 at NVD CVE-2023-52454 at SUSE CVE-2023-52454 at NVD CVE-2023-52462 at SUSE CVE-2023-52462 at NVD CVE-2023-52463 at SUSE CVE-2023-52463 at NVD CVE-2023-52467 at SUSE CVE-2023-52467 at NVD CVE-2023-52469 at SUSE CVE-2023-52469 at NVD CVE-2023-52470 at SUSE CVE-2023-52470 at NVD CVE-2023-52474 at SUSE CVE-2023-52474 at NVD CVE-2023-52476 at SUSE CVE-2023-52476 at NVD CVE-2023-52477 at SUSE CVE-2023-52477 at NVD CVE-2023-52481 at SUSE CVE-2023-52481 at NVD CVE-2023-52482 at SUSE CVE-2023-52482 at NVD CVE-2023-52484 at SUSE CVE-2023-52484 at NVD CVE-2023-52486 at SUSE CVE-2023-52486 at NVD CVE-2023-52492 at SUSE CVE-2023-52492 at NVD CVE-2023-52493 at SUSE CVE-2023-52493 at NVD CVE-2023-52494 at SUSE CVE-2023-52494 at NVD CVE-2023-52497 at SUSE CVE-2023-52497 at NVD CVE-2023-52500 at SUSE CVE-2023-52500 at NVD CVE-2023-52501 at SUSE CVE-2023-52501 at NVD CVE-2023-52502 at SUSE CVE-2023-52502 at NVD CVE-2023-52504 at SUSE CVE-2023-52504 at NVD CVE-2023-52507 at SUSE CVE-2023-52507 at NVD CVE-2023-52508 at SUSE CVE-2023-52508 at NVD CVE-2023-52509 at SUSE CVE-2023-52509 at NVD CVE-2023-52510 at SUSE CVE-2023-52510 at NVD CVE-2023-52511 at SUSE CVE-2023-52511 at NVD CVE-2023-52513 at SUSE CVE-2023-52513 at NVD CVE-2023-52515 at SUSE CVE-2023-52515 at NVD CVE-2023-52517 at SUSE CVE-2023-52517 at NVD CVE-2023-52518 at SUSE CVE-2023-52518 at NVD CVE-2023-52519 at SUSE CVE-2023-52519 at NVD CVE-2023-52520 at SUSE CVE-2023-52520 at NVD CVE-2023-52523 at SUSE CVE-2023-52523 at NVD CVE-2023-52524 at SUSE CVE-2023-52524 at NVD CVE-2023-52525 at SUSE CVE-2023-52525 at NVD CVE-2023-52528 at SUSE CVE-2023-52528 at NVD CVE-2023-52529 at SUSE CVE-2023-52529 at NVD CVE-2023-52530 at SUSE CVE-2023-52530 at NVD CVE-2023-52531 at SUSE CVE-2023-52531 at NVD CVE-2023-52532 at SUSE CVE-2023-52532 at NVD CVE-2023-52559 at SUSE CVE-2023-52559 at NVD CVE-2023-52563 at SUSE CVE-2023-52563 at NVD CVE-2023-52564 at SUSE CVE-2023-52564 at NVD CVE-2023-52566 at SUSE CVE-2023-52566 at NVD CVE-2023-52567 at SUSE CVE-2023-52567 at NVD CVE-2023-52569 at SUSE CVE-2023-52569 at NVD CVE-2023-52574 at SUSE CVE-2023-52574 at NVD CVE-2023-52575 at SUSE CVE-2023-52575 at NVD CVE-2023-52576 at SUSE CVE-2023-52576 at NVD CVE-2023-52582 at SUSE CVE-2023-52582 at NVD CVE-2023-52583 at SUSE CVE-2023-52583 at NVD CVE-2023-52587 at SUSE CVE-2023-52587 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52594 at SUSE CVE-2023-52594 at NVD CVE-2023-52595 at SUSE CVE-2023-52595 at NVD CVE-2023-52597 at SUSE CVE-2023-52597 at NVD CVE-2023-52598 at SUSE CVE-2023-52598 at NVD CVE-2023-52599 at SUSE CVE-2023-52599 at NVD CVE-2023-52600 at SUSE CVE-2023-52600 at NVD CVE-2023-52601 at SUSE CVE-2023-52601 at NVD CVE-2023-52602 at SUSE CVE-2023-52602 at NVD CVE-2023-52603 at SUSE CVE-2023-52603 at NVD CVE-2023-52604 at SUSE CVE-2023-52604 at NVD CVE-2023-52605 at SUSE CVE-2023-52605 at NVD CVE-2023-52606 at SUSE CVE-2023-52606 at NVD CVE-2023-52607 at SUSE CVE-2023-52607 at NVD CVE-2023-52608 at SUSE CVE-2023-52608 at NVD CVE-2023-52612 at SUSE CVE-2023-52612 at NVD CVE-2023-52615 at SUSE CVE-2023-52615 at NVD CVE-2023-52617 at SUSE CVE-2023-52617 at NVD CVE-2023-52619 at SUSE CVE-2023-52619 at NVD CVE-2023-52621 at SUSE CVE-2023-52621 at NVD CVE-2023-52623 at SUSE CVE-2023-52623 at NVD CVE-2023-52628 at SUSE CVE-2023-52628 at NVD CVE-2023-52632 at SUSE CVE-2023-52632 at NVD CVE-2023-52637 at SUSE CVE-2023-52637 at NVD CVE-2023-52639 at SUSE CVE-2023-52639 at NVD CVE-2023-6270 at SUSE CVE-2023-6270 at NVD CVE-2023-6356 at SUSE CVE-2023-6356 at NVD CVE-2023-6535 at SUSE CVE-2023-6535 at NVD CVE-2023-6536 at SUSE CVE-2023-6536 at NVD CVE-2023-7042 at SUSE CVE-2023-7042 at NVD CVE-2023-7192 at SUSE CVE-2023-7192 at NVD CVE-2024-0841 at SUSE CVE-2024-0841 at NVD CVE-2024-2201 at SUSE CVE-2024-2201 at NVD CVE-2024-22099 at SUSE CVE-2024-22099 at NVD CVE-2024-23307 at SUSE CVE-2024-23307 at NVD CVE-2024-25739 at SUSE CVE-2024-25739 at NVD CVE-2024-25742 at SUSE CVE-2024-25742 at NVD CVE-2024-25743 at SUSE CVE-2024-25743 at NVD CVE-2024-26599 at SUSE CVE-2024-26599 at NVD CVE-2024-26600 at SUSE CVE-2024-26600 at NVD CVE-2024-26602 at SUSE CVE-2024-26602 at NVD CVE-2024-26607 at SUSE CVE-2024-26607 at NVD CVE-2024-26612 at SUSE CVE-2024-26612 at NVD CVE-2024-26614 at SUSE CVE-2024-26614 at NVD CVE-2024-26620 at SUSE CVE-2024-26620 at NVD CVE-2024-26627 at SUSE CVE-2024-26627 at NVD CVE-2024-26629 at SUSE CVE-2024-26629 at NVD CVE-2024-26642 at SUSE CVE-2024-26642 at NVD CVE-2024-26645 at SUSE CVE-2024-26645 at NVD CVE-2024-26646 at SUSE CVE-2024-26646 at NVD CVE-2024-26651 at SUSE CVE-2024-26651 at NVD CVE-2024-26654 at SUSE CVE-2024-26654 at NVD CVE-2024-26659 at SUSE CVE-2024-26659 at NVD CVE-2024-26664 at SUSE CVE-2024-26664 at NVD CVE-2024-26667 at SUSE CVE-2024-26667 at NVD CVE-2024-26670 at SUSE CVE-2024-26670 at NVD CVE-2024-26695 at SUSE CVE-2024-26695 at NVD CVE-2024-26717 at SUSE CVE-2024-26717 at NVD cpe:/o:suse:sle-micro:5.5 Security update for skopeo (Important) SUSE Linux Enterprise Micro 5.5 This update for skopeo fixes the following issues: - Update to version 1.14.2: * [release-1.14] Bump Skopeo to v1.14.2 * [release-1.14] Bump c/image to v5.29.2, c/common to v0.57.3 (fixes bsc#1219563) - Update to version 1.14.1: * Bump to v1.14.1 * fix(deps): update module github.com/containers/common to v0.57.2 * fix(deps): update module github.com/containers/image/v5 to v5.29.1 * chore(deps): update dependency containers/automation_images to v20240102 * Fix libsubid detection * fix(deps): update module golang.org/x/term to v0.16.0 * fix(deps): update golang.org/x/exp digest to 02704c9 * chore(deps): update dependency containers/automation_images to v20231208 * [skip-ci] Update actions/stale action to v9 * fix(deps): update module github.com/containers/common to v0.57.1 * fix(deps): update golang.org/x/exp digest to 6522937 * DOCS: add Gentoo in install.md * DOCS: Update to add Arch Linux in install.md * fix(deps): update module golang.org/x/term to v0.15.0 * Bump to v1.14.1-dev - Update to version 1.14.0: * Bump to v1.14.0 * fix(deps): update module github.com/containers/common to v0.57.0 * chore(deps): update dependency containers/automation_images to v20231116 * fix(deps): update module github.com/containers/image/v5 to v5.29.0 * Add documentation and smoke tests for the new --compat-auth-file options * Update c/image and c/common to latest * fix(deps): update module github.com/containers/storage to v1.51.0 * fix(deps): update module golang.org/x/term to v0.14.0 * fix(deps): update module github.com/spf13/cobra to v1.8.0 * [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.2 * [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.1 * fix(deps): update github.com/containers/common digest to 3e5caa0 * chore(deps): update module google.golang.org/grpc to v1.57.1 [security] * fix(deps): update module github.com/containers/ocicrypt to v1.1.9 * Update github.com/klauspost/compress to v1.17.2 * chore(deps): update module github.com/docker/docker to v24.0.7+incompatible [security] * Fix ENTRYPOINT documentation, drop others. * Remove unused environment variables in Cirrus * [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.0 * chore(deps): update dependency containers/automation_images to v20231004 * chore(deps): update module golang.org/x/net to v0.17.0 [security] * copy: Note support for `zstd:chunked` * fix(deps): update module golang.org/x/term to v0.13.0 * fix(deps): update module github.com/docker/distribution to v2.8.3+incompatible * fix(deps): update github.com/containers/common digest to 745eaa4 * Packit: switch to @containers/packit-build team for copr failure notification comments * Packit: tag @lsm5 on copr build failures * vendor of containers/common * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 * fix(deps): update module github.com/containers/common to v0.56.0 * Cirrus: Remove multi-arch skopeo image builds * fix(deps): update module github.com/containers/image/v5 to v5.28.0 * Increase the golangci-lint timeout * fix(deps): update module github.com/containers/storage to v1.50.2 * fix(deps): update module github.com/containers/storage to v1.50.1 * fix(deps): update golang.org/x/exp digest to 9212866 * Fix a man page link * fix(deps): update github.com/containers/image/v5 digest to 58d5eb6 * GHA: Closed issue/PR comment-lock test * fix(deps): update module github.com/containers/common to v0.55.4 * fix(deps): update module github.com/containers/storage to v1.49.0 * rpm: spdx compatible license field * chore(deps): update dependency golangci/golangci-lint to v1.54.2 * chore(deps): update dependency containers/automation_images to v20230816 * Packit: set eln target correctly * packit: Build PRs into default packit COPRs * DOCS: Update Go version requirement info * DOCS: Add information about the cross-build * fix(deps): update module github.com/containers/ocicrypt to v1.1.8 * fix(deps): update module github.com/containers/common to v0.55.3 * Update c/image after https://github.com/containers/image/pull/2070 * chore(deps): update dependency golangci/golangci-lint to v1.54.1 * chore(deps): update dependency containers/automation_images to v20230809 * fix(deps): update golang.org/x/exp digest to 352e893 * chore(deps): update dependency containers/automation_images to v20230807 * Update to Go 1.19 * fix(deps): update module golang.org/x/term to v0.11.0 * Update c/image for golang.org/x/exp * RPM: define gobuild macro for rhel/centos stream * Fix handling the unexpected return value combination from IsRunningImageAllowed * Close the PolicyContext, as required by the API * Use globalOptions.getPolicyContext instead of an image-targeted SystemContext * Packit: remove pre-sync action * fix(deps): update module github.com/containers/common to v0.55.2 * proxy: Change the imgid to uint64 * [CI:BUILD] Packit: install golist before updating downstream spec * Update module golang.org/x/term to v0.10.0 * Bump to v1.14.0-dev * Bump to v1.13.0 - Bump go version to 1.21 (bsc#1215611) - Update to version 1.13.2: * [release-1.13] Bump to v1.13.2 * [release-1.31] Bump c/common v0.55.3 * Packit: remove pre-sync action * [release-1.13] Bump to v1.13.2-dev - Update to version 1.13.1: * [release-1.13] Bump to v1.13.1 * [release-1.13] Bump c/common to v0.55.2 * [release-1.13 backport] [CI:BUILD] Packit: install golist before updating downstream spec * [release-1.13] Bump to v1.13.1-dev - Update to version 1.13.0: * Bump to v1.13.0 * proxy: Policy verification of OCI Image before pulling * Update module github.com/opencontainers/image-spec to v1.1.0-rc4 * Update module github.com/containers/common to v0.55.1 * Update module github.com/containers/common to v0.54.0 * Update module github.com/containers/image/v5 to v5.26.0 * [CI:BUILD] RPM: fix ELN builds * Update module github.com/containers/storage to v1.47.0 * Packit: easier to read distro conditionals * Update dependency golangci/golangci-lint to v1.53.3 * Help Renovate manage the golangci-lint version * Minor: Cleanup renovate configuration * Update dependency containers/automation_images to v20230614 * Update module golang.org/x/term to v0.9.0 * [CI:BUILD] Packit: add jobs for downstream Fedora package builds * Update module github.com/sirupsen/logrus to v1.9.3 * Update dependency containers/automation_images to v20230601 * Update golang.org/x/exp digest to 2e198f4 * Update github.com/containers/image/v5 digest to e14c1c5 * Update module github.com/stretchr/testify to v1.8.4 * Update module github.com/stretchr/testify to v1.8.3 * Update dependency containers/automation_images to v20230517 * Update module github.com/sirupsen/logrus to v1.9.2 * Update module github.com/docker/distribution to v2.8.2+incompatible * Trigger an update of the ostree_ext container image * Update c/image with https://github.com/containers/image/pull/1944 * Update module github.com/containers/common to v0.53.0 * Update module golang.org/x/term to v0.8.0 * Update dependency containers/automation_images to v20230426 * Update golang.org/x/exp digest to 47ecfdc * Emphasize the semantics of --preserve-digests a tiny bit * Improve the static build documentation a tiny bit * Bump to v1.12.1-dev Important SUSE bug 1215611 SUSE bug 1219563 cpe:/o:suse:sle-micro:5.5 Security update for rpm (Moderate) SUSE Linux Enterprise Micro 5.5 This update for rpm fixes the following issues: Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: - accept more signature subpackets marked as critical (bsc#1218686) - backport limit support for the autopatch macro (bsc#1189495) Moderate SUSE bug 1189495 SUSE bug 1191175 SUSE bug 1218686 CVE-2021-3521 at SUSE CVE-2021-3521 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sssd (Important) SUSE Linux Enterprise Micro 5.5 This update for sssd fixes the following issues: - CVE-2023-3758: Fixed race condition during authorization that lead to GPO policies functioning inconsistently (bsc#1223100) Important SUSE bug 1223100 CVE-2023-3758 at SUSE CVE-2023-3758 at NVD cpe:/o:suse:sle-micro:5.5 Security update for less (Important) SUSE Linux Enterprise Micro 5.5 This update for less fixes the following issues: - CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849) Important SUSE bug 1222849 CVE-2024-32487 at SUSE CVE-2024-32487 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237). - CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559). - CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250). - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447). - CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335). - CVE-2023-6606: Fixed an out-of-bounds read vulnerability in smbCalcSize in fs/smb/client/netmisc.c that could allow a local attacker to crash the system or leak internal kernel information (bsc#1217947). - CVE-2023-6610: Fixed an out-of-bounds read vulnerability in smb2_dump_detail in fs/smb/client/smb2ops.c that could allow a local attacker to crash the system or leak internal kernel information (bsc#1217946). - CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938). - CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258). - CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253). The following non-security bugs were fixed: - Documentation: KVM: add separate directories for architecture-specific documentation (jsc#PED-7167). - Documentation: KVM: update amd-memory-encryption.rst references (jsc#PED-7167). - Documentation: KVM: update msr.rst reference (jsc#PED-7167). - Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167). - Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167). - Documentation: drop more IDE boot options and ide-cd.rst (git-fixes). - Documentation: qat: Use code block for qat sysfs example (git-fixes). - Drop Documentation/ide/ (git-fixes). - Fix crash in vmw_context_cotables_unref when 3d support is enabled (bsc#1218738) - Fix crash on screen resize (bsc#1218229) - Fix drm gem object underflow (bsc#1218092) - Revert 'PCI/ASPM: Remove pcie_aspm_pm_state_change()' (git-fixes). - Revert 'PCI: acpiphp: Reassign resources on bridge if necessary' (git-fixes). - Revert 'md: unlock mddev before reap sync_thread in action_store' (git-fixes). - Revert 'swiotlb: panic if nslabs is too small' (git-fixes). - Revert 'xhci: Loosen RPM as default policy to cover for AMD xHC 1.1' (git-fixes). - Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces - acpi: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (git-fixes). - acpi: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects (git-fixes). - acpica: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes). - afs: Fix afs_server_list to be cleaned up with RCU (git-fixes). - afs: Fix dynamic root lookup DNS check (git-fixes). - afs: Fix file locking on R/O volumes to operate in local mode (git-fixes). - afs: Fix overwriting of result of DNS query (git-fixes). - afs: Fix refcount underflow from error handling race (git-fixes). - afs: Fix the dynamic root's d_delete to always delete unused dentries (git-fixes). - afs: Fix use-after-free due to get/remove race in volume tree (git-fixes). - afs: Make error on cell lookup failure consistent with OpenAFS (git-fixes). - afs: Return ENOENT if no cell DNS record can be found (git-fixes). - alsa: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro (git-fixes). - alsa: hda/hdmi: add force-connect quirk for NUC5CPYB (git-fixes). - alsa: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (git-fixes). - alsa: hda/realtek: Add Framework laptop 16 to quirks (git-fixes). - alsa: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes). - alsa: hda/realtek: Add supported ALC257 for ChromeOS (git-fixes). - alsa: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes). - alsa: hda/realtek: Enable headset on Lenovo M90 Gen5 (git-fixes). - alsa: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (git-fixes). - alsa: hda/realtek: Headset Mic VREF to 100% (git-fixes). - alsa: hda/realtek: add new Framework laptop to quirks (git-fixes). - alsa: hda/realtek: enable SND_PCI_QUIRK for hp pavilion 14-ec1xxx series (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for a HP ZBook (git-fixes). - alsa: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes). - alsa: hda: intel-dsp-cfg: add LunarLake support (git-fixes). - alsa: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes). - alsa: seq: oss: Fix racy open/close of MIDI devices (git-fixes). - alsa: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes). - alsa: usb-audio: Increase delay in MOTU M quirk (git-fixes). - apparmor: Free up __cleanup() name (jsc#PED-7167). - arm64: dts: arm: add missing cache properties (git-fixes) - arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes) - arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes) - arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes) - arm64: kdump: Skip kmemleak scan reserved memory for kdump (jsc#PED-7167). - arm64: mm: Fix 'rodata=on' when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes) - arm: OMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (git-fixes). - arm: PL011: Fix DMA support (git-fixes). - asoc: fsl_rpmsg: Fix error handler with pm_runtime_enable (git-fixes). - asoc: hdmi-codec: fix missing report for jack initial status (git-fixes). - asoc: meson: g12a-toacodec: Fix event generation (git-fixes). - asoc: meson: g12a-toacodec: Validate written enum values (git-fixes). - asoc: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (git-fixes). - asoc: meson: g12a-tohdmitx: Validate written enum values (git-fixes). - asoc: wm_adsp: fix memleak in wm_adsp_buffer_populate (git-fixes). - bitmap: unify find_bit operations (jsc#PED-7167). - block: fix revalidate performance regression (bsc#1216057). - bluetooth: Fix deadlock in vhci_send_frame (git-fixes). - bluetooth: L2CAP: Send reject on command corrupted request (git-fixes). - bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (git-fixes). - bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 (bsc#1218461). - bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (git-fixes). - bluetooth: hci_event: shut up a false-positive warning (git-fixes). - bluetooth: hci_qca: Fix the teardown problem for real (git-fixes). - bnxt: do not handle XDP in netpoll (jsc#PED-1495). - bnxt_en: Clear resource reservation during resume (jsc#PED-1495). - bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic (jsc#PED-1495). - bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495). - bnxt_en: Fix page pool logic for page size >= 64K (jsc#PED-1495). - bnxt_en: Fix wrong return value check in bnxt_close_nic() (jsc#PED-1495). - bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI (jsc#PED-1495). - bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes). - bus: ti-sysc: Flush posted write only after srst_udelay (git-fixes). - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1217980). - ceph: fix type promotion bug on 32bit systems (bsc#1217982). - cleanup: Make no_free_ptr() __must_check (jsc#PED-7167). - clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885 bsc#1217217). - clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested (bsc#1215885 bsc#1217217). - clocksource: Handle negative skews in 'skew is too large' messages (bsc#1215885 bsc#1217217). - clocksource: Improve 'skew is too large' messages (bsc#1215885 bsc#1217217). - clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217). - clocksource: Loosen clocksource watchdog constraints (bsc#1215885 bsc#1217217). - clocksource: Print clocksource name when clocksource is tested unstable (bsc#1215885 bsc#1217217). - clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885 bsc#1217217). - configfs-tsm: Introduce a shared ABI for attestation reports (jsc#PED-7167). - crypto: ccp - Add SEV_INIT rc error logging on init (jsc#PED-7167). - crypto: ccp - Add SEV_INIT_EX support (jsc#PED-7167). - crypto: ccp - Add a header for multiple drivers to use `__psp_pa` (jsc#PED-7167). - crypto: ccp - Add a quirk to firmware update (jsc#PED-7167). - crypto: ccp - Add psp_init_on_probe module parameter (jsc#PED-7167). - crypto: ccp - Drop TEE support for IRQ handler (jsc#PED-7167). - crypto: ccp - Ensure psp_ret is always init'd in __sev_platform_init_locked() (jsc#PED-7167). - crypto: ccp - Fail the PSP initialization when writing psp data file failed (jsc#PED-7167). - crypto: ccp - Fix the INIT_EX data file open failure (jsc#PED-7167). - crypto: ccp - Fix whitespace in sev_cmd_buffer_len() (jsc#PED-7167). - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (jsc#PED-7167). - crypto: ccp - Initialize PSP when reading psp data file failed (jsc#PED-7167). - crypto: ccp - Log when resetting PSP SEV state (jsc#PED-7167). - crypto: ccp - Move SEV_INIT retry for corrupted data (jsc#PED-7167). - crypto: ccp - Move some PSP mailbox bit definitions into common header (jsc#PED-7167). - crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (jsc#PED-7167). - crypto: ccp - Refactor out sev_fw_alloc() (jsc#PED-7167). - crypto: ccp - remove unneeded semicolon (jsc#PED-7167). - crypto: ccp: Get rid of __sev_platform_init_locked()'s local function pointer (jsc#PED-7167). - dm verity: initialize fec io before freeing it (git-fixes). - dm-verity: do not use blocking calls from tasklets (git-fixes). - dm: add cond_resched() to dm_wq_requeue_work() (git-fixes). - dm: do not attempt to queue IO under RCU protection (git-fixes). - dm: fix __send_duplicate_bios() to always allow for splitting IO (bsc#1215952). - dm: fix improper splitting for abnormal bios (bsc#1215952). - dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter (git-fixes). - dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776). - dmaengine: ioat: Free up __cleanup() name (jsc#PED-7167). - doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021) - doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021) - doc/README.SUSE: Simplify the list of references (jsc#PED-5021) - drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (git-fixes). - drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (bsc#1212139). - drm/amdgpu: Add EEPROM I2C address support for ip discovery (git-fixes). - drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes). - drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes). - drm/amdgpu: Decouple RAS EEPROM addresses from chips (git-fixes). - drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes). - drm/amdgpu: Remove second moot switch to set EEPROM I2C address (git-fixes). - drm/amdgpu: Return from switch early for EEPROM I2C address (git-fixes). - drm/amdgpu: Update EEPROM I2C address for smu v13_0_0 (git-fixes). - drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10 (git-fixes). - drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes). - drm/amdgpu: correct the amdgpu runtime dereference usage count (git-fixes). - drm/amdgpu: fix tear down order in amdgpu_vm_pt_free (git-fixes). - drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes). - drm/bridge: parade-ps8640: Never store more than msg->size bytes in AUX xfer (git-fixes). - drm/bridge: ps8640: Fix size mismatch warning w/ len (git-fixes). - drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS (git-fixes). - drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer (git-fixes). - drm/i915/display: Drop check for doublescan mode in modevalid (git-fixes). - drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (git-fixes). - drm/i915/dpt: Only do the POT stride remap when using DPT (git-fixes). - drm/i915/lvds: Use REG_BIT() & co (git-fixes). - drm/i915/mtl: limit second scaler vertical scaling in ver >= 14 (git-fixes). - drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo (git-fixes). - drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (git-fixes). - drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes). - drm/i915: Reject async flips with bigjoiner (git-fixes). - drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes). - drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal() (jsc#PED-7167). - drm/mediatek: Add spinlock for setting vblank event in atomic_begin (git-fixes). - drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (git-fixes). - efi/libstub: Implement support for unaccepted memory (jsc#PED-7167). - efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory (jsc#PED-7167). - efi/unaccepted: Fix off-by-one when checking for overlapping ranges (jsc#PED-7167). - efi/unaccepted: Fix soft lockups caused by parallel memory acceptance (jsc#PED-7167). - efi/unaccepted: Make sure unaccepted table is mapped (jsc#PED-7167). - efi/unaccepted: Use ACPI reclaim memory for unaccepted memory table (jsc#PED-7167). - efi/x86: Get full memory map in allocate_e820() (jsc#PED-7167). - efi: Add unaccepted memory support (jsc#PED-7167). - efi: libstub: avoid efi_get_memory_map() for allocating the virt map (jsc#PED-7167). - efi: libstub: install boot-time memory map as config table (jsc#PED-7167). - efi: libstub: remove DT dependency from generic stub (jsc#PED-7167). - efi: libstub: remove pointless goto kludge (jsc#PED-7167). - efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap (jsc#PED-7167). - efi: libstub: unify initrd loading between architectures (jsc#PED-7167). - floppy: fix MAX_ORDER usage (jsc#PED-7167). - fprobe: Fix to ensure the number of active retprobes is not zero (git-fixes). - fs/jfs: Add check for negative db_l2nbperpage (git-fixes). - fs/jfs: Add validity check for db_maxag and db_agpref (git-fixes). - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (git-fixes). - fs/remap: constrain dedupe of EOF blocks (git-fixes). - fs: avoid empty option when generating legacy mount string (git-fixes). - fs: fix an infinite loop in iomap_fiemap (git-fixes). - fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes). - genwqe: fix MAX_ORDER usage (jsc#PED-7167). - gfs2: Add wrapper for iomap_file_buffered_write (git-fixes). - gfs2: Check sb_bsize_shift after reading superblock (git-fixes). - gfs2: Clean up function may_grant (git-fixes). - gfs2: Fix filesystem block deallocation for short writes (git-fixes). - gfs2: Fix gfs2_release for non-writers regression (git-fixes). - gfs2: Fix inode height consistency check (git-fixes). - gfs2: Fix length of holes reported at end-of-file (git-fixes). - gfs2: Fix possible data races in gfs2_show_options() (git-fixes). - gfs2: Improve gfs2_make_fs_rw error handling (git-fixes). - gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes). - gfs2: Silence 'suspicious RCU usage in gfs2_permission' warning (git-fixes). - gfs2: Switch from strlcpy to strscpy (git-fixes). - gfs2: fix an oops in gfs2_permission (git-fixes). - gfs2: gfs2_setattr_size error path fix (git-fixes). - gfs2: ignore negated quota changes (git-fixes). - gfs2: jdata writepage fix (git-fixes). - gfs2: use i_lock spin_lock for inode qadata (git-fixes). - gpiolib: sysfs: Fix error handling on failed export (git-fixes). - gve: Fixes for napi_poll when budget is 0 (git-fixes). - gve: Use size_add() in call to struct_size() (git-fixes). - hid: add ALWAYS_POLL quirk for Apple kb (git-fixes). - hid: glorious: fix Glorious Model I HID report (git-fixes). - hid: hid-asus: add const to read-only outgoing usb buffer (git-fixes). - hid: hid-asus: reset the backlight brightness level on resume (git-fixes). - hid: lenovo: Restrict detection of patched firmware only to USB cptkbd (git-fixes). - hid: multitouch: Add quirk for HONOR GLO-GXXX touchpad (git-fixes). - hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes). - hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (git-fixes). - i2c: aspeed: Handle the coalesced stop conditions with the start conditions (git-fixes). - i2c: core: Fix atomic xfer check for non-preempt config (git-fixes). - i2c: designware: Fix corrupted memory seen in the ISR (git-fixes). - i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372). - i40e: Fix VF VLAN offloading when port VLAN is configured (jsc#PED-372). - i40e: Fix unexpected MFS warning message (jsc#PED-372). - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (jsc#PED-372). - i40e: fix misleading debug logs (jsc#PED-372). - i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() (jsc#PED-372). - i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372). - i40e: prevent crash on probe if hw registers have invalid values (jsc#PED-372). - ib/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes) - ib/mlx5: Fix rdma counter binding for RAW QP (git-fixes) - igb: Avoid starting unnecessary workqueues (jsc#PED-370). - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370). - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (jsc#PED-370). - igb: clean up in all error paths when enabling SR-IOV (jsc#PED-370). - igb: disable virtualization features on 82580 (jsc#PED-370). - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370). - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-375). - igc: Expose tx-usecs coalesce setting to user (jsc#PED-375). - igc: Fix ambiguity in the ethtool advertising (jsc#PED-375). - igc: Fix infinite initialization loop with early XDP redirect (jsc#PED-375). - igc: Fix the typo in the PTM Control macro (jsc#PED-375). - iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (git-fixes). - iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (git-fixes). - iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (git-fixes). - iio: triggered-buffer: prevent possible freeing of wrong buffer (git-fixes). - input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN (git-fixes). - input: ipaq-micro-keys - add error handling for devm_kmemdup (git-fixes). - input: soc_button_array - add mapping for airplane mode button (git-fixes). - input: xpad - add HyperX Clutch Gladiate Support (git-fixes). - interconnect: Treat xlate() returning NULL node as an error (git-fixes). - iomap: Fix iomap_dio_rw return value for user copies (git-fixes). - iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (jsc#PED-7167). - iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes). - jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes). - jfs: fix array-index-out-of-bounds in diAlloc (git-fixes). - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount (git-fixes). - jfs: validate max amount of blocks before allocation (git-fixes). - kABI: Preserve the type of rethook::handler (git-fixes). - kABI: restore void return to typec_altmode_attention (git-fixes). - kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes, as used only locally for asus-wmi stuff - kabi/severities: make snp_issue_guest_request PASS (jsc#PED-7167) - kabi: fix of_reserved_mem_* due to struct vm_struct became defined (jsc#PED-7167). - kabi: fix sev-dev due to fs_struct became defined (jsc#PED-7167). - kabi: fix struct efi after adding unaccepted memory table (jsc#PED-7167). - kabi: fix struct zone kabi after adding unaccepted_pages and NR_UNACCEPTED (jsc#PED-7167). - kbuild: Drop -Wdeclaration-after-statement (jsc#PED-7167). - kconfig: fix memory leak from range properties (git-fixes). - kprobes: consistent rcu api usage for kretprobe holder (git-fixes). - kvm: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167). - kvm: s390/mm: Properly reset no-dat (git-fixes bsc#1218056). - kvm: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933). - lib/vsprintf: Fix %pfwf when current node refcount == 0 (git-fixes). - libceph: use kernel_connect() (bsc#1217981). - locking: Introduce __cleanup() based infrastructure (jsc#PED-7167). - locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes). - md/bitmap: do not set max_write_behind if there is no write mostly device (git-fixes). - md/md-bitmap: hold 'reconfig_mutex' in backlog_store() (git-fixes). - md/md-bitmap: remove unnecessary local variable in backlog_store() (git-fixes). - md/raid0: add discard support for the 'original' layout (git-fixes). - md/raid10: do not call bio_start_io_acct twice for bio which experienced read error (git-fixes). - md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (git-fixes). - md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes). - md/raid10: fix io loss while replacement replace rdev (git-fixes). - md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes). - md/raid10: fix memleak for 'conf->bio_split' (git-fixes). - md/raid10: fix memleak of md thread (git-fixes). - md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes). - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes). - md/raid10: fix overflow of md/safe_mode_delay (git-fixes). - md/raid10: fix task hung in raid10d (git-fixes). - md/raid10: fix the condition to call bio_end_io_acct() (git-fixes). - md/raid10: fix wrong setting of max_corr_read_errors (git-fixes). - md/raid10: prevent soft lockup while flush writes (git-fixes). - md/raid10: use dereference_rdev_and_rrdev() to get devices (git-fixes). - md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes). - md/raid1: free the r1bio before waiting for blocked rdev (git-fixes). - md/raid1: hold the barrier until handle_read_error() finishes (git-fixes). - md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes). - md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() (git-fixes). - md/raid5: fix miscalculation of 'end_sector' in raid5_read_one_chunk() (git-fixes). - md: Put the right device in md_seq_next (bsc#1217822). - md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes). - md: avoid signed overflow in slot_store() (git-fixes). - md: do not update recovery_cp when curr_resync is ACTIVE (git-fixes). - md: drop queue limitation for RAID1 and RAID10 (git-fixes). - md: raid0: account for split bio in iostat accounting (git-fixes). - md: raid10 add nowait support (git-fixes). - md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes). - md: restore 'noio_flag' for the last mddev_resume() (git-fixes). - md: select BLOCK_LEGACY_AUTOLOAD (git-fixes). - memblock: exclude MEMBLOCK_NOMAP regions from kmemleak (jsc#PED-7167). - memblock: make memblock_find_in_range method private (jsc#PED-7167). - misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write (git-fixes). - misc: mei: client.c: return negative error code in mei_cl_write (git-fixes). - mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files. - mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks (jsc#PED-7167). - mm/pgtable: Fix multiple -Wstringop-overflow warnings (jsc#PED-7167). - mm/slab: Add __free() support for kvfree (jsc#PED-7167). - mm/slub: fix MAX_ORDER usage in calculate_order() (jsc#PED-7167). - mm: Add PAGE_ALIGN_DOWN macro (jsc#PED-7167). - mm: Add support for unaccepted memory (jsc#PED-7167). - mm: add pageblock_align() macro (jsc#PED-7167). - mm: add pageblock_aligned() macro (jsc#PED-7167). - mm: avoid passing 0 to __ffs() (jsc#PED-7167). - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515). - mm: move kvmalloc-related functions to slab.h (jsc#PED-7167). - mm: new primitive kvmemdup() (jsc#PED-7167). - mm: reuse pageblock_start/end_pfn() macro (jsc#PED-7167). - mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes). - mmc: rpmb: fixes pause retune on all RPMB partitions (git-fixes). - mmc: sdhci-sprd: Fix eMMC init failure after hw reset (git-fixes). - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (git-fixes). - net/rose: Fix Use-After-Free in rose_ioctl (git-fixes). - net/smc: Fix pos miscalculation in statistics (bsc#1218139). - net/tg3: fix race condition in tg3_reset_task() (bsc#1217801). - net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes). - net: bnxt: fix a potential use-after-free in bnxt_init_tc (jsc#PED-1495). - net: ena: Destroy correct number of xdp queues upon failure (git-fixes). - net: ena: Fix XDP redirection error (git-fixes). - net: ena: Fix xdp drops handling due to multibuf packets (git-fixes). - net: ena: Flush XDP packets on error (git-fixes). - net: mana: select PAGE_POOL (git-fixes). - net: rfkill: gpio: set GPIO direction (git-fixes). - net: usb: ax88179_178a: avoid failed operations when device is disconnected (git-fixes). - net: usb: ax88179_178a: clean up pm calls (git-fixes). - net: usb: ax88179_178a: wol optimizations (git-fixes). - net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes). - nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local (git-fixes). - nfs: Fix O_DIRECT locking issues (bsc#1211162). - nfs: Fix a few more clear_bit() instances that need release semantics (bsc#1211162). - nfs: Fix a potential data corruption (bsc#1211162). - nfs: Fix a use after free in nfs_direct_join_group() (bsc#1211162). - nfs: Fix error handling for O_DIRECT write scheduling (bsc#1211162). - nfs: More O_DIRECT accounting fixes for error paths (bsc#1211162). - nfs: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162). - nfs: Use the correct commit info in nfs_join_page_group() (bsc#1211162). - nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162). - nilfs2: fix missing error check for sb_set_blocksize call (git-fixes). - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (git-fixes). - nlm: Defend against file_lock changes after vfs_test_lock() (bsc#1217692). - null_blk: fix poll request timeout handling (git-fixes). - nvme-core: check for too small lba shift (bsc#1214117). - nvme-pci: Add sleep quirk for Kingston drives (git-fixes). - nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev (git-fixes). - nvme-pci: do not set the NUMA node of device if it has none (git-fixes). - nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes). - nvme-rdma: do not try to stop unallocated queues (git-fixes). - nvme: sanitize metadata bounce buffer for reads (git-fixes). - nvmet-auth: complete a request only after freeing the dhchap pointers (git-fixes). - of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem (jsc#PED-7167). - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes). - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (git-fixes). - orangefs: Fix sysfs not cleanup when dev init failed (git-fixes). - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (git-fixes). - padata: Fix refcnt handling in padata_free_shell() (git-fixes). - parport: Add support for Brainboxes IX/UC/PX parallel cards (git-fixes). - pci: loongson: Limit MRRS to 256 (git-fixes). - perf/core: fix MAX_ORDER usage in rb_alloc_aux_page() (jsc#PED-7167). - pinctrl: at91-pio4: use dedicated lock class for IRQ (git-fixes). - platform/surface: aggregator: fix recv_buf() return value (git-fixes). - platform/x86: asus-wmi: Add support for ROG X13 tablet mode (git-fixes). - platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (git-fixes). - platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (git-fixes). - platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code (git-fixes). - platform/x86: asus-wmi: Simplify tablet-mode-switch handling (git-fixes). - platform/x86: asus-wmi: Simplify tablet-mode-switch probing (git-fixes). - platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct wmi_driver (git-fixes). - platform/x86: wmi: Skip blocks with zero instances (git-fixes). - powerpc/pseries/vas: Migration suspend waits for no in-progress open windows (bsc#1218397 ltc#204523). - qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info (jsc#PED-1526). - qed: Fix a potential use-after-free in qed_cxt_tables_alloc (jsc#PED-1526). - qed: fix LL2 RX buffer allocation (jsc#PED-1526). - qede: fix firmware halt over suspend and resume (jsc#PED-1526). - qla2xxx: add debug log for deprecated hw detected (bsc#1216032). - r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes). - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes). - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (git-fixes). - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (git-fixes). - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes). - r8169: Fix PCI error on system resume (git-fixes). - rdma/bnxt_re: Correct module description string (jsc#PED-1495). - rdma/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes) - rdma/hfi1: Use FIELD_GET() to extract Link Width (git-fixes) - rdma/hfi1: Workaround truncation compilation error (git-fixes) - rdma/hns: Add check for SL (git-fixes) - rdma/hns: Fix printing level of asynchronous events (git-fixes) - rdma/hns: Fix signed-unsigned mixed comparisons (git-fixes) - rdma/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes) - rdma/hns: The UD mode can only be configured with DCQCN (git-fixes) - regmap: fix bogus error on regcache_sync success (git-fixes). - reiserfs: Check the return value from __getblk() (git-fixes). - reiserfs: Replace 1-element array with C99 style flex-array (git-fixes). - remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569). - reset: Fix crash when freeing non-existent optional resets (git-fixes). - restore renamed device IDs for USB HID devices (git-fixes). - rethook: Fix to use WRITE_ONCE() for rethook:: Handler (git-fixes). - rethook: Use __rcu pointer for rethook::handler (git-fixes). - ring-buffer: Do not try to put back write_stamp (git-fixes). - ring-buffer: Do not update before stamp when switching sub-buffers (git-fixes). - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (git-fixes). - ring-buffer: Fix memory leak of free page (git-fixes). - ring-buffer: Fix slowpath of interrupted event (git-fixes). - ring-buffer: Fix wake ups when buffer_percent is set to 100 (git-fixes). - ring-buffer: Fix writing to the buffer with max_data_size (git-fixes). - ring-buffer: Force absolute timestamp on discard of event (git-fixes). - ring-buffer: Have saved event hold the entire event (git-fixes). - ring-buffer: Remove useless update to write_stamp in rb_try_to_discard() (git-fixes). - s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218357). - scsi: lpfc: use unsigned type for num_sge (bsc#1214747). - serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (git-fixes). - serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (git-fixes). - serial: sc16is7xx: address RX timeout interrupt errata (git-fixes). - soundwire: stream: fix NULL pointer dereference for multi_link (git-fixes). - spi: atmel: Fix clock issue when using devices with different polarities (git-fixes). - statfs: enforce statfs[64] structure initialization (git-fixes). - supported.conf: add drivers/virt/coco/tsm (jsc#PED-7167) - swiotlb: always set the number of areas before allocating the pool (git-fixes). - swiotlb: do not panic! (git-fixes). - swiotlb: fix a braino in the alignment check fix (bsc#1216559). - swiotlb: fix debugfs reporting of reserved memory pools (git-fixes). - swiotlb: fix slot alignment checks (bsc#1216559). - swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes). - swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes). - swiotlb: reduce the number of areas to match actual memory pool size (git-fixes). - swiotlb: reduce the swiotlb buffer size on allocation failure (git-fixes). - swiotlb: use the calculated number of areas (git-fixes). - tracing / synthetic: Disable events after testing in synth_event_gen_test_init() (git-fixes). - tracing/kprobes: Fix the description of variable length arguments (git-fixes). - tracing/kprobes: Fix the order of argument descriptions (git-fixes). - tracing/perf: Add interrupt_context_level() helper (git-fixes). - tracing/synthetic: fix kernel-doc warnings (git-fixes). - tracing: Always update snapshot buffer size (git-fixes). - tracing: Disable preemption when using the filter buffer (bsc#1217036). - tracing: Disable snapshot buffer when stopping instance tracers (git-fixes). - tracing: Fix a possible race when disabling buffered events (bsc#1217036). - tracing: Fix a warning when allocating buffered events fails (bsc#1217036). - tracing: Fix blocked reader of snapshot buffer (git-fixes). - tracing: Fix incomplete locking when disabling buffered events (bsc#1217036). - tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036). - tracing: Have the user copy of synthetic event address use correct context (git-fixes). - tracing: Reuse logic from perf's get_recursion_context() (git-fixes). - tracing: Set actual size after ring buffer resize (git-fixes). - tracing: Stop current tracer when resizing buffer (git-fixes). - tracing: Update snapshot buffer on resize if it is allocated (git-fixes). - tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver() (bsc#1217036). - tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes). - uapi: propagate __struct_group() attributes to the container union (jsc#SLE-18978). - ubifs: Fix memory leak of bud->log_hash (git-fixes). - ubifs: fix possible dereference after free (git-fixes). - usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate 3.0 G3 (git-fixes). - usb: aqc111: check packet for fixup for true limit (git-fixes). - usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (git-fixes). - usb: host: xhci-plat: fix possible kernel oops while resuming (git-fixes). - usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes). - usb: serial: ftdi_sio: update Actisense PIDs constant names (git-fixes). - usb: serial: option: add Foxconn T99W265 with new baseline (git-fixes). - usb: serial: option: add Quectel EG912Y module support (git-fixes). - usb: serial: option: add Quectel RM500Q R13 firmware support (git-fixes). - usb: typec: bus: verify partner exists in typec_altmode_attention (git-fixes). - usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). - usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325 (git-fixes). - virt/coco/sev-guest: Double-buffer messages (jsc#PED-7167). - virt: coco: Add a coco/Makefile and coco/Kconfig (jsc#PED-7167). - virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT (jsc#PED-7167). - virt: sevguest: Fix passing a stack buffer as a scatterlist target (jsc#PED-7167). - virt: sevguest: Prep for kernel internal get_ext_report() (jsc#PED-7167). - virt: tdx-guest: Add Quote generation support using TSM_REPORTS (jsc#PED-7167). - vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602). - wifi: cfg80211: Add my certificate (git-fixes). - wifi: cfg80211: fix certs build to not depend on file order (git-fixes). - wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (git-fixes). - wifi: iwlwifi: pcie: do not synchronize IRQs from IRQ (git-fixes). - wifi: mac80211: mesh: check element parsing succeeded (git-fixes). - wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes). - x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes). - x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes). - x86/alternatives: Disable interrupts and sync when optimizing NOPs in place (git-fixes). - x86/alternatives: Sync core before enabling interrupts (git-fixes). - x86/boot/compressed: Handle unaccepted memory (jsc#PED-7167). - x86/boot/compressed: Reserve more memory for page tables (git-fixes). - x86/boot: Add an efi.h header for the decompressor (jsc#PED-7167). - x86/boot: Centralize __pa()/__va() definitions (jsc#PED-7167). - x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes). - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes). - x86/cpu: Do not write CSTAR MSR on Intel CPUs (jsc#PED-7167). - x86/cpu: Fix amd_check_microcode() declaration (git-fixes). - x86/efi: Safely enable unaccepted memory in UEFI (jsc#PED-7167). - x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927). - x86/entry: Do not allow external 0x80 interrupts (bsc#1217927). - x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes). - x86/fpu: Invalidate FPU state correctly on exec() (git-fixes). - x86/platform/uv: Use alternate source for socket to node data (bsc#1215696 bsc#1217790). - x86/purgatory: Remove LTO flags (git-fixes). - x86/resctrl: Fix kernel-doc warnings (git-fixes). - x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (jsc#PED-7167). - x86/sev-es: Use insn_decode_mmio() for MMIO implementation (jsc#PED-7167). - x86/sev: Add SNP-specific unaccepted memory support (jsc#PED-7167). - x86/sev: Allow for use of the early boot GHCB for PSC requests (jsc#PED-7167). - x86/sev: Change npages to unsigned long in snp_accept_memory() (jsc#PED-7167). - x86/sev: Change snp_guest_issue_request()'s fw_err argument (jsc#PED-7167). - x86/sev: Fix address space sparse warning (jsc#PED-7167). - x86/sev: Get rid of special sev_es_enable_key (jsc#PED-7167). - x86/sev: Mark snp_abort() noreturn (jsc#PED-7167). - x86/sev: Put PSC struct on the stack in prep for unaccepted memory support (jsc#PED-7167). - x86/sev: Use large PSC requests if applicable (jsc#PED-7167). - x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes). - x86/srso: Add SRSO mitigation for Hygon processors (git-fixes). - x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes). - x86/srso: Fix vulnerability reporting for missing microcode (git-fixes). - x86/tdx: Add unaccepted memory support (jsc#PED-7167). - x86/tdx: Disable NOTIFY_ENABLES (jsc#PED-7167). - x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot stub (jsc#PED-7167). - x86/tdx: Refactor try_accept_one() (jsc#PED-7167). - x86/tdx: Relax SEPT_VE_DISABLE check for debug TD (jsc#PED-7167). - x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE (jsc#PED-7167). - x86/tsc: Add option to force frequency recalibration with HW timer (bsc#1215885 bsc#1217217). - x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217). - x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885 bsc#1217217). - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes). - xfs: Rename __xfs_attr_rmtval_remove (git-fixes). - xfs: Use kvcalloc() instead of kvzalloc() (git-fixes). - xfs: aborting inodes on shutdown may need buffer lock (git-fixes). - xfs: add selinux labels to whiteout inodes (git-fixes). - xfs: clean up '%Ld/%Lu' which does not meet C standard (git-fixes). - xfs: convert flex-array declarations in struct xfs_attrlist* (git-fixes). - xfs: convert flex-array declarations in xfs attr leaf blocks (git-fixes). - xfs: convert flex-array declarations in xfs attr shortform objects (git-fixes). - xfs: decode scrub flags in ftrace output (git-fixes). - xfs: dump log intent items that cannot be recovered due to corruption (git-fixes). - xfs: fix a bug in the online fsck directory leaf1 bestcount check (git-fixes). - xfs: fix agf_fllast when repairing an empty AGFL (git-fixes). - xfs: fix incorrect unit conversion in scrub tracepoint (git-fixes). - xfs: fix silly whitespace problems with kernel libxfs (git-fixes). - xfs: fix uninit warning in xfs_growfs_data (git-fixes). - xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes). - xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes). - xfs: remove kmem_alloc_io() (git-fixes). - xfs: remove the xfs_dinode_t typedef (git-fixes). - xfs: remove the xfs_dqblk_t typedef (git-fixes). - xfs: remove the xfs_dsb_t typedef (git-fixes). - xfs: rename xfs_has_attr() (git-fixes). - xfs: replace snprintf in show functions with sysfs_emit (git-fixes). - xfs: return EINTR when a fatal signal terminates scrub (git-fixes). - xfs: sb verifier does not handle uncached sb buffer (git-fixes). - xfs: simplify two-level sysctl registration for xfs_table (git-fixes). - xfs: sysfs: use default_groups in kobj_type (git-fixes). - xfs: use swap() to make dabtree code cleaner (git-fixes). - xhci: Clear EHB bit only at end of interrupt handler (git-fixes). Important SUSE bug 1179610 SUSE bug 1183045 SUSE bug 1211162 SUSE bug 1211226 SUSE bug 1212139 SUSE bug 1212584 SUSE bug 1214117 SUSE bug 1214158 SUSE bug 1214747 SUSE bug 1214823 SUSE bug 1215237 SUSE bug 1215696 SUSE bug 1215885 SUSE bug 1215952 SUSE bug 1216032 SUSE bug 1216057 SUSE bug 1216559 SUSE bug 1216776 SUSE bug 1217036 SUSE bug 1217217 SUSE bug 1217250 SUSE bug 1217602 SUSE bug 1217692 SUSE bug 1217790 SUSE bug 1217801 SUSE bug 1217822 SUSE bug 1217927 SUSE bug 1217933 SUSE bug 1217938 SUSE bug 1217946 SUSE bug 1217947 SUSE bug 1217980 SUSE bug 1217981 SUSE bug 1217982 SUSE bug 1218056 SUSE bug 1218092 SUSE bug 1218139 SUSE bug 1218184 SUSE bug 1218229 SUSE bug 1218234 SUSE bug 1218253 SUSE bug 1218258 SUSE bug 1218335 SUSE bug 1218357 SUSE bug 1218397 SUSE bug 1218447 SUSE bug 1218461 SUSE bug 1218515 SUSE bug 1218559 SUSE bug 1218569 SUSE bug 1218643 SUSE bug 1218738 CVE-2020-26555 at SUSE CVE-2020-26555 at NVD CVE-2023-51779 at SUSE CVE-2023-51779 at NVD CVE-2023-6121 at SUSE CVE-2023-6121 at NVD CVE-2023-6531 at SUSE CVE-2023-6531 at NVD CVE-2023-6546 at SUSE CVE-2023-6546 at NVD CVE-2023-6606 at SUSE CVE-2023-6606 at NVD CVE-2023-6610 at SUSE CVE-2023-6610 at NVD CVE-2023-6622 at SUSE CVE-2023-6622 at NVD CVE-2023-6931 at SUSE CVE-2023-6931 at NVD CVE-2023-6932 at SUSE CVE-2023-6932 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tpm2-0-tss (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tpm2-0-tss fixes the following issues: - CVE-2024-29040: Fixed quote data validation by Fapi_VerifyQuote (bsc#1223690). Moderate SUSE bug 1223690 CVE-2024-29040 at SUSE CVE-2024-29040 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tpm2.0-tools (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tpm2.0-tools fixes the following issues: - CVE-2024-29038: Fixed arbitrary quote data validation by tpm2_checkquote (bsc#1223687). - CVE-2024-29039: Fixed pcr selection value to be compared with the attest (bsc#1223689). Moderate SUSE bug 1223687 SUSE bug 1223689 CVE-2024-29038 at SUSE CVE-2024-29038 at NVD CVE-2024-29039 at SUSE CVE-2024-29039 at NVD cpe:/o:suse:sle-micro:5.5 Recommended update for google-cloud SDK (Moderate) SUSE Linux Enterprise Micro 5.5 This update for google-cloud SDK fixes the following issues: - Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697) - Bellow 5 binaries Obsolete the python3.6 counterpart: python311-google-resumable-media python311-google-api-core python311-google-cloud-storage python311-google-cloud-core python311-googleapis-common-protos - Regular python311 updates (without Obsoletes): python-google-auth python-grpcio python-sqlparse - New python311 packages: libcrc32c python-google-cloud-appengine-logging python-google-cloud-artifact-registry python-google-cloud-audit-log python-google-cloud-build python-google-cloud-compute python-google-cloud-dns python-google-cloud-domains python-google-cloud-iam python-google-cloud-kms-inventory python-google-cloud-kms python-google-cloud-logging python-google-cloud-run python-google-cloud-secret-manager python-google-cloud-service-directory python-google-cloud-spanner python-google-cloud-vpc-access python-google-crc32c python-grpc-google-iam-v1 python-grpcio-status python-proto-plus In python-sqlparse this security issue was fixed: CVE-2023-30608: Fixed parser that contained a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service) (bsc#1210617) Moderate SUSE bug 1210617 CVE-2023-30608 at SUSE CVE-2023-30608 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596). - CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834). - CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822). - CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). - CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714). - CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821). - CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816). - CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790). - CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). - CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). - CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). - CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634). - CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644). - CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645). - CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646). - CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648). - CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655). - CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660). - CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661). - CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). - CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525). - CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). - CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042). - CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196). - CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190). - CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). - CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). - CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034). - CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041). - CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066). - CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). - CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024). - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). - CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076). - CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). - CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052). - CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). - CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061). - CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). - CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030). - CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968). - CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012). - CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). - CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). - CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801). - CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). - CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). - CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615). - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). - CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). - CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) - CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). - CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). - CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). - CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724). - CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). - CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677). - CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557). - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). - CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536). - CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416). - CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). - CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549). - CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). - CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437). - CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445). - CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431). - CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427). - CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). - CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368). - CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). - CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266). - CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307). - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). - CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). - CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). - CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). - CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033). - CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247). - CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). - CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051). - CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). - CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). - CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). - CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042). - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). - CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). - CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084). - CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080). - CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935). - CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915). - CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162). - CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). - CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498). - CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496). - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). - CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478). - CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499). - CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). - CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710). - CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) - CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838). - CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832). - CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). - CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). - CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). - CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). - CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). The following non-security bugs were fixed: - ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes). - ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes). - ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes). - ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes). - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes). - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes). - ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes). - ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes). - ALSA: scarlett2: Add correct product series name to messages (stable-fixes). - ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes). - ALSA: scarlett2: Default mixer driver to enabled (stable-fixes). - ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes). - ASoC: meson: axg-card: make links nonatomic (git-fixes). - ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes). - ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes). - ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes). - ASoC: tegra: Fix DSPK 16-bit playback (git-fixes). - ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes). - Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes). - Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes). - Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes). - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes). - Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes). - Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes). - Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes). - Bluetooth: add quirk for broken address properties (git-fixes). - Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes). - Bluetooth: btintel: Fixe build regression (git-fixes). - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes). - Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes). - Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes). - Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes). - Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes). - Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes). - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes). - HID: logitech-dj: allow mice to use all types of reports (git-fixes). - HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes). - Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes). - NFC: trf7970a: disable all regulators on removal (git-fixes). - NFS: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). - PCI/AER: Block runtime suspend when handling errors (git-fixes). - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes). - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes). - PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes). - PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes). - PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes). - PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888). - RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). - RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes). - RDMA/cm: add timeout to cm_destroy_id wait (git-fixes) - Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes). - Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes). - Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes). - Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275) - Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes). - Revert 'usb: phy: generic: Get the vbus supply' (git-fixes). - USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes). - USB: serial: add device ID for VeriFone adapter (stable-fixes). - USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes). - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes). - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes). - USB: serial: option: add Fibocom FM135-GL variants (stable-fixes). - USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes). - USB: serial: option: add MeiG Smart SLM320 product (stable-fixes). - USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes). - USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes). - USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes). - USB: serial: option: support Quectel EM060K sub-models (stable-fixes). - ahci: asm1064: asm1166: do not limit reported ports (git-fixes). - ahci: asm1064: correct count of reported ports (stable-fixes). - arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes) - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes) - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes) - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes) - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes) - arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes) - arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes) - arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes). - ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes). - batman-adv: Avoid infinite loop trying to resize local TT (git-fixes). - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes). - bcache: Remove dead references to cache_readaheads (git-fixes). - bcache: Remove unnecessary NULL point check in node allocations (git-fixes). - bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes). - bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes). - bcache: avoid oversize memory allocation by small stripe_size (git-fixes). - bcache: bset: Fix comment typos (git-fixes). - bcache: check return value from btree_node_alloc_replacement() (git-fixes). - bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes). - bcache: fix error info in register_bcache() (git-fixes). - bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes). - bcache: fixup btree_cache_wait list damage (git-fixes). - bcache: fixup init dirty data errors (git-fixes). - bcache: fixup lock c->root error (git-fixes). - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-fixes). - bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes). - bcache: move uapi header bcache.h to bcache code directory (git-fixes). - bcache: prevent potential division by zero error (git-fixes). - bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes). - bcache: remove redundant assignment to variable cur_idx (git-fixes). - bcache: remove the backing_dev_name field from struct cached_dev (git-fixes). - bcache: remove the cache_dev_name field from struct cache (git-fixes). - bcache: remove unnecessary flush_workqueue (git-fixes). - bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-fixes). - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes). - bcache: replace snprintf in show functions with sysfs_emit (git-fixes). - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes). - bcache: use bvec_kmap_local in bch_data_verify (git-fixes). - bcache: use bvec_kmap_local in bio_csum (git-fixes). - bcache: use default_groups in kobj_type (git-fixes). - bcache:: fix repeated words in comments (git-fixes). - ceph: stop copying to iter at EOF on sync reads (bsc#1223068). - ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067). - clk: Get runtime PM before walking tree during disable_unused (git-fixes). - clk: Initialize struct clk_core kref earlier (stable-fixes). - clk: Mark 'all_lists' as const (stable-fixes). - clk: Print an info line before disabling unused clocks (stable-fixes). - clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes). - clk: remove extra empty line (stable-fixes). - comedi: vmk80xx: fix incomplete endpoint checking (git-fixes). - dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes). - dm cache: add cond_resched() to various workqueue loops (git-fixes). - dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-fixes). - dm crypt: add cond_resched() to dmcrypt_write() (git-fixes). - dm crypt: avoid accessing uninitialized tasklet (git-fixes). - dm flakey: do not corrupt the zero page (git-fixes). - dm flakey: fix a bug with 32-bit highmem systems (git-fixes). - dm flakey: fix a crash with invalid table line (git-fixes). - dm flakey: fix logic when corrupting a bio (git-fixes). - dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes). - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes). - dm integrity: fix out-of-range warning (git-fixes). - dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-fixes). - dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes). - dm raid: fix false positive for requeue needed during reshape (git-fixes). - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes). - dm stats: check for and propagate alloc_percpu failure (git-fixes). - dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-fixes). - dm thin metadata: check fail_io before using data_sm (git-fixes). - dm thin: add cond_resched() to various workqueue loops (git-fixes). - dm thin: fix deadlock when swapping to thin device (bsc#1177529). - dm verity: do not perform FEC for failed readahead IO (git-fixes). - dm verity: fix error handling for check_at_most_once on FEC (git-fixes). - dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes). - dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes). - dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes). - dm-raid: fix lockdep waring in 'pers->hot_add_disk' (git-fixes). - dm-verity, dm-crypt: align 'struct bvec_iter' correctly (git-fixes). - dm-verity: align struct dm_verity_fec_io properly (git-fixes). - dm: add cond_resched() to dm_wq_work() (git-fixes). - dm: call the resume method on internal suspend (git-fixes). - dm: do not lock fs when the map is NULL during suspend or resume (git-fixes). - dm: do not lock fs when the map is NULL in process of resume (git-fixes). - dm: remove flush_scheduled_work() during local_exit() (git-fixes). - dm: send just one event on resize, not two (git-fixes). - dma: xilinx_dpdma: Fix locking (git-fixes). - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes). - dmaengine: owl: fix register access functions (git-fixes). - dmaengine: tegra186: Fix residual calculation (git-fixes). - docs: Document the FAN_FS_ERROR event (stable-fixes). - drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes). - drm/amd/display: Do not recursively call manual trigger programming (stable-fixes). - drm/amd/display: Fix nanosec stat overflow (stable-fixes). - drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes). - drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes). - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes). - drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes). - drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes). - drm/amdgpu: always force full reset for SOC21 (stable-fixes). - drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes). - drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes). - drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes). - drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes). - drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes). - drm/ast: Fix soft lockup (git-fixes). - drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes). - drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes). - drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes). - drm/i915: Disable port sync when bigjoiner is used (stable-fixes). - drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes). - drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834) - drm/panel: ili9341: Respect deferred probe (git-fixes). - drm/panel: ili9341: Use predefined error codes (git-fixes). - drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes). - drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes). - drm/vmwgfx: Enable DMA mappings with SEV (git-fixes). - drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes). - drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes). - drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes). - drm: nv04: Fix out of bounds access (git-fixes). - drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes). - dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574). - fbdev: fix incorrect address computation in deferred IO (git-fixes). - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes). - fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes). - fix build warning - fuse: do not unhash root (bsc#1223951). - fuse: fix root lookup with nonzero generation (bsc#1223950). - hwmon: (amc6821) add of_match table (stable-fixes). - i2c: pxa: hide unused icr_bits[] variable (git-fixes). - i2c: smbus: fix NULL function pointer dereference (git-fixes). - i40e: Fix VF MAC filter removal (git-fixes). - idma64: Do not try to serve interrupts when device is powered off (git-fixes). - iio: accel: mxc4005: Interrupt handling fixes (git-fixes). - iio:imu: adis16475: Fix sync mode setting (git-fixes). - init/main.c: Fix potential static_command_line memory overflow (git-fixes). - iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes). - iommu/amd: Fix 'Guest Virtual APIC Table Root Pointer' configuration in IRTE (git-fixes). - iommu/amd: Fix domain flush size when syncing iotlb (git-fixes). - iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes). - iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes). - iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes). - iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes). - iommu/iova: Fix alloc iova overflows issue (git-fixes). - iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes). - iommu/rockchip: Fix unwind goto issue (git-fixes). - iommu/sprd: Release dma buffer to avoid memory leak (git-fixes). - iommu/vt-d: Allocate local memory for page request queue (git-fixes). - iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes). - iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes). - iommu: Fix error unwind in iommu_group_alloc() (git-fixes). - ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes). - kABI: Adjust trace_iterator.wait_index (git-fixes). - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes). - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes). - libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes). - livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539). - md/raid1: fix choose next idle in read_balance() (git-fixes). - md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes). - md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-fixes). - media: cec: core: remove length check of Timer Status (stable-fixes). - media: sta2x11: fix irq handler cast (stable-fixes). - mei: me: add arrow lake point H DID (stable-fixes). - mei: me: add arrow lake point S DID (stable-fixes). - mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes). - mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473). - mmc: sdhci-msm: pervent access to suspended controller (git-fixes). - mtd: diskonchip: work around ubsan link failure (stable-fixes). - nd_btt: Make BTT lanes preemptible (git-fixes). - net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes). - net: fix a memleak when uncloning an skb dst and its metadata (git-fixes). - net: fix skb leak in __skb_tstamp_tx() (git-fixes). - net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes). - net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes). - net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes). - net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes). - net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes). - net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes). - net: vlan: fix underflow for the real_dev refcnt (git-fixes). - netfilter: br_netfilter: Drop dst references before setting (git-fixes). - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes). - netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes). - nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408). - nilfs2: fix OOB in nilfs_set_de_type (git-fixes). - nilfs2: fix OOB in nilfs_set_de_type (git-fixes). - nouveau: fix function cast warning (git-fixes). - nouveau: fix instmem race condition around ptr stores (git-fixes). - nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-fixes). - nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes). - nvdimm: Fix badblocks clear off-by-one error (git-fixes). - nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes). - nvdimm: Fix firmware activation deadlock scenarios (git-fixes). - nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-fixes). - pci_iounmap(): Fix MMIO mapping leak (git-fixes). - phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes). - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes). - platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes). - powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191). - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888). - powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888). - powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191). - powerpc: Refactor verification of MSR_RI (bsc#1223191). - printk: Add this_cpu_in_panic() (bsc#1223574). - printk: Adjust mapping for 32bit seq macros (bsc#1223574). - printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574). - printk: Disable passing console lock owner completely during panic() (bsc#1223574). - printk: Drop console_sem during panic (bsc#1223574). - printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574). - printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574). - printk: Wait for all reserved records with pr_flush() (bsc#1223574). - printk: nbcon: Relocate 32bit seq macros (bsc#1223574). - printk: ringbuffer: Clarify special lpos values (bsc#1223574). - printk: ringbuffer: Cleanup reader terminology (bsc#1223574). - printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574). - printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574). - printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574). - pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes). - ring-buffer: Do not set shortest_full when full target is hit (git-fixes). - ring-buffer: Fix full_waiters_pending in poll (git-fixes). - ring-buffer: Fix resetting of shortest_full (git-fixes). - ring-buffer: Fix waking up ring buffer readers (git-fixes). - ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes). - ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes). - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes). - s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875). - s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785). - s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877). - s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878). - s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879). - s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784). - s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876). - s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598). - s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595). - serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes). - serial: core: Provide port lock wrappers (stable-fixes). - serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes). - serial: mxs-auart: add spinlock around changing cts state (git-fixes). - slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes). - speakup: Avoid crash on very long word (git-fixes). - speakup: Fix 8bit characters from direct synth (git-fixes). - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes). - thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes). - thunderbolt: Fix wake configurations after device unplug (stable-fixes). - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes). - tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes). - tracing: Have saved_cmdlines arrays all in one allocation (git-fixes). - tracing: Remove precision vsnprintf() check from print event (git-fixes). - tracing: Show size of requested perf buffer (git-fixes). - tracing: Use .flush() call to wake up readers (git-fixes). - usb: Disable USB3 LPM at shutdown (stable-fixes). - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes). - usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes). - usb: gadget: composite: fix OS descriptors w_value logic (git-fixes). - usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes). - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes). - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes). - usb: ohci: Prevent missed ohci interrupts (git-fixes). - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes). - usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes). - usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes). - usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569). - usb: typec: ucsi: Ack unsupported commands (stable-fixes). - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes). - usb: typec: ucsi: Fix connector check on init (git-fixes). - usb: udc: remove warning when queue disabled ep (stable-fixes). - vdpa/mlx5: Allow CVQ size changes (git-fixes). - virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949). - wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes). - wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes). - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes). - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes). - wifi: nl80211: do not free NULL coalescing rule (git-fixes). - x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes). - x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes). - x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes). - x86/xen: Add some null pointer checking to smp.c (git-fixes). - x86/xen: add CPU dependencies for 32-bit build (git-fixes). - x86/xen: fix percpu vcpu_info allocation (git-fixes). - xen-netback: properly sync TX responses (git-fixes). - xen-netfront: Add missing skb_mark_for_recycle (git-fixes). - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-fixes). - xen/xenbus: document will_handle argument for xenbus_watch_path() (git-fixes). - xfrm6: fix inet6_dev refcount underflow problem (git-fixes). Important SUSE bug 1177529 SUSE bug 1192145 SUSE bug 1211592 SUSE bug 1217408 SUSE bug 1218562 SUSE bug 1218917 SUSE bug 1219104 SUSE bug 1219126 SUSE bug 1219169 SUSE bug 1219170 SUSE bug 1219264 SUSE bug 1220342 SUSE bug 1220569 SUSE bug 1220761 SUSE bug 1220901 SUSE bug 1220915 SUSE bug 1220935 SUSE bug 1221042 SUSE bug 1221044 SUSE bug 1221080 SUSE bug 1221084 SUSE bug 1221088 SUSE bug 1221162 SUSE bug 1221299 SUSE bug 1221612 SUSE bug 1221617 SUSE bug 1221645 SUSE bug 1221791 SUSE bug 1221825 SUSE bug 1222011 SUSE bug 1222051 SUSE bug 1222247 SUSE bug 1222266 SUSE bug 1222294 SUSE bug 1222307 SUSE bug 1222357 SUSE bug 1222368 SUSE bug 1222379 SUSE bug 1222416 SUSE bug 1222422 SUSE bug 1222424 SUSE bug 1222427 SUSE bug 1222428 SUSE bug 1222430 SUSE bug 1222431 SUSE bug 1222435 SUSE bug 1222437 SUSE bug 1222445 SUSE bug 1222449 SUSE bug 1222482 SUSE bug 1222503 SUSE bug 1222520 SUSE bug 1222536 SUSE bug 1222549 SUSE bug 1222550 SUSE bug 1222557 SUSE bug 1222559 SUSE bug 1222585 SUSE bug 1222586 SUSE bug 1222596 SUSE bug 1222609 SUSE bug 1222610 SUSE bug 1222613 SUSE bug 1222615 SUSE bug 1222618 SUSE bug 1222624 SUSE bug 1222630 SUSE bug 1222632 SUSE bug 1222660 SUSE bug 1222662 SUSE bug 1222664 SUSE bug 1222666 SUSE bug 1222669 SUSE bug 1222671 SUSE bug 1222677 SUSE bug 1222678 SUSE bug 1222680 SUSE bug 1222703 SUSE bug 1222704 SUSE bug 1222706 SUSE bug 1222709 SUSE bug 1222710 SUSE bug 1222720 SUSE bug 1222721 SUSE bug 1222724 SUSE bug 1222726 SUSE bug 1222727 SUSE bug 1222764 SUSE bug 1222772 SUSE bug 1222773 SUSE bug 1222776 SUSE bug 1222781 SUSE bug 1222784 SUSE bug 1222785 SUSE bug 1222787 SUSE bug 1222790 SUSE bug 1222791 SUSE bug 1222792 SUSE bug 1222796 SUSE bug 1222798 SUSE bug 1222801 SUSE bug 1222812 SUSE bug 1222824 SUSE bug 1222829 SUSE bug 1222832 SUSE bug 1222836 SUSE bug 1222838 SUSE bug 1222866 SUSE bug 1222867 SUSE bug 1222869 SUSE bug 1222876 SUSE bug 1222878 SUSE bug 1222879 SUSE bug 1222881 SUSE bug 1222883 SUSE bug 1222888 SUSE bug 1222894 SUSE bug 1222901 SUSE bug 1222968 SUSE bug 1223012 SUSE bug 1223014 SUSE bug 1223016 SUSE bug 1223024 SUSE bug 1223030 SUSE bug 1223033 SUSE bug 1223034 SUSE bug 1223035 SUSE bug 1223036 SUSE bug 1223037 SUSE bug 1223041 SUSE bug 1223042 SUSE bug 1223051 SUSE bug 1223052 SUSE bug 1223056 SUSE bug 1223057 SUSE bug 1223058 SUSE bug 1223060 SUSE bug 1223061 SUSE bug 1223065 SUSE bug 1223066 SUSE bug 1223067 SUSE bug 1223068 SUSE bug 1223076 SUSE bug 1223078 SUSE bug 1223111 SUSE bug 1223115 SUSE bug 1223118 SUSE bug 1223187 SUSE bug 1223189 SUSE bug 1223190 SUSE bug 1223191 SUSE bug 1223196 SUSE bug 1223197 SUSE bug 1223198 SUSE bug 1223275 SUSE bug 1223323 SUSE bug 1223369 SUSE bug 1223380 SUSE bug 1223473 SUSE bug 1223474 SUSE bug 1223475 SUSE bug 1223477 SUSE bug 1223478 SUSE bug 1223479 SUSE bug 1223481 SUSE bug 1223482 SUSE bug 1223484 SUSE bug 1223487 SUSE bug 1223490 SUSE bug 1223496 SUSE bug 1223498 SUSE bug 1223499 SUSE bug 1223501 SUSE bug 1223502 SUSE bug 1223503 SUSE bug 1223505 SUSE bug 1223509 SUSE bug 1223511 SUSE bug 1223512 SUSE bug 1223513 SUSE bug 1223516 SUSE bug 1223517 SUSE bug 1223518 SUSE bug 1223519 SUSE bug 1223520 SUSE bug 1223522 SUSE bug 1223523 SUSE bug 1223525 SUSE bug 1223539 SUSE bug 1223574 SUSE bug 1223595 SUSE bug 1223598 SUSE bug 1223634 SUSE bug 1223643 SUSE bug 1223644 SUSE bug 1223645 SUSE bug 1223646 SUSE bug 1223648 SUSE bug 1223655 SUSE bug 1223657 SUSE bug 1223660 SUSE bug 1223661 SUSE bug 1223663 SUSE bug 1223664 SUSE bug 1223668 SUSE bug 1223686 SUSE bug 1223693 SUSE bug 1223705 SUSE bug 1223714 SUSE bug 1223735 SUSE bug 1223745 SUSE bug 1223784 SUSE bug 1223785 SUSE bug 1223790 SUSE bug 1223816 SUSE bug 1223821 SUSE bug 1223822 SUSE bug 1223824 SUSE bug 1223827 SUSE bug 1223834 SUSE bug 1223875 SUSE bug 1223876 SUSE bug 1223877 SUSE bug 1223878 SUSE bug 1223879 SUSE bug 1223894 SUSE bug 1223921 SUSE bug 1223922 SUSE bug 1223923 SUSE bug 1223924 SUSE bug 1223929 SUSE bug 1223931 SUSE bug 1223932 SUSE bug 1223934 SUSE bug 1223941 SUSE bug 1223948 SUSE bug 1223949 SUSE bug 1223950 SUSE bug 1223951 SUSE bug 1223952 SUSE bug 1223953 SUSE bug 1223956 SUSE bug 1223957 SUSE bug 1223960 SUSE bug 1223962 SUSE bug 1223963 SUSE bug 1223964 CVE-2021-47047 at SUSE CVE-2021-47047 at NVD CVE-2021-47181 at SUSE CVE-2021-47181 at NVD CVE-2021-47182 at SUSE CVE-2021-47182 at NVD CVE-2021-47183 at SUSE CVE-2021-47183 at NVD CVE-2021-47184 at SUSE CVE-2021-47184 at NVD CVE-2021-47185 at SUSE CVE-2021-47185 at NVD CVE-2021-47187 at SUSE CVE-2021-47187 at NVD CVE-2021-47188 at SUSE CVE-2021-47188 at NVD CVE-2021-47189 at SUSE CVE-2021-47189 at NVD CVE-2021-47191 at SUSE CVE-2021-47191 at NVD CVE-2021-47192 at SUSE CVE-2021-47192 at NVD CVE-2021-47193 at SUSE CVE-2021-47193 at NVD CVE-2021-47194 at SUSE CVE-2021-47194 at NVD CVE-2021-47195 at SUSE CVE-2021-47195 at NVD CVE-2021-47196 at SUSE CVE-2021-47196 at NVD CVE-2021-47197 at SUSE CVE-2021-47197 at NVD CVE-2021-47198 at SUSE CVE-2021-47198 at NVD CVE-2021-47199 at SUSE CVE-2021-47199 at NVD CVE-2021-47200 at SUSE CVE-2021-47200 at NVD CVE-2021-47201 at SUSE CVE-2021-47201 at NVD CVE-2021-47202 at SUSE CVE-2021-47202 at NVD CVE-2021-47203 at SUSE CVE-2021-47203 at NVD CVE-2021-47204 at SUSE CVE-2021-47204 at NVD CVE-2021-47205 at SUSE CVE-2021-47205 at NVD CVE-2021-47206 at SUSE CVE-2021-47206 at NVD CVE-2021-47207 at SUSE CVE-2021-47207 at NVD CVE-2021-47209 at SUSE CVE-2021-47209 at NVD CVE-2021-47210 at SUSE CVE-2021-47210 at NVD CVE-2021-47211 at SUSE CVE-2021-47211 at NVD CVE-2021-47212 at SUSE CVE-2021-47212 at NVD CVE-2021-47214 at SUSE CVE-2021-47214 at NVD CVE-2021-47215 at SUSE CVE-2021-47215 at NVD CVE-2021-47216 at SUSE CVE-2021-47216 at NVD CVE-2021-47217 at SUSE CVE-2021-47217 at NVD CVE-2021-47218 at SUSE CVE-2021-47218 at NVD CVE-2021-47219 at SUSE CVE-2021-47219 at NVD CVE-2022-48631 at SUSE CVE-2022-48631 at NVD CVE-2022-48632 at SUSE CVE-2022-48632 at NVD CVE-2022-48634 at SUSE CVE-2022-48634 at NVD CVE-2022-48636 at SUSE CVE-2022-48636 at NVD CVE-2022-48637 at SUSE CVE-2022-48637 at NVD CVE-2022-48638 at SUSE CVE-2022-48638 at NVD CVE-2022-48639 at SUSE CVE-2022-48639 at NVD CVE-2022-48640 at SUSE CVE-2022-48640 at NVD CVE-2022-48642 at SUSE CVE-2022-48642 at NVD CVE-2022-48644 at SUSE CVE-2022-48644 at NVD CVE-2022-48646 at SUSE CVE-2022-48646 at NVD CVE-2022-48647 at SUSE CVE-2022-48647 at NVD CVE-2022-48648 at SUSE CVE-2022-48648 at NVD CVE-2022-48650 at SUSE CVE-2022-48650 at NVD CVE-2022-48651 at SUSE CVE-2022-48651 at NVD CVE-2022-48652 at SUSE CVE-2022-48652 at NVD CVE-2022-48653 at SUSE CVE-2022-48653 at NVD CVE-2022-48654 at SUSE CVE-2022-48654 at NVD CVE-2022-48655 at SUSE CVE-2022-48655 at NVD CVE-2022-48656 at SUSE CVE-2022-48656 at NVD CVE-2022-48657 at SUSE CVE-2022-48657 at NVD CVE-2022-48658 at SUSE CVE-2022-48658 at NVD CVE-2022-48659 at SUSE CVE-2022-48659 at NVD CVE-2022-48660 at SUSE CVE-2022-48660 at NVD CVE-2022-48662 at SUSE CVE-2022-48662 at NVD CVE-2022-48663 at SUSE CVE-2022-48663 at NVD CVE-2022-48667 at SUSE CVE-2022-48667 at NVD CVE-2022-48668 at SUSE CVE-2022-48668 at NVD CVE-2022-48671 at SUSE CVE-2022-48671 at NVD CVE-2022-48672 at SUSE CVE-2022-48672 at NVD CVE-2022-48673 at SUSE CVE-2022-48673 at NVD CVE-2022-48675 at SUSE CVE-2022-48675 at NVD CVE-2022-48686 at SUSE CVE-2022-48686 at NVD CVE-2022-48687 at SUSE CVE-2022-48687 at NVD CVE-2022-48688 at SUSE CVE-2022-48688 at NVD CVE-2022-48690 at SUSE CVE-2022-48690 at NVD CVE-2022-48692 at SUSE CVE-2022-48692 at NVD CVE-2022-48693 at SUSE CVE-2022-48693 at NVD CVE-2022-48694 at SUSE CVE-2022-48694 at NVD CVE-2022-48695 at SUSE CVE-2022-48695 at NVD CVE-2022-48697 at SUSE CVE-2022-48697 at NVD CVE-2022-48698 at SUSE CVE-2022-48698 at NVD CVE-2022-48700 at SUSE CVE-2022-48700 at NVD CVE-2022-48701 at SUSE CVE-2022-48701 at NVD CVE-2022-48702 at SUSE CVE-2022-48702 at NVD CVE-2022-48703 at SUSE CVE-2022-48703 at NVD CVE-2022-48704 at SUSE CVE-2022-48704 at NVD CVE-2023-2860 at SUSE CVE-2023-2860 at NVD CVE-2023-52488 at SUSE CVE-2023-52488 at NVD CVE-2023-52503 at SUSE CVE-2023-52503 at NVD CVE-2023-52561 at SUSE CVE-2023-52561 at NVD CVE-2023-52585 at SUSE CVE-2023-52585 at NVD CVE-2023-52589 at SUSE CVE-2023-52589 at NVD CVE-2023-52590 at SUSE CVE-2023-52590 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52593 at SUSE CVE-2023-52593 at NVD CVE-2023-52614 at SUSE CVE-2023-52614 at NVD CVE-2023-52616 at SUSE CVE-2023-52616 at NVD CVE-2023-52620 at SUSE CVE-2023-52620 at NVD CVE-2023-52627 at SUSE CVE-2023-52627 at NVD CVE-2023-52635 at SUSE CVE-2023-52635 at NVD CVE-2023-52636 at SUSE CVE-2023-52636 at NVD CVE-2023-52645 at SUSE CVE-2023-52645 at NVD CVE-2023-52652 at SUSE CVE-2023-52652 at NVD CVE-2023-6270 at SUSE CVE-2023-6270 at NVD CVE-2024-0639 at SUSE CVE-2024-0639 at NVD CVE-2024-0841 at SUSE CVE-2024-0841 at NVD CVE-2024-22099 at SUSE CVE-2024-22099 at NVD CVE-2024-23307 at SUSE CVE-2024-23307 at NVD CVE-2024-23848 at SUSE CVE-2024-23848 at NVD CVE-2024-23850 at SUSE CVE-2024-23850 at NVD CVE-2024-26601 at SUSE CVE-2024-26601 at NVD CVE-2024-26610 at SUSE CVE-2024-26610 at NVD CVE-2024-26656 at SUSE CVE-2024-26656 at NVD CVE-2024-26660 at SUSE CVE-2024-26660 at NVD CVE-2024-26671 at SUSE CVE-2024-26671 at NVD CVE-2024-26673 at SUSE CVE-2024-26673 at NVD CVE-2024-26675 at SUSE CVE-2024-26675 at NVD CVE-2024-26680 at SUSE CVE-2024-26680 at NVD CVE-2024-26681 at SUSE CVE-2024-26681 at NVD CVE-2024-26684 at SUSE CVE-2024-26684 at NVD CVE-2024-26685 at SUSE CVE-2024-26685 at NVD CVE-2024-26687 at SUSE CVE-2024-26687 at NVD CVE-2024-26688 at SUSE CVE-2024-26688 at NVD CVE-2024-26689 at SUSE CVE-2024-26689 at NVD CVE-2024-26696 at SUSE CVE-2024-26696 at NVD CVE-2024-26697 at SUSE CVE-2024-26697 at NVD CVE-2024-26702 at SUSE CVE-2024-26702 at NVD CVE-2024-26704 at SUSE CVE-2024-26704 at NVD CVE-2024-26718 at SUSE CVE-2024-26718 at NVD CVE-2024-26722 at SUSE CVE-2024-26722 at NVD CVE-2024-26727 at SUSE CVE-2024-26727 at NVD CVE-2024-26733 at SUSE CVE-2024-26733 at NVD CVE-2024-26736 at SUSE CVE-2024-26736 at NVD CVE-2024-26737 at SUSE CVE-2024-26737 at NVD CVE-2024-26739 at SUSE CVE-2024-26739 at NVD CVE-2024-26743 at SUSE CVE-2024-26743 at NVD CVE-2024-26744 at SUSE CVE-2024-26744 at NVD CVE-2024-26745 at SUSE CVE-2024-26745 at NVD CVE-2024-26747 at SUSE CVE-2024-26747 at NVD CVE-2024-26749 at SUSE CVE-2024-26749 at NVD CVE-2024-26751 at SUSE CVE-2024-26751 at NVD CVE-2024-26754 at SUSE CVE-2024-26754 at NVD CVE-2024-26760 at SUSE CVE-2024-26760 at NVD CVE-2024-26763 at SUSE CVE-2024-26763 at NVD CVE-2024-26764 at SUSE CVE-2024-26764 at NVD CVE-2024-26766 at SUSE CVE-2024-26766 at NVD CVE-2024-26769 at SUSE CVE-2024-26769 at NVD CVE-2024-26771 at SUSE CVE-2024-26771 at NVD CVE-2024-26772 at SUSE CVE-2024-26772 at NVD CVE-2024-26773 at SUSE CVE-2024-26773 at NVD CVE-2024-26776 at SUSE CVE-2024-26776 at NVD CVE-2024-26779 at SUSE CVE-2024-26779 at NVD CVE-2024-26783 at SUSE CVE-2024-26783 at NVD CVE-2024-26787 at SUSE CVE-2024-26787 at NVD CVE-2024-26790 at SUSE CVE-2024-26790 at NVD CVE-2024-26792 at SUSE CVE-2024-26792 at NVD CVE-2024-26793 at SUSE CVE-2024-26793 at NVD CVE-2024-26798 at SUSE CVE-2024-26798 at NVD CVE-2024-26805 at SUSE CVE-2024-26805 at NVD CVE-2024-26807 at SUSE CVE-2024-26807 at NVD CVE-2024-26816 at SUSE CVE-2024-26816 at NVD CVE-2024-26817 at SUSE CVE-2024-26817 at NVD CVE-2024-26820 at SUSE CVE-2024-26820 at NVD CVE-2024-26825 at SUSE CVE-2024-26825 at NVD CVE-2024-26830 at SUSE CVE-2024-26830 at NVD CVE-2024-26833 at SUSE CVE-2024-26833 at NVD CVE-2024-26836 at SUSE CVE-2024-26836 at NVD CVE-2024-26843 at SUSE CVE-2024-26843 at NVD CVE-2024-26848 at SUSE CVE-2024-26848 at NVD CVE-2024-26852 at SUSE CVE-2024-26852 at NVD CVE-2024-26853 at SUSE CVE-2024-26853 at NVD CVE-2024-26855 at SUSE CVE-2024-26855 at NVD CVE-2024-26856 at SUSE CVE-2024-26856 at NVD CVE-2024-26857 at SUSE CVE-2024-26857 at NVD CVE-2024-26861 at SUSE CVE-2024-26861 at NVD CVE-2024-26862 at SUSE CVE-2024-26862 at NVD CVE-2024-26866 at SUSE CVE-2024-26866 at NVD CVE-2024-26872 at SUSE CVE-2024-26872 at NVD CVE-2024-26875 at SUSE CVE-2024-26875 at NVD CVE-2024-26878 at SUSE CVE-2024-26878 at NVD CVE-2024-26879 at SUSE CVE-2024-26879 at NVD CVE-2024-26881 at SUSE CVE-2024-26881 at NVD CVE-2024-26882 at SUSE CVE-2024-26882 at NVD CVE-2024-26883 at SUSE CVE-2024-26883 at NVD CVE-2024-26884 at SUSE CVE-2024-26884 at NVD CVE-2024-26885 at SUSE CVE-2024-26885 at NVD CVE-2024-26891 at SUSE CVE-2024-26891 at NVD CVE-2024-26893 at SUSE CVE-2024-26893 at NVD CVE-2024-26895 at SUSE CVE-2024-26895 at NVD CVE-2024-26896 at SUSE CVE-2024-26896 at NVD CVE-2024-26897 at SUSE CVE-2024-26897 at NVD CVE-2024-26898 at SUSE CVE-2024-26898 at NVD CVE-2024-26901 at SUSE CVE-2024-26901 at NVD CVE-2024-26903 at SUSE CVE-2024-26903 at NVD CVE-2024-26917 at SUSE CVE-2024-26917 at NVD CVE-2024-26927 at SUSE CVE-2024-26927 at NVD CVE-2024-26948 at SUSE CVE-2024-26948 at NVD CVE-2024-26950 at SUSE CVE-2024-26950 at NVD CVE-2024-26951 at SUSE CVE-2024-26951 at NVD CVE-2024-26955 at SUSE CVE-2024-26955 at NVD CVE-2024-26956 at SUSE CVE-2024-26956 at NVD CVE-2024-26960 at SUSE CVE-2024-26960 at NVD CVE-2024-26965 at SUSE CVE-2024-26965 at NVD CVE-2024-26966 at SUSE CVE-2024-26966 at NVD CVE-2024-26969 at SUSE CVE-2024-26969 at NVD CVE-2024-26970 at SUSE CVE-2024-26970 at NVD CVE-2024-26972 at SUSE CVE-2024-26972 at NVD CVE-2024-26981 at SUSE CVE-2024-26981 at NVD CVE-2024-26982 at SUSE CVE-2024-26982 at NVD CVE-2024-26993 at SUSE CVE-2024-26993 at NVD CVE-2024-27013 at SUSE CVE-2024-27013 at NVD CVE-2024-27014 at SUSE CVE-2024-27014 at NVD CVE-2024-27030 at SUSE CVE-2024-27030 at NVD CVE-2024-27038 at SUSE CVE-2024-27038 at NVD CVE-2024-27039 at SUSE CVE-2024-27039 at NVD CVE-2024-27041 at SUSE CVE-2024-27041 at NVD CVE-2024-27043 at SUSE CVE-2024-27043 at NVD CVE-2024-27046 at SUSE CVE-2024-27046 at NVD CVE-2024-27056 at SUSE CVE-2024-27056 at NVD CVE-2024-27062 at SUSE CVE-2024-27062 at NVD CVE-2024-27389 at SUSE CVE-2024-27389 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 Real Time kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834). - CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822). - CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). - CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714). - CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821). - CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816). - CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790). - CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). - CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). - CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). - CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634). - CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644). - CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645). - CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646). - CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648). - CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655). - CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660). - CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661). - CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). - CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525). - CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). - CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042). - CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196). - CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190). - CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). - CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). - CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034). - CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041). - CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066). - CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). - CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024). - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). - CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076). - CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). - CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052). - CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). - CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061). - CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). - CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030). - CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968). - CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012). - CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). - CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). - CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801). - CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). - CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). - CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615). - CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772). - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). - CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). - CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) - CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). - CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). - CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596). - CVE-2024-267600: Fixed scsi/target/pscsi error case in bio_put() (bsc#1222596). - CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). - CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724). - CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609). - CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). - CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677). - CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557). - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). - CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536). - CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416). - CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). - CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549). - CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). - CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437). - CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445). - CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431). - CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427). - CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). - CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368). - CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). - CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266). - CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307). - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). - CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). - CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). - CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). - CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033). - CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247). - CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). - CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051). - CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). - CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). - CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). - CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042). - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). - CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). - CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084). - CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080). - CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935). - CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915). - CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162). - CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921). - CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). - CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498). - CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496). - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). - CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478). - CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499). - CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). - CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710). - CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869). - CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). - CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). - CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) - CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838). - CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832). - CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). - CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). - CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). - CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). - CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). - CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). The following non-security bugs were fixed: - ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes). - ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes). - ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes). - ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes). - ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes). - ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes). - ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes). - ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes). - ALSA: scarlett2: Add correct product series name to messages (stable-fixes). - ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes). - ALSA: scarlett2: Default mixer driver to enabled (stable-fixes). - ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes). - ASoC: meson: axg-card: make links nonatomic (git-fixes). - ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes). - ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes). - ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes). - ASoC: tegra: Fix DSPK 16-bit playback (git-fixes). - ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes). - Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes). - Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes). - Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes). - Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes). - Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes). - Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes). - Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes). - Bluetooth: add quirk for broken address properties (git-fixes). - Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes). - Bluetooth: btintel: Fixe build regression (git-fixes). - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes). - Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes). - Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes). - Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes). - Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes). - Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes). - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes). - HID: logitech-dj: allow mice to use all types of reports (git-fixes). - HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes). - Input: allocate keycode for Display refresh rate toggle (stable-fixes). - Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes). - NFC: trf7970a: disable all regulators on removal (git-fixes). - NFS: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). - PCI/AER: Block runtime suspend when handling errors (git-fixes). - PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes). - PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes). - PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes). - PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes). - PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes). - PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888). - RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). - RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes). - RDMA/cm: add timeout to cm_destroy_id wait (git-fixes) - README.BRANCH: Correct email address for Petr Tesarik - README.BRANCH: Remove copy of branch name - Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes). - Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes). - Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes). - Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275) - Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes). - Revert 'usb: phy: generic: Get the vbus supply' (git-fixes). - USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes). - USB: serial: add device ID for VeriFone adapter (stable-fixes). - USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes). - USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes). - USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes). - USB: serial: option: add Fibocom FM135-GL variants (stable-fixes). - USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes). - USB: serial: option: add MeiG Smart SLM320 product (stable-fixes). - USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes). - USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes). - USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes). - USB: serial: option: support Quectel EM060K sub-models (stable-fixes). - ahci: asm1064: asm1166: do not limit reported ports (git-fixes). - ahci: asm1064: correct count of reported ports (stable-fixes). - arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes) - arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes) - arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes) - arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes) - arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes) - arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes) - arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes) - arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes). - ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes). - batman-adv: Avoid infinite loop trying to resize local TT (git-fixes). - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes). - bcache: Remove dead references to cache_readaheads (git-fixes). - bcache: Remove unnecessary NULL point check in node allocations (git-fixes). - bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes). - bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes). - bcache: avoid oversize memory allocation by small stripe_size (git-fixes). - bcache: bset: Fix comment typos (git-fixes). - bcache: check return value from btree_node_alloc_replacement() (git-fixes). - bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes). - bcache: fix error info in register_bcache() (git-fixes). - bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes). - bcache: fixup btree_cache_wait list damage (git-fixes). - bcache: fixup init dirty data errors (git-fixes). - bcache: fixup lock c->root error (git-fixes). - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-fixes). - bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes). - bcache: move uapi header bcache.h to bcache code directory (git-fixes). - bcache: prevent potential division by zero error (git-fixes). - bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes). - bcache: remove redundant assignment to variable cur_idx (git-fixes). - bcache: remove the backing_dev_name field from struct cached_dev (git-fixes). - bcache: remove the cache_dev_name field from struct cache (git-fixes). - bcache: remove unnecessary flush_workqueue (git-fixes). - bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-fixes). - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes). - bcache: replace snprintf in show functions with sysfs_emit (git-fixes). - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes). - bcache: use bvec_kmap_local in bch_data_verify (git-fixes). - bcache: use bvec_kmap_local in bio_csum (git-fixes). - bcache: use default_groups in kobj_type (git-fixes). - bcache:: fix repeated words in comments (git-fixes). - ceph: stop copying to iter at EOF on sync reads (bsc#1223068). - ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067). - clk: Get runtime PM before walking tree during disable_unused (git-fixes). - clk: Initialize struct clk_core kref earlier (stable-fixes). - clk: Mark 'all_lists' as const (stable-fixes). - clk: Print an info line before disabling unused clocks (stable-fixes). - clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes). - clk: remove extra empty line (stable-fixes). - comedi: vmk80xx: fix incomplete endpoint checking (git-fixes). - dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes). - dm cache: add cond_resched() to various workqueue loops (git-fixes). - dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-fixes). - dm crypt: add cond_resched() to dmcrypt_write() (git-fixes). - dm crypt: avoid accessing uninitialized tasklet (git-fixes). - dm flakey: do not corrupt the zero page (git-fixes). - dm flakey: fix a bug with 32-bit highmem systems (git-fixes). - dm flakey: fix a crash with invalid table line (git-fixes). - dm flakey: fix logic when corrupting a bio (git-fixes). - dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes). - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes). - dm integrity: fix out-of-range warning (git-fixes). - dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-fixes). - dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes). - dm raid: fix false positive for requeue needed during reshape (git-fixes). - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes). - dm stats: check for and propagate alloc_percpu failure (git-fixes). - dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-fixes). - dm thin metadata: check fail_io before using data_sm (git-fixes). - dm thin: add cond_resched() to various workqueue loops (git-fixes). - dm thin: fix deadlock when swapping to thin device (bsc#1177529). - dm verity: do not perform FEC for failed readahead IO (git-fixes). - dm verity: fix error handling for check_at_most_once on FEC (git-fixes). - dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes). - dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes). - dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes). - dm-raid: fix lockdep waring in 'pers->hot_add_disk' (git-fixes). - dm-verity, dm-crypt: align 'struct bvec_iter' correctly (git-fixes). - dm-verity: align struct dm_verity_fec_io properly (git-fixes). - dm: add cond_resched() to dm_wq_work() (git-fixes). - dm: call the resume method on internal suspend (git-fixes). - dm: do not lock fs when the map is NULL during suspend or resume (git-fixes). - dm: do not lock fs when the map is NULL in process of resume (git-fixes). - dm: remove flush_scheduled_work() during local_exit() (git-fixes). - dm: send just one event on resize, not two (git-fixes). - dma: xilinx_dpdma: Fix locking (git-fixes). - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes). - dmaengine: owl: fix register access functions (git-fixes). - dmaengine: tegra186: Fix residual calculation (git-fixes). - docs: Document the FAN_FS_ERROR event (stable-fixes). - drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes). - drm/amd/display: Do not recursively call manual trigger programming (stable-fixes). - drm/amd/display: Fix nanosec stat overflow (stable-fixes). - drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes). - drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes). - drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes). - drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes). - drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes). - drm/amdgpu: always force full reset for SOC21 (stable-fixes). - drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes). - drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes). - drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes). - drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes). - drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes). - drm/ast: Fix soft lockup (git-fixes). - drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes). - drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes). - drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes). - drm/i915: Disable port sync when bigjoiner is used (stable-fixes). - drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes). - drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834) - drm/panel: ili9341: Respect deferred probe (git-fixes). - drm/panel: ili9341: Use predefined error codes (git-fixes). - drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes). - drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes). - drm/vmwgfx: Enable DMA mappings with SEV (git-fixes). - drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes). - drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes). - drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes). - drm: nv04: Fix out of bounds access (git-fixes). - drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes). - dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574). - fbdev: fix incorrect address computation in deferred IO (git-fixes). - fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes). - fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes). - fix build warning - fuse: do not unhash root (bsc#1223951). - fuse: fix root lookup with nonzero generation (bsc#1223950). - hwmon: (amc6821) add of_match table (stable-fixes). - i2c: pxa: hide unused icr_bits[] variable (git-fixes). - i2c: smbus: fix NULL function pointer dereference (git-fixes). - i40e: Fix VF MAC filter removal (git-fixes). - idma64: Do not try to serve interrupts when device is powered off (git-fixes). - iio: accel: mxc4005: Interrupt handling fixes (git-fixes). - iio:imu: adis16475: Fix sync mode setting (git-fixes). - init/main.c: Fix potential static_command_line memory overflow (git-fixes). - iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes). - iommu/amd: Do not block updates to GATag if guest mode is on (git-fixes). - iommu/amd: Fix 'Guest Virtual APIC Table Root Pointer' configuration in IRTE (git-fixes). - iommu/amd: Fix domain flush size when syncing iotlb (git-fixes). - iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes). - iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes). - iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes). - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982 (git-fixes). - iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes). - iommu/iova: Fix alloc iova overflows issue (git-fixes). - iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes). - iommu/rockchip: Fix unwind goto issue (git-fixes). - iommu/sprd: Release dma buffer to avoid memory leak (git-fixes). - iommu/vt-d: Allocate local memory for page request queue (git-fixes). - iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes). - iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes). - iommu: Fix error unwind in iommu_group_alloc() (git-fixes). - ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes). - kABI: Adjust trace_iterator.wait_index (git-fixes). - kprobes: Fix double free of kretprobe_holder (bsc#1220901). - kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes). - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes). - libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes). - livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539). - md/raid1: fix choose next idle in read_balance() (git-fixes). - md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes). - md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-fixes). - media: cec: core: remove length check of Timer Status (stable-fixes). - media: sta2x11: fix irq handler cast (stable-fixes). - mei: me: add arrow lake point H DID (stable-fixes). - mei: me: add arrow lake point S DID (stable-fixes). - mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes). - mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473). - mmc: sdhci-msm: pervent access to suspended controller (git-fixes). - mtd: diskonchip: work around ubsan link failure (stable-fixes). - nd_btt: Make BTT lanes preemptible (git-fixes). - net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes). - net: fix a memleak when uncloning an skb dst and its metadata (git-fixes). - net: fix skb leak in __skb_tstamp_tx() (git-fixes). - net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes). - net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes). - net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes). - net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes). - net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes). - net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes). - net: vlan: fix underflow for the real_dev refcnt (git-fixes). - netfilter: br_netfilter: Drop dst references before setting (git-fixes). - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes). - netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes). - nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640). - nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408). - nilfs2: fix OOB in nilfs_set_de_type (git-fixes). - nilfs2: fix OOB in nilfs_set_de_type (git-fixes). - nouveau: fix function cast warning (git-fixes). - nouveau: fix instmem race condition around ptr stores (git-fixes). - nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-fixes). - nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes). - nvdimm: Fix badblocks clear off-by-one error (git-fixes). - nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes). - nvdimm: Fix firmware activation deadlock scenarios (git-fixes). - nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-fixes). - pci_iounmap(): Fix MMIO mapping leak (git-fixes). - phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes). - pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes). - platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes). - platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes). - powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191). - powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). - powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888). - powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888). - powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191). - powerpc: Refactor verification of MSR_RI (bsc#1223191). - printk: Add this_cpu_in_panic() (bsc#1223574). - printk: Adjust mapping for 32bit seq macros (bsc#1223574). - printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574). - printk: Disable passing console lock owner completely during panic() (bsc#1223574). - printk: Drop console_sem during panic (bsc#1223574). - printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574). - printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574). - printk: Wait for all reserved records with pr_flush() (bsc#1223574). - printk: nbcon: Relocate 32bit seq macros (bsc#1223574). - printk: ringbuffer: Clarify special lpos values (bsc#1223574). - printk: ringbuffer: Cleanup reader terminology (bsc#1223574). - printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574). - printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574). - printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574). - pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes). - ring-buffer: Do not set shortest_full when full target is hit (git-fixes). - ring-buffer: Fix full_waiters_pending in poll (git-fixes). - ring-buffer: Fix resetting of shortest_full (git-fixes). - ring-buffer: Fix waking up ring buffer readers (git-fixes). - ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes). - ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes). - ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes). - s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875). - s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785). - s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877). - s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878). - s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879). - s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784). - s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876). - s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598). - s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595). - s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238). - s390: Fixed kernel backtrack (bsc#1141539 git-fixes). - serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes). - serial: core: Provide port lock wrappers (stable-fixes). - serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes). - serial: mxs-auart: add spinlock around changing cts state (git-fixes). - slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes). - speakup: Avoid crash on very long word (git-fixes). - speakup: Fix 8bit characters from direct synth (git-fixes). - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes). - thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes). - thunderbolt: Fix wake configurations after device unplug (stable-fixes). - tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes). - tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes). - tracing: Have saved_cmdlines arrays all in one allocation (git-fixes). - tracing: Remove precision vsnprintf() check from print event (git-fixes). - tracing: Show size of requested perf buffer (git-fixes). - tracing: Use .flush() call to wake up readers (git-fixes). - usb: Disable USB3 LPM at shutdown (stable-fixes). - usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes). - usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes). - usb: gadget: composite: fix OS descriptors w_value logic (git-fixes). - usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes). - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes). - usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes). - usb: ohci: Prevent missed ohci interrupts (git-fixes). - usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes). - usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes). - usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes). - usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569). - usb: typec: ucsi: Ack unsupported commands (stable-fixes). - usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes). - usb: typec: ucsi: Fix connector check on init (git-fixes). - usb: udc: remove warning when queue disabled ep (stable-fixes). - vdpa/mlx5: Allow CVQ size changes (git-fixes). - virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949). - wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes). - wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes). - wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes). - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes). - wifi: nl80211: do not free NULL coalescing rule (git-fixes). - x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes). - x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes). - x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes). - x86/xen: Add some null pointer checking to smp.c (git-fixes). - x86/xen: add CPU dependencies for 32-bit build (git-fixes). - x86/xen: fix percpu vcpu_info allocation (git-fixes). - xen-netback: properly sync TX responses (git-fixes). - xen-netfront: Add missing skb_mark_for_recycle (git-fixes). - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-fixes). - xen/xenbus: document will_handle argument for xenbus_watch_path() (git-fixes). - xfrm6: fix inet6_dev refcount underflow problem (git-fixes). Important SUSE bug 1141539 SUSE bug 1177529 SUSE bug 1190576 SUSE bug 1192145 SUSE bug 1192837 SUSE bug 1193629 SUSE bug 1196869 SUSE bug 1200313 SUSE bug 1201308 SUSE bug 1201489 SUSE bug 1203906 SUSE bug 1203935 SUSE bug 1204614 SUSE bug 1207361 SUSE bug 1211592 SUSE bug 1213573 SUSE bug 1217408 SUSE bug 1218562 SUSE bug 1218917 SUSE bug 1219104 SUSE bug 1219126 SUSE bug 1219141 SUSE bug 1219169 SUSE bug 1219170 SUSE bug 1219264 SUSE bug 1220342 SUSE bug 1220492 SUSE bug 1220569 SUSE bug 1220761 SUSE bug 1220901 SUSE bug 1220915 SUSE bug 1220935 SUSE bug 1221042 SUSE bug 1221044 SUSE bug 1221080 SUSE bug 1221084 SUSE bug 1221088 SUSE bug 1221162 SUSE bug 1221299 SUSE bug 1221612 SUSE bug 1221617 SUSE bug 1221645 SUSE bug 1221791 SUSE bug 1221825 SUSE bug 1222011 SUSE bug 1222051 SUSE bug 1222247 SUSE bug 1222266 SUSE bug 1222294 SUSE bug 1222307 SUSE bug 1222357 SUSE bug 1222368 SUSE bug 1222379 SUSE bug 1222416 SUSE bug 1222422 SUSE bug 1222424 SUSE bug 1222427 SUSE bug 1222428 SUSE bug 1222430 SUSE bug 1222431 SUSE bug 1222435 SUSE bug 1222437 SUSE bug 1222445 SUSE bug 1222449 SUSE bug 1222482 SUSE bug 1222503 SUSE bug 1222520 SUSE bug 1222536 SUSE bug 1222549 SUSE bug 1222550 SUSE bug 1222557 SUSE bug 1222559 SUSE bug 1222585 SUSE bug 1222586 SUSE bug 1222596 SUSE bug 1222609 SUSE bug 1222610 SUSE bug 1222613 SUSE bug 1222615 SUSE bug 1222618 SUSE bug 1222624 SUSE bug 1222630 SUSE bug 1222632 SUSE bug 1222660 SUSE bug 1222662 SUSE bug 1222664 SUSE bug 1222666 SUSE bug 1222669 SUSE bug 1222671 SUSE bug 1222677 SUSE bug 1222678 SUSE bug 1222680 SUSE bug 1222703 SUSE bug 1222704 SUSE bug 1222706 SUSE bug 1222709 SUSE bug 1222710 SUSE bug 1222720 SUSE bug 1222721 SUSE bug 1222724 SUSE bug 1222726 SUSE bug 1222727 SUSE bug 1222764 SUSE bug 1222772 SUSE bug 1222773 SUSE bug 1222776 SUSE bug 1222781 SUSE bug 1222784 SUSE bug 1222785 SUSE bug 1222787 SUSE bug 1222790 SUSE bug 1222791 SUSE bug 1222792 SUSE bug 1222796 SUSE bug 1222798 SUSE bug 1222801 SUSE bug 1222812 SUSE bug 1222824 SUSE bug 1222829 SUSE bug 1222832 SUSE bug 1222836 SUSE bug 1222838 SUSE bug 1222866 SUSE bug 1222867 SUSE bug 1222869 SUSE bug 1222876 SUSE bug 1222878 SUSE bug 1222879 SUSE bug 1222881 SUSE bug 1222883 SUSE bug 1222888 SUSE bug 1222894 SUSE bug 1222901 SUSE bug 1222968 SUSE bug 1223012 SUSE bug 1223014 SUSE bug 1223016 SUSE bug 1223024 SUSE bug 1223030 SUSE bug 1223033 SUSE bug 1223034 SUSE bug 1223035 SUSE bug 1223036 SUSE bug 1223037 SUSE bug 1223041 SUSE bug 1223042 SUSE bug 1223051 SUSE bug 1223052 SUSE bug 1223056 SUSE bug 1223057 SUSE bug 1223058 SUSE bug 1223060 SUSE bug 1223061 SUSE bug 1223065 SUSE bug 1223066 SUSE bug 1223067 SUSE bug 1223068 SUSE bug 1223076 SUSE bug 1223078 SUSE bug 1223111 SUSE bug 1223115 SUSE bug 1223118 SUSE bug 1223187 SUSE bug 1223189 SUSE bug 1223190 SUSE bug 1223191 SUSE bug 1223196 SUSE bug 1223197 SUSE bug 1223198 SUSE bug 1223275 SUSE bug 1223323 SUSE bug 1223369 SUSE bug 1223380 SUSE bug 1223473 SUSE bug 1223474 SUSE bug 1223475 SUSE bug 1223477 SUSE bug 1223478 SUSE bug 1223479 SUSE bug 1223481 SUSE bug 1223482 SUSE bug 1223484 SUSE bug 1223487 SUSE bug 1223490 SUSE bug 1223496 SUSE bug 1223498 SUSE bug 1223499 SUSE bug 1223501 SUSE bug 1223502 SUSE bug 1223503 SUSE bug 1223505 SUSE bug 1223509 SUSE bug 1223511 SUSE bug 1223512 SUSE bug 1223513 SUSE bug 1223516 SUSE bug 1223517 SUSE bug 1223518 SUSE bug 1223519 SUSE bug 1223520 SUSE bug 1223522 SUSE bug 1223523 SUSE bug 1223525 SUSE bug 1223536 SUSE bug 1223539 SUSE bug 1223574 SUSE bug 1223595 SUSE bug 1223598 SUSE bug 1223634 SUSE bug 1223640 SUSE bug 1223643 SUSE bug 1223644 SUSE bug 1223645 SUSE bug 1223646 SUSE bug 1223648 SUSE bug 1223655 SUSE bug 1223657 SUSE bug 1223660 SUSE bug 1223661 SUSE bug 1223663 SUSE bug 1223664 SUSE bug 1223668 SUSE bug 1223686 SUSE bug 1223693 SUSE bug 1223705 SUSE bug 1223714 SUSE bug 1223735 SUSE bug 1223745 SUSE bug 1223784 SUSE bug 1223785 SUSE bug 1223790 SUSE bug 1223816 SUSE bug 1223821 SUSE bug 1223822 SUSE bug 1223824 SUSE bug 1223827 SUSE bug 1223834 SUSE bug 1223875 SUSE bug 1223876 SUSE bug 1223877 SUSE bug 1223878 SUSE bug 1223879 SUSE bug 1223894 SUSE bug 1223921 SUSE bug 1223922 SUSE bug 1223923 SUSE bug 1223924 SUSE bug 1223929 SUSE bug 1223931 SUSE bug 1223932 SUSE bug 1223934 SUSE bug 1223941 SUSE bug 1223948 SUSE bug 1223949 SUSE bug 1223950 SUSE bug 1223951 SUSE bug 1223952 SUSE bug 1223953 SUSE bug 1223956 SUSE bug 1223957 SUSE bug 1223960 SUSE bug 1223962 SUSE bug 1223963 SUSE bug 1223964 CVE-2021-47047 at SUSE CVE-2021-47047 at NVD CVE-2021-47181 at SUSE CVE-2021-47181 at NVD CVE-2021-47182 at SUSE CVE-2021-47182 at NVD CVE-2021-47183 at SUSE CVE-2021-47183 at NVD CVE-2021-47184 at SUSE CVE-2021-47184 at NVD CVE-2021-47185 at SUSE CVE-2021-47185 at NVD CVE-2021-47187 at SUSE CVE-2021-47187 at NVD CVE-2021-47188 at SUSE CVE-2021-47188 at NVD CVE-2021-47189 at SUSE CVE-2021-47189 at NVD CVE-2021-47191 at SUSE CVE-2021-47191 at NVD CVE-2021-47192 at SUSE CVE-2021-47192 at NVD CVE-2021-47193 at SUSE CVE-2021-47193 at NVD CVE-2021-47194 at SUSE CVE-2021-47194 at NVD CVE-2021-47195 at SUSE CVE-2021-47195 at NVD CVE-2021-47196 at SUSE CVE-2021-47196 at NVD CVE-2021-47197 at SUSE CVE-2021-47197 at NVD CVE-2021-47198 at SUSE CVE-2021-47198 at NVD CVE-2021-47199 at SUSE CVE-2021-47199 at NVD CVE-2021-47200 at SUSE CVE-2021-47200 at NVD CVE-2021-47201 at SUSE CVE-2021-47201 at NVD CVE-2021-47202 at SUSE CVE-2021-47202 at NVD CVE-2021-47203 at SUSE CVE-2021-47203 at NVD CVE-2021-47204 at SUSE CVE-2021-47204 at NVD CVE-2021-47205 at SUSE CVE-2021-47205 at NVD CVE-2021-47206 at SUSE CVE-2021-47206 at NVD CVE-2021-47207 at SUSE CVE-2021-47207 at NVD CVE-2021-47209 at SUSE CVE-2021-47209 at NVD CVE-2021-47210 at SUSE CVE-2021-47210 at NVD CVE-2021-47211 at SUSE CVE-2021-47211 at NVD CVE-2021-47212 at SUSE CVE-2021-47212 at NVD CVE-2021-47214 at SUSE CVE-2021-47214 at NVD CVE-2021-47215 at SUSE CVE-2021-47215 at NVD CVE-2021-47216 at SUSE CVE-2021-47216 at NVD CVE-2021-47217 at SUSE CVE-2021-47217 at NVD CVE-2021-47218 at SUSE CVE-2021-47218 at NVD CVE-2021-47219 at SUSE CVE-2021-47219 at NVD CVE-2022-48631 at SUSE CVE-2022-48631 at NVD CVE-2022-48632 at SUSE CVE-2022-48632 at NVD CVE-2022-48634 at SUSE CVE-2022-48634 at NVD CVE-2022-48636 at SUSE CVE-2022-48636 at NVD CVE-2022-48637 at SUSE CVE-2022-48637 at NVD CVE-2022-48638 at SUSE CVE-2022-48638 at NVD CVE-2022-48639 at SUSE CVE-2022-48639 at NVD CVE-2022-48640 at SUSE CVE-2022-48640 at NVD CVE-2022-48642 at SUSE CVE-2022-48642 at NVD CVE-2022-48644 at SUSE CVE-2022-48644 at NVD CVE-2022-48646 at SUSE CVE-2022-48646 at NVD CVE-2022-48647 at SUSE CVE-2022-48647 at NVD CVE-2022-48648 at SUSE CVE-2022-48648 at NVD CVE-2022-48650 at SUSE CVE-2022-48650 at NVD CVE-2022-48651 at SUSE CVE-2022-48651 at NVD CVE-2022-48652 at SUSE CVE-2022-48652 at NVD CVE-2022-48653 at SUSE CVE-2022-48653 at NVD CVE-2022-48654 at SUSE CVE-2022-48654 at NVD CVE-2022-48655 at SUSE CVE-2022-48655 at NVD CVE-2022-48656 at SUSE CVE-2022-48656 at NVD CVE-2022-48657 at SUSE CVE-2022-48657 at NVD CVE-2022-48658 at SUSE CVE-2022-48658 at NVD CVE-2022-48659 at SUSE CVE-2022-48659 at NVD CVE-2022-48660 at SUSE CVE-2022-48660 at NVD CVE-2022-48662 at SUSE CVE-2022-48662 at NVD CVE-2022-48663 at SUSE CVE-2022-48663 at NVD CVE-2022-48667 at SUSE CVE-2022-48667 at NVD CVE-2022-48668 at SUSE CVE-2022-48668 at NVD CVE-2022-48671 at SUSE CVE-2022-48671 at NVD CVE-2022-48672 at SUSE CVE-2022-48672 at NVD CVE-2022-48673 at SUSE CVE-2022-48673 at NVD CVE-2022-48675 at SUSE CVE-2022-48675 at NVD CVE-2022-48686 at SUSE CVE-2022-48686 at NVD CVE-2022-48687 at SUSE CVE-2022-48687 at NVD CVE-2022-48688 at SUSE CVE-2022-48688 at NVD CVE-2022-48690 at SUSE CVE-2022-48690 at NVD CVE-2022-48692 at SUSE CVE-2022-48692 at NVD CVE-2022-48693 at SUSE CVE-2022-48693 at NVD CVE-2022-48694 at SUSE CVE-2022-48694 at NVD CVE-2022-48695 at SUSE CVE-2022-48695 at NVD CVE-2022-48697 at SUSE CVE-2022-48697 at NVD CVE-2022-48698 at SUSE CVE-2022-48698 at NVD CVE-2022-48700 at SUSE CVE-2022-48700 at NVD CVE-2022-48701 at SUSE CVE-2022-48701 at NVD CVE-2022-48702 at SUSE CVE-2022-48702 at NVD CVE-2022-48703 at SUSE CVE-2022-48703 at NVD CVE-2022-48704 at SUSE CVE-2022-48704 at NVD CVE-2023-2860 at SUSE CVE-2023-2860 at NVD CVE-2023-52488 at SUSE CVE-2023-52488 at NVD CVE-2023-52503 at SUSE CVE-2023-52503 at NVD CVE-2023-52561 at SUSE CVE-2023-52561 at NVD CVE-2023-52585 at SUSE CVE-2023-52585 at NVD CVE-2023-52589 at SUSE CVE-2023-52589 at NVD CVE-2023-52590 at SUSE CVE-2023-52590 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52593 at SUSE CVE-2023-52593 at NVD CVE-2023-52614 at SUSE CVE-2023-52614 at NVD CVE-2023-52616 at SUSE CVE-2023-52616 at NVD CVE-2023-52620 at SUSE CVE-2023-52620 at NVD CVE-2023-52627 at SUSE CVE-2023-52627 at NVD CVE-2023-52635 at SUSE CVE-2023-52635 at NVD CVE-2023-52636 at SUSE CVE-2023-52636 at NVD CVE-2023-52645 at SUSE CVE-2023-52645 at NVD CVE-2023-52652 at SUSE CVE-2023-52652 at NVD CVE-2023-6270 at SUSE CVE-2023-6270 at NVD CVE-2024-0639 at SUSE CVE-2024-0639 at NVD CVE-2024-0841 at SUSE CVE-2024-0841 at NVD CVE-2024-22099 at SUSE CVE-2024-22099 at NVD CVE-2024-23307 at SUSE CVE-2024-23307 at NVD CVE-2024-23848 at SUSE CVE-2024-23848 at NVD CVE-2024-23850 at SUSE CVE-2024-23850 at NVD CVE-2024-26601 at SUSE CVE-2024-26601 at NVD CVE-2024-26610 at SUSE CVE-2024-26610 at NVD CVE-2024-26656 at SUSE CVE-2024-26656 at NVD CVE-2024-26660 at SUSE CVE-2024-26660 at NVD CVE-2024-26671 at SUSE CVE-2024-26671 at NVD CVE-2024-26673 at SUSE CVE-2024-26673 at NVD CVE-2024-26675 at SUSE CVE-2024-26675 at NVD CVE-2024-26680 at SUSE CVE-2024-26680 at NVD CVE-2024-26681 at SUSE CVE-2024-26681 at NVD CVE-2024-26684 at SUSE CVE-2024-26684 at NVD CVE-2024-26685 at SUSE CVE-2024-26685 at NVD CVE-2024-26687 at SUSE CVE-2024-26687 at NVD CVE-2024-26688 at SUSE CVE-2024-26688 at NVD CVE-2024-26689 at SUSE CVE-2024-26689 at NVD CVE-2024-26696 at SUSE CVE-2024-26696 at NVD CVE-2024-26697 at SUSE CVE-2024-26697 at NVD CVE-2024-26702 at SUSE CVE-2024-26702 at NVD CVE-2024-26704 at SUSE CVE-2024-26704 at NVD CVE-2024-26718 at SUSE CVE-2024-26718 at NVD CVE-2024-26722 at SUSE CVE-2024-26722 at NVD CVE-2024-26727 at SUSE CVE-2024-26727 at NVD CVE-2024-26733 at SUSE CVE-2024-26733 at NVD CVE-2024-26736 at SUSE CVE-2024-26736 at NVD CVE-2024-26737 at SUSE CVE-2024-26737 at NVD CVE-2024-26739 at SUSE CVE-2024-26739 at NVD CVE-2024-26743 at SUSE CVE-2024-26743 at NVD CVE-2024-26744 at SUSE CVE-2024-26744 at NVD CVE-2024-26745 at SUSE CVE-2024-26745 at NVD CVE-2024-26747 at SUSE CVE-2024-26747 at NVD CVE-2024-26749 at SUSE CVE-2024-26749 at NVD CVE-2024-26751 at SUSE CVE-2024-26751 at NVD CVE-2024-26754 at SUSE CVE-2024-26754 at NVD CVE-2024-26760 at SUSE CVE-2024-26760 at NVD CVE-2024-26763 at SUSE CVE-2024-26763 at NVD CVE-2024-26764 at SUSE CVE-2024-26764 at NVD CVE-2024-26766 at SUSE CVE-2024-26766 at NVD CVE-2024-26769 at SUSE CVE-2024-26769 at NVD CVE-2024-26771 at SUSE CVE-2024-26771 at NVD CVE-2024-26772 at SUSE CVE-2024-26772 at NVD CVE-2024-26773 at SUSE CVE-2024-26773 at NVD CVE-2024-26776 at SUSE CVE-2024-26776 at NVD CVE-2024-26779 at SUSE CVE-2024-26779 at NVD CVE-2024-26783 at SUSE CVE-2024-26783 at NVD CVE-2024-26787 at SUSE CVE-2024-26787 at NVD CVE-2024-26790 at SUSE CVE-2024-26790 at NVD CVE-2024-26792 at SUSE CVE-2024-26792 at NVD CVE-2024-26793 at SUSE CVE-2024-26793 at NVD CVE-2024-26798 at SUSE CVE-2024-26798 at NVD CVE-2024-26805 at SUSE CVE-2024-26805 at NVD CVE-2024-26807 at SUSE CVE-2024-26807 at NVD CVE-2024-26816 at SUSE CVE-2024-26816 at NVD CVE-2024-26817 at SUSE CVE-2024-26817 at NVD CVE-2024-26820 at SUSE CVE-2024-26820 at NVD CVE-2024-26825 at SUSE CVE-2024-26825 at NVD CVE-2024-26830 at SUSE CVE-2024-26830 at NVD CVE-2024-26833 at SUSE CVE-2024-26833 at NVD CVE-2024-26836 at SUSE CVE-2024-26836 at NVD CVE-2024-26843 at SUSE CVE-2024-26843 at NVD CVE-2024-26848 at SUSE CVE-2024-26848 at NVD CVE-2024-26852 at SUSE CVE-2024-26852 at NVD CVE-2024-26853 at SUSE CVE-2024-26853 at NVD CVE-2024-26855 at SUSE CVE-2024-26855 at NVD CVE-2024-26856 at SUSE CVE-2024-26856 at NVD CVE-2024-26857 at SUSE CVE-2024-26857 at NVD CVE-2024-26861 at SUSE CVE-2024-26861 at NVD CVE-2024-26862 at SUSE CVE-2024-26862 at NVD CVE-2024-26866 at SUSE CVE-2024-26866 at NVD CVE-2024-26872 at SUSE CVE-2024-26872 at NVD CVE-2024-26875 at SUSE CVE-2024-26875 at NVD CVE-2024-26878 at SUSE CVE-2024-26878 at NVD CVE-2024-26879 at SUSE CVE-2024-26879 at NVD CVE-2024-26881 at SUSE CVE-2024-26881 at NVD CVE-2024-26882 at SUSE CVE-2024-26882 at NVD CVE-2024-26883 at SUSE CVE-2024-26883 at NVD CVE-2024-26884 at SUSE CVE-2024-26884 at NVD CVE-2024-26885 at SUSE CVE-2024-26885 at NVD CVE-2024-26891 at SUSE CVE-2024-26891 at NVD CVE-2024-26893 at SUSE CVE-2024-26893 at NVD CVE-2024-26895 at SUSE CVE-2024-26895 at NVD CVE-2024-26896 at SUSE CVE-2024-26896 at NVD CVE-2024-26897 at SUSE CVE-2024-26897 at NVD CVE-2024-26898 at SUSE CVE-2024-26898 at NVD CVE-2024-26901 at SUSE CVE-2024-26901 at NVD CVE-2024-26903 at SUSE CVE-2024-26903 at NVD CVE-2024-26917 at SUSE CVE-2024-26917 at NVD CVE-2024-26927 at SUSE CVE-2024-26927 at NVD CVE-2024-26948 at SUSE CVE-2024-26948 at NVD CVE-2024-26950 at SUSE CVE-2024-26950 at NVD CVE-2024-26951 at SUSE CVE-2024-26951 at NVD CVE-2024-26955 at SUSE CVE-2024-26955 at NVD CVE-2024-26956 at SUSE CVE-2024-26956 at NVD CVE-2024-26960 at SUSE CVE-2024-26960 at NVD CVE-2024-26965 at SUSE CVE-2024-26965 at NVD CVE-2024-26966 at SUSE CVE-2024-26966 at NVD CVE-2024-26969 at SUSE CVE-2024-26969 at NVD CVE-2024-26970 at SUSE CVE-2024-26970 at NVD CVE-2024-26972 at SUSE CVE-2024-26972 at NVD CVE-2024-26981 at SUSE CVE-2024-26981 at NVD CVE-2024-26982 at SUSE CVE-2024-26982 at NVD CVE-2024-26993 at SUSE CVE-2024-26993 at NVD CVE-2024-27013 at SUSE CVE-2024-27013 at NVD CVE-2024-27014 at SUSE CVE-2024-27014 at NVD CVE-2024-27030 at SUSE CVE-2024-27030 at NVD CVE-2024-27038 at SUSE CVE-2024-27038 at NVD CVE-2024-27039 at SUSE CVE-2024-27039 at NVD CVE-2024-27041 at SUSE CVE-2024-27041 at NVD CVE-2024-27043 at SUSE CVE-2024-27043 at NVD CVE-2024-27046 at SUSE CVE-2024-27046 at NVD CVE-2024-27056 at SUSE CVE-2024-27056 at NVD CVE-2024-27062 at SUSE CVE-2024-27062 at NVD CVE-2024-27389 at SUSE CVE-2024-27389 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cairo (Low) SUSE Linux Enterprise Micro 5.5 This update for cairo fixes the following issues: - CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321). Low SUSE bug 1122321 CVE-2019-6462 at SUSE CVE-2019-6462 at NVD cpe:/o:suse:sle-micro:5.5 Security update for perl (Important) SUSE Linux Enterprise Micro 5.5 This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216) - CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233) Non-security issue fixed: - make Net::FTP work with TLS 1.3 (bsc#1213638) Important SUSE bug 1082216 SUSE bug 1082233 SUSE bug 1213638 CVE-2018-6798 at SUSE CVE-2018-6798 at NVD CVE-2018-6913 at SUSE CVE-2018-6913 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) - CVE-2023-45733: Fixed a potential security vulnerability in some Intel? Processors that may have allowed information disclosure. - CVE-2023-46103: Fixed a potential security vulnerability in Intel? Core™ Ultra Processors that may have allowed denial of service. - CVE-2023-45745,CVE-2023-47855: Fixed a potential security vulnerabilities in some Intel? Trust Domain Extensions (TDX) module software that may have allowed escalation of privilege. Important SUSE bug 1224277 CVE-2023-45733 at SUSE CVE-2023-45733 at NVD CVE-2023-45745 at SUSE CVE-2023-45745 at NVD CVE-2023-46103 at SUSE CVE-2023-46103 at NVD CVE-2023-47855 at SUSE CVE-2023-47855 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858). Important SUSE bug 1223858 SUSE bug 1224169 SUSE bug 1224340 cpe:/o:suse:sle-micro:5.5 Security update for git (Important) SUSE Linux Enterprise Micro 5.5 This update for git fixes the following issues: - CVE-2024-32002: Fixed recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168). - CVE-2024-32004: Fixed arbitrary code execution during local clones (bsc#1224170). - CVE-2024-32020: Fixed file overwriting vulnerability during local clones (bsc#1224171). - CVE-2024-32021: Fixed git may create hardlinks to arbitrary user-readable files (bsc#1224172). - CVE-2024-32465: Fixed arbitrary code execution during clone operations (bsc#1224173). Important SUSE bug 1224168 SUSE bug 1224170 SUSE bug 1224171 SUSE bug 1224172 SUSE bug 1224173 CVE-2024-32002 at SUSE CVE-2024-32002 at NVD CVE-2024-32004 at SUSE CVE-2024-32004 at NVD CVE-2024-32020 at SUSE CVE-2024-32020 at NVD CVE-2024-32021 at SUSE CVE-2024-32021 at NVD CVE-2024-32465 at SUSE CVE-2024-32465 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). Moderate SUSE bug 1222548 CVE-2024-2511 at SUSE CVE-2024-2511 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858). Important SUSE bug 1223858 SUSE bug 1224169 SUSE bug 1224340 cpe:/o:suse:sle-micro:5.5 Security update for bluez (Important) SUSE Linux Enterprise Micro 5.5 This update for bluez fixes the following issues: - CVE-2023-50229: Fixed an out of bounds write in the primary version counter for the Phone Book Access Profile implementation (bsc#1218300). - CVE-2023-50230: Fixed an out of bounds write in the secondary version counter for the Phone Book Access Profile implementation (bsc#1218301). Important SUSE bug 1218300 SUSE bug 1218301 CVE-2023-50229 at SUSE CVE-2023-50229 at NVD CVE-2023-50230 at SUSE CVE-2023-50230 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Low) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044). Low SUSE bug 1224044 CVE-2024-34397 at SUSE CVE-2024-34397 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-Jinja2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-Jinja2 fixes the following issues: - Fixed HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-34064, bsc#1223980, CVE-2024-22195, bsc#1218722) Moderate SUSE bug 1218722 SUSE bug 1223980 CVE-2024-22195 at SUSE CVE-2024-22195 at NVD CVE-2024-34064 at SUSE CVE-2024-34064 at NVD cpe:/o:suse:sle-micro:5.5 Security update for fwupdate (Moderate) SUSE Linux Enterprise Micro 5.5 This update of fwupdate fixes the following issues: - rebuild the package with the new secure boot key (bsc#1209188). - Update the email address of security team in SBAT (bsc#1221301) - elf_aarch64_efi.lds: set the memory permission explicitly to avoid ld warning like 'LOAD segment with RWX permissions' Moderate SUSE bug 1209188 SUSE bug 1221301 cpe:/o:suse:sle-micro:5.5 Security update for python-requests (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-requests fixes the following issues: - CVE-2024-35195: Fixed cert verification regardless of changes to the value of `verify` (bsc#1224788). Moderate SUSE bug 1224788 CVE-2024-35195 at SUSE CVE-2024-35195 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gstreamer-plugins-base (Important) SUSE Linux Enterprise Micro 5.5 This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata (bsc#1224806) Important SUSE bug 1224806 CVE-2024-4453 at SUSE CVE-2024-4453 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Important) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: - CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd (bsc#1223423) - CVE-2024-33600: Avoid null pointer crashes after notfound response in nscd (bsc#1223424) - CVE-2024-33600: Do not send missing not-found response in addgetnetgrentX in nscd (bsc#1223424) - CVE-2024-33601, CVE-2024-33602: Fixed use of two buffers in addgetnetgrentX ( bsc#1223425) - CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425) - Avoid creating userspace live patching prologue for _start routine (bsc#1221940) Important SUSE bug 1221940 SUSE bug 1223423 SUSE bug 1223424 SUSE bug 1223425 CVE-2024-33599 at SUSE CVE-2024-33599 at NVD CVE-2024-33600 at SUSE CVE-2024-33600 at NVD CVE-2024-33601 at SUSE CVE-2024-33601 at NVD CVE-2024-33602 at SUSE CVE-2024-33602 at NVD cpe:/o:suse:sle-micro:5.5 Security update for skopeo (Important) SUSE Linux Enterprise Micro 5.5 This update for skopeo fixes the following issues: - Update to version 1.14.4: - CVE-2024-3727: Fixed a vulnerability that allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, resource exhaustion, local path traversal and other attacks. (bsc#1224123) Important SUSE bug 1224123 CVE-2024-28180 at SUSE CVE-2024-28180 at NVD CVE-2024-3727 at SUSE CVE-2024-3727 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (Important) SUSE Linux Enterprise Micro 5.5 This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Rebuild against current updated packages and go compiler. - Bump github.com/containers/image/v5 (bsc#1224119, CVE-2024-3727) - Add LABEL with source URL Important SUSE bug 1224119 CVE-2024-3727 at SUSE CVE-2024-3727 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (Important) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues: Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write (bsc#1223356). - CVE-2024-0092: Fixed incorrect exception handling (bsc#1223356). - CVE-2024-0091: Fixed untrusted pointer dereference (bsc#1223356). Important SUSE bug 1223356 CVE-2024-0090 at SUSE CVE-2024-0090 at NVD CVE-2024-0091 at SUSE CVE-2024-0091 at NVD CVE-2024-0092 at SUSE CVE-2024-0092 at NVD cpe:/o:suse:sle-micro:5.5 Security update for unbound (Important) SUSE Linux Enterprise Micro 5.5 This update for unbound fixes the following issues: unbound was updated to 1.20.0: * A lot of bugfixes and added features. For a complete list take a look at the changelog located at: /usr/share/doc/packages/unbound/Changelog or https://www.nlnetlabs.nl/projects/unbound/download/ Some Noteworthy Changes: * Removed DLV. The DLV has been decommisioned since unbound 1.5.4 and has been advised to stop using it since. The use of dlv options displays a warning. * Remove EDNS lame procedure, do not re-query without EDNS after timeout. * Add DNS over HTTPS * libunbound has been upgraded to major version 8 Security Fixes: * CVE-2023-50387: DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers. [bsc#1219823] * CVE-2023-50868: NSEC3 closest encloser proof can exhaust CPU. [bsc#1219826] * CVE-2022-30698: Novel 'ghost domain names' attack by introducing subdomain delegations. [bsc#1202033] * CVE-2022-30699: Novel 'ghost domain names' attack by updating almost expired delegation information. [bsc#1202031] * CVE-2022-3204: NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation Attack). [bsc#1203643] Packaging Changes: * Use prefixes instead of sudo in unbound.service * Remove no longer necessary BuildRequires: libfstrm-devel and libprotobuf-c-devel Important SUSE bug 1202031 SUSE bug 1202033 SUSE bug 1203643 SUSE bug 1219823 SUSE bug 1219826 CVE-2022-30698 at SUSE CVE-2022-30698 at NVD CVE-2022-30699 at SUSE CVE-2022-30699 at NVD CVE-2022-3204 at SUSE CVE-2022-3204 at NVD CVE-2023-50387 at SUSE CVE-2023-50387 at NVD CVE-2023-50868 at SUSE CVE-2023-50868 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cups (Important) SUSE Linux Enterprise Micro 5.5 This update for cups fixes the following issues: - CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of other files in the system. (bsc#1225365) - Handle local 'Negotiate' authentication response for cli clients (bsc#1223179) Important SUSE bug 1223179 SUSE bug 1225365 CVE-2024-35235 at SUSE CVE-2024-35235 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506) - CVE-2022-48689: Fixed data-race in lru_add_fn (bsc#1223959) - CVE-2022-48691: Fixed memory leak in netfilter (bsc#1223961) - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335). - CVE-2023-42755: Check user supplied offsets (bsc#1215702). - CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081). - CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615). - CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187). - CVE-2023-52660: Fiedx IRQ handling due to shared interrupts (bsc#1224443). - CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747). - CVE-2023-52671: Fixed hang/underflow when transitioning to ODM4:1 (bsc#1224729). - CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727). - CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608). - CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628). - CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621) - CVE-2023-52746: Prevent potential spectre v1 gadget in xfrm_xlate32_attr() (bsc#1225114) - CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). - CVE-2023-52795: Fixed use after free in vhost_vdpa_probe() (bsc#1225085). - CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930). - CVE-2023-52807: Fixed out-of-bounds access may occur when coalesce info is read via debugfs (bsc#1225097). - CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936). - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385). - CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464). - CVE-2024-26715: Fixed NULL pointer dereference in dwc3_gadget_suspend (bsc#1222561). - CVE-2024-26742: Fixed disable_managed_interrupts (git-fixes bsc#1222608). - CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627). - CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793) - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011). - CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084). - CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119). - CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046). - CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207) - CVE-2024-26919: Fixed debugfs directory leak (bsc#1223847). - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138). - CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390). - CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). - CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679). - CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653). - CVE-2024-27042: Fixed potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (bsc#1223823). - CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098). - CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096). - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174). - CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181). - CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721) - CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759) - CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718). - CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725). - CVE-2024-35799: Prevent crash when disable stream (bsc#1224740). - CVE-2024-35804: Mark target gfn of emulated atomic instruction as dirty (bsc#1224638). - CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502). - CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636). - CVE-2024-35860: struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). - CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668). - CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667). - CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). - CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). - CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679). - CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672). - CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530). - CVE-2024-35875: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665). - CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525). - CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671). - CVE-2024-35879: kABI workaround for drivers/of/dynamic.c (bsc#1224524). - CVE-2024-35885: Stop interface during shutdown (bsc#1224519). - CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494). - CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488). - CVE-2024-35907: Call request_irq() after NAPI initialized (bsc#1224492). - CVE-2024-35924: Limit read size on v1.2 (bsc#1224657). - CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). - CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649). - CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648). - CVE-2024-35951: Fixed the error path in panfrost_mmu_map_fault_addr() (bsc#1224701). - CVE-2024-35959: Fixed mlx5e_priv_init() cleanup flow (bsc#1224666). - CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581). - CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580). - CVE-2024-35973: Fixed header validation in geneve[6]_xmit_skb (bsc#1224586). - CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). - CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). - CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550). - CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541). - CVE-2024-36007: Fixed warning during rehash (bsc#1224543). - CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). The following non-security bugs were fixed: - 9p: explicitly deny setlease attempts (git-fixes). - ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes). - ACPI: disable -Wstringop-truncation (git-fixes). - ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes). - ACPI: LPSS: Advertise number of chip selects via property (git-fixes). - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes). - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384). - af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384). - af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384). - ALSA: core: Fix NULL module pointer assignment at card init (git-fixes). - ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes). - ALSA: line6: Zero-initialize message buffers (stable-fixes). - ARM: 9381/1: kasan: clear stale stack poison (git-fixes). - ASoC: Intel: avs: Fix ASRC module initialization (git-fixes). - ASoC: Intel: avs: Fix potential integer overflow (git-fixes). - ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes). - ASoC: Intel: Disable route checks for Skylake boards (git-fixes). - ASoC: kirkwood: Fix potential NULL dereference (git-fixes). - ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes). - ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes). - ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes). - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes). - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes). - ata: pata_legacy: make legacy_exit() work again (git-fixes). - ata: sata_gemini: Check clk_enable() result (stable-fixes). - autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166). - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes). - Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() (git-fixes). - Bluetooth: hci_sync: Do not double print name in add/remove adv_monitor (bsc#1216358). - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes). - Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes). - Bluetooth: qca: add missing firmware sanity checks (git-fixes). - Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes). - Bluetooth: qca: fix firmware check error path (git-fixes). - Bluetooth: qca: fix info leak when fetching fw build id (git-fixes). - Bluetooth: qca: fix NVM configuration parsing (git-fixes). - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes) - bpf: decouple prune and jump points (bsc#1225756). - bpf: fix precision backtracking instruction iteration (bsc#1225756). - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes). - bpf: handle ldimm64 properly in check_cfg() (bsc#1225756). - bpf: mostly decouple jump history management from is_state_visited() (bsc#1225756). - bpf: remove unnecessary prune and jump points (bsc#1225756). - btrfs: add error messages to all unrecognized mount options (git-fixes) - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes) - btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes) - btrfs: extend locking to all space_info members accesses (git-fixes) - btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes) - btrfs: fix fallocate to use file_modified to update permissions consistently (git-fixes) - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes) - btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes) - btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes) - btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes) - btrfs: fix silent failure when deleting root reference (git-fixes) - btrfs: fix use-after-free after failure to create a snapshot (git-fixes) - btrfs: free exchange changeset on failures (git-fixes) - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes) - btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes) - btrfs: prevent copying too big compressed lzo segment (git-fixes) - btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes) - btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes) - btrfs: repair super block num_devices automatically (git-fixes) - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes) - btrfs: send: ensure send_fd is writable (git-fixes) - btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes) - btrfs: send: in case of IO error log it (git-fixes) - btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes) - btrfs: tree-checker: check item_size for dev_item (git-fixes) - btrfs: tree-checker: check item_size for inode_item (git-fixes) - cifs: account for primary channel in the interface list (bsc#1224020). - cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1224020). - cifs: distribute channels across interfaces based on speed (bsc#1224020). - cifs: do not pass cifs_sb when trying to add channels (bsc#1224020). - cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1224020). - cifs: fix charset issue in reconnection (bsc#1224020). - cifs: fix leak of iface for primary channel (git-fixes, bsc#1224020). - cifs: handle cases where a channel is closed (bsc#1224020). - cifs: handle cases where multiple sessions share connection (bsc#1224020). - cifs: reconnect work should have reference on server struct (bsc#1224020). - clk: Do not hold prepare_lock when calling kref_put() (stable-fixes). - clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes). - counter: stm32-lptimer-cnt: Provide defines for clock polarities (git-fixes). - counter: stm32-timer-cnt: Provide defines for slave mode selection (git-fixes). - cppc_cpufreq: Fix possible null pointer dereference (git-fixes). - cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state (git-fixes). - cpumask: Add for_each_cpu_from() (bsc#1225053). - crypto: bcm - Fix pointer arithmetic (git-fixes). - crypto: ccp - drop platform ifdef checks (git-fixes). - crypto: ecdsa - Fix module auto-load on add-key (git-fixes). - crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes). - crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes). - crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes). - dmaengine: axi-dmac: fix possible race in remove() (git-fixes). - dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes). - dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes). - dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575). - docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes). - drivers/nvme: Add quirks for device 126f:2262 (git-fixes). - drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes). - drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes). - drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes). - drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes). - drm/amd: Flush GFXOFF requests in prepare stage (git-fixes). - drm/amdgpu: Refine IB schedule error logging (stable-fixes). - drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes). - drm/arm/malidp: fix a possible null pointer dereference (git-fixes). - drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes). - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes). - drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes). - drm/connector: Add \n to message about demoting connector force-probes (git-fixes). - drm/i915/bios: Fix parsing backlight BDB data (git-fixes). - drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes). - drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes). - drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes). - drm/meson: dw-hdmi: power up phy on device init (git-fixes). - drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes). - drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes). - drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes). - drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes). - drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes). - drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD does not assert (git-fixes). - drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes). - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes). - drm: vc4: Fix possible null pointer dereference (git-fixes). - dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes) - dyndbg: fix old BUG_ON in >control parser (stable-fixes). - efi: libstub: only free priv.runtime_map when allocated (git-fixes). - extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes). - fail_function: fix wrong use of fei_attr_remove(). - fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes). - fbdev: shmobile: fix snprintf truncation (git-fixes). - fbdev: sisfb: hide unused variables (git-fixes). - firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes). - firmware: dmi-id: add a release callback function (git-fixes). - firmware: raspberrypi: Use correct device for DMA mappings (git-fixes). - fs/9p: drop inodes immediately on non-.L too (git-fixes). - fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes). - fs/9p: translate O_TRUNC into OTRUNC (git-fixes). - gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes). - gpio: wcove: Use -ENOTSUPP consistently (stable-fixes). - gpu: host1x: Do not setup DMA for virtual devices (stable-fixes). - HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes). - hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes). - hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes). - hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes). - hwmon: (lm70) fix links in doc and comments (git-fixes). - hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes). - i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes). - i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes). - IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes) - idpf: extend tx watchdog timeout (bsc#1224137). - iio: core: Leave private pointer NULL when no private data supplied (git-fixes). - iio: pressure: dps310: support negative temperature values (git-fixes). - Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes). - Input: ims-pcu - fix printf string overflow (git-fixes). - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes). - iomap: Fix inline extent handling in iomap_readpage (git-fixes) - iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes) - iomap: Support partial direct I/O on user copy failures (git-fixes) - iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331) - io_uring/unix: drop usage of io_uring socket (git-fixes). - irqchip/gic-v3-its: Prevent double free on error (git-fixes). - jffs2: prevent xattr node from overflowing the eraseblock (git-fixes). - kABI: bpf: struct bpf_insn_aux_data kABI workaround (bsc#1225756). - kcm: do not sense pfmemalloc status in kcm_sendpage() (git-fixes bsc#1223959) - KEYS: trusted: Do not use WARN when encode fails (git-fixes). - KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes). - KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224794). - KVM: x86: Delete duplicate documentation for KVM_X86_SET_MSR_FILTER (git-fixes). - leds: pwm: Disable PWM when going to suspend (git-fixes). - libsubcmd: Fix parse-options memory leak (git-fixes). - locking/atomic: Make test_and_*_bit() ordered on failure (git-fixes). - media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes). - media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes). - media: mc: mark the media devnode as registered from the, start (git-fixes). - media: ngene: Add dvb_ca_en50221_init return value check (git-fixes). - media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes). - mei: me: add lunar lake point M DID (stable-fixes). - mfd: intel-lpss: Revert 'Add missing check for platform_get_resource' (git-fixes). - mfd: ti_am335x_tscadc: Support the correctly spelled DT property (git-fixes). - mfd: tqmx86: Specify IO port register range more precisely (git-fixes). - mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes). - mlxbf_gige: Fix intermittent no ip issue (git-fixes). - mlxbf_gige: stop PHY during open() error paths (git-fixes). - mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes). - mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes). - mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes). - mtd: rawnand: hynix: fixed typo (git-fixes). - net: do not sense pfmemalloc status in skb_append_pagefrags() (git-fixes bsc#1223959) - netfilter: nf_tables: bail out early if hardware offload is not supported (git-fixes bsc#1223961) - net: introduce __skb_fill_page_desc_noacc (git-fixes bsc#1223959) - net: nfc: remove inappropriate attrs check (stable-fixes). - net: qualcomm: rmnet: fix global oob in rmnet_policy (git-fixes). - net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes). - net:usb:qmi_wwan: support Rolling modules (stable-fixes). - net: usb: smsc95xx: stop lying about skb->truesize (git-fixes). - net: usb: sr9700: stop lying about skb->truesize (git-fixes). - net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360). - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes). - nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). - nilfs2: fix out-of-range warning (git-fixes). - nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes). - nilfs2: fix use-after-free of timer for log writer thread (git-fixes). - nilfs2: make superblock data array index computation sparse friendly (git-fixes). - nvme: ensure disabling pairs with unquiesce (bsc#1224534). - nvme: fix miss command type check (git-fixes). - nvme: fix multipath batched completion accounting (git-fixes). - nvme-multipath: fix io accounting on failover (git-fixes). - nvmet: fix ns enable/disable possible hang (git-fixes). - PCI: dwc: Detect iATU settings after getting 'addr_space' resource (git-fixes). - PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes). - PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes). - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes). - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes). - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes). - PCI: tegra194: Fix probe path for Endpoint mode (git-fixes). - pinctrl: armada-37xx: remove an unused variable (git-fixes). - pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes). - pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() (stable-fixes). - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes). - pinctrl/meson: fix typo in PDM's pin name (git-fixes). - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes). - platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes). - platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes). - powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740). - powerpc/eeh: Small refactor of eeh_handle_normal_event() (bsc#1223991 ltc#205740). - powerpc/eeh: Use a goto for recovery failures (bsc#1223991 ltc#205740). - powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729). - powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes). - powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783). - powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869). - powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869). - power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes). - ppdev: Add an error check in register_device (git-fixes). - printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616). - qibfs: fix dentry leak (git-fixes) - RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes) - RDMA/hns: Fix deadlock on SRQ async events. (git-fixes) - RDMA/hns: Fix GMV table pagesize (git-fixes) - RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes) - RDMA/hns: Fix UAF for cq async event (git-fixes) - RDMA/hns: Modify the print level of CQE error (git-fixes) - RDMA/hns: Use complete parentheses in macros (git-fixes) - RDMA/IPoIB: Fix format truncation compilation errors (git-fixes) - RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes) - RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes) - RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes) - RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes) - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes) - RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes) - RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes) - RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes) - regulator: bd71828: Do not overwrite runtime voltages (git-fixes). - regulator: core: fix debugfs creation regression (git-fixes). - regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes). - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes). - Rename colliding patches before origin/cve/linux-5.14-LTSS -> SLE15-SP5 merge - Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1224020). - Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes). - ring-buffer: Fix a race between readers and resize checks (git-fixes). - s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224795). - s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224796). - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224346). - s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225139). - s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225138). - sched/topology: Optimize topology_span_sane() (bsc#1225053). - scsi: arcmsr: Support new PCI device IDs 1883 and 1886 (git-fixes). - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes). - scsi: core: Consult supported VPD page list prior to fetching page (git-fixes). - scsi: core: Fix unremoved procfs host directory regression (git-fixes). - scsi: csiostor: Avoid function pointer casts (git-fixes). - scsi: libfc: Do not schedule abort twice (git-fixes). - scsi: libfc: Fix up timeout error in fc_fcp_rec_error() (git-fixes). - scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842). - scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842). - scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842). - scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842). - scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842). - scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842). - scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842). - scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842). - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes). - scsi: mylex: Fix sysfs buffer lengths (git-fixes). - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes). - scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes). - selftests/pidfd: Fix config for pidfd_setns_test (git-fixes). - serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes). - serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes). - serial: max3100: Fix bitwise types (git-fixes). - serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes). - serial: max3100: Update uart_driver_registered on driver removal (git-fixes). - serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes). - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes). - serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes). - smb3: show beginning time for per share stats (bsc#1224020). - smb: client: ensure to try all targets when finding nested links (bsc#1224020). - smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1224020). - smb: client: get rid of dfs code dep in namespace.c (bsc#1224020). - smb: client: get rid of dfs naming in automount code (bsc#1224020). - smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020). - smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1224020). - smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1224020). - smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020). - soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes). - soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes). - Sort recent BHI patches - speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes). - spmi: Add a check for remove callback when removing a SPMI driver (git-fixes). - spmi: hisi-spmi-controller: Do not override device identifier (git-fixes). - swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331). - swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331) - swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331) - swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331) - sysv: do not call sb_bread() with pointers_lock held (git-fixes). - thermal/drivers/tsens: Fix null pointer dereference (git-fixes). - tools/latency-collector: Fix -Wformat-security compile warns (git-fixes). - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535) - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes). - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes). - tracing: hide unused ftrace_event_id_fops (git-fixes). - tty: n_gsm: fix missing receive state reset after mode switch (git-fixes). - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes). - Update patches.suse/ring-buffer-Fix-a-race-between-readers-and-resize-checks.patch (bsc#1222893). - Update patches.suse/scsi-qedf-Don-t-process-stag-work-during-unload.patch (bsc#1214852) - Update patches.suse/scsi-qedf-Wait-for-stag-work-during-unload.patch (bsc#1214852) - usb: aqc111: stop lying about skb->truesize (git-fixes). - USB: core: Add hub_get() and hub_put() routines (git-fixes). - USB: core: Fix access violation during port device removal (git-fixes). - USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes). - usb: dwc3: core: Prevent phy suspend during init (Git-fixes). - usb: gadget: u_audio: Clear uac pointer when freed (git-fixes). - usb: typec: tipd: fix event checking for tps6598x (git-fixes). - usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes). - VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes). - VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes). - vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes). - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes). - watchdog: ixp4xx: Make sure restart always works (git-fixes). - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes). - wifi: ar5523: enable proper endpoint verification (git-fixes). - wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes). - wifi: ath10k: poll service ready message before failing (git-fixes). - wifi: ath10k: populate board data for WCN3990 (git-fixes). - wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes). - wifi: carl9170: add a proper sanity check for endpoints (git-fixes). - wifi: carl9170: re-fix fortified-memset warning (git-fixes). - wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes). - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes). - wifi: mwl8k: initialize cmd->addr[] properly (git-fixes). - x86/boot: Ignore NMIs during very early boot (git-fixes). - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes). - x86/bugs: Fix BHI documentation (git-fixes). - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - x86/bugs: Fix BHI retpoline check (git-fixes). - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes). - x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes). - x86/lib: Fix overflow when counting digits (git-fixes). - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes). - x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes). - x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes). - x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes). - x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes). - x86/tdx: Preserve shared bit on mprotect() (git-fixes). - xfs: add missing cmap->br_state = XFS_EXT_NORM update (git-fixes). - xfs: fix exception caused by unexpected illegal bestcount in leaf dir (git-fixes). - xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (git-fixes). - xfs: fix imprecise logic in xchk_btree_check_block_owner (git-fixes). - xfs: fix inode reservation space for removing transaction (git-fixes). - xfs: shrink failure needs to hold AGI buffer (git-fixes). Important SUSE bug 1065729 SUSE bug 1141539 SUSE bug 1174585 SUSE bug 1181674 SUSE bug 1187716 SUSE bug 1190569 SUSE bug 1191949 SUSE bug 1192107 SUSE bug 1193983 SUSE bug 1194288 SUSE bug 1194869 SUSE bug 1196956 SUSE bug 1197915 SUSE bug 1200465 SUSE bug 1205205 SUSE bug 1207284 SUSE bug 1207361 SUSE bug 1207948 SUSE bug 1208149 SUSE bug 1209657 SUSE bug 1209799 SUSE bug 1209834 SUSE bug 1209980 SUSE bug 1210335 SUSE bug 1213863 SUSE bug 1214852 SUSE bug 1215322 SUSE bug 1215702 SUSE bug 1216358 SUSE bug 1216702 SUSE bug 1217169 SUSE bug 1217339 SUSE bug 1217515 SUSE bug 1218447 SUSE bug 1220021 SUSE bug 1220267 SUSE bug 1220363 SUSE bug 1220783 SUSE bug 1221044 SUSE bug 1221081 SUSE bug 1221615 SUSE bug 1221777 SUSE bug 1221816 SUSE bug 1221829 SUSE bug 1222011 SUSE bug 1222374 SUSE bug 1222385 SUSE bug 1222413 SUSE bug 1222464 SUSE bug 1222513 SUSE bug 1222559 SUSE bug 1222561 SUSE bug 1222608 SUSE bug 1222619 SUSE bug 1222627 SUSE bug 1222721 SUSE bug 1222765 SUSE bug 1222770 SUSE bug 1222783 SUSE bug 1222793 SUSE bug 1222838 SUSE bug 1222870 SUSE bug 1222893 SUSE bug 1222960 SUSE bug 1222961 SUSE bug 1222974 SUSE bug 1222975 SUSE bug 1222976 SUSE bug 1223011 SUSE bug 1223023 SUSE bug 1223027 SUSE bug 1223031 SUSE bug 1223043 SUSE bug 1223046 SUSE bug 1223048 SUSE bug 1223049 SUSE bug 1223084 SUSE bug 1223113 SUSE bug 1223119 SUSE bug 1223137 SUSE bug 1223138 SUSE bug 1223140 SUSE bug 1223188 SUSE bug 1223203 SUSE bug 1223207 SUSE bug 1223315 SUSE bug 1223360 SUSE bug 1223384 SUSE bug 1223390 SUSE bug 1223432 SUSE bug 1223489 SUSE bug 1223505 SUSE bug 1223532 SUSE bug 1223575 SUSE bug 1223595 SUSE bug 1223626 SUSE bug 1223627 SUSE bug 1223628 SUSE bug 1223631 SUSE bug 1223633 SUSE bug 1223638 SUSE bug 1223650 SUSE bug 1223653 SUSE bug 1223666 SUSE bug 1223670 SUSE bug 1223671 SUSE bug 1223675 SUSE bug 1223677 SUSE bug 1223678 SUSE bug 1223679 SUSE bug 1223698 SUSE bug 1223712 SUSE bug 1223715 SUSE bug 1223717 SUSE bug 1223718 SUSE bug 1223737 SUSE bug 1223738 SUSE bug 1223741 SUSE bug 1223744 SUSE bug 1223747 SUSE bug 1223748 SUSE bug 1223750 SUSE bug 1223752 SUSE bug 1223754 SUSE bug 1223756 SUSE bug 1223757 SUSE bug 1223762 SUSE bug 1223769 SUSE bug 1223770 SUSE bug 1223779 SUSE bug 1223780 SUSE bug 1223781 SUSE bug 1223788 SUSE bug 1223802 SUSE bug 1223819 SUSE bug 1223823 SUSE bug 1223826 SUSE bug 1223828 SUSE bug 1223829 SUSE bug 1223837 SUSE bug 1223842 SUSE bug 1223843 SUSE bug 1223844 SUSE bug 1223847 SUSE bug 1223858 SUSE bug 1223875 SUSE bug 1223879 SUSE bug 1223895 SUSE bug 1223959 SUSE bug 1223961 SUSE bug 1223991 SUSE bug 1223996 SUSE bug 1224020 SUSE bug 1224076 SUSE bug 1224096 SUSE bug 1224098 SUSE bug 1224099 SUSE bug 1224137 SUSE bug 1224166 SUSE bug 1224174 SUSE bug 1224177 SUSE bug 1224180 SUSE bug 1224181 SUSE bug 1224187 SUSE bug 1224331 SUSE bug 1224346 SUSE bug 1224423 SUSE bug 1224432 SUSE bug 1224437 SUSE bug 1224438 SUSE bug 1224442 SUSE bug 1224443 SUSE bug 1224445 SUSE bug 1224449 SUSE bug 1224479 SUSE bug 1224482 SUSE bug 1224487 SUSE bug 1224488 SUSE bug 1224492 SUSE bug 1224494 SUSE bug 1224495 SUSE bug 1224502 SUSE bug 1224508 SUSE bug 1224509 SUSE bug 1224511 SUSE bug 1224519 SUSE bug 1224524 SUSE bug 1224525 SUSE bug 1224530 SUSE bug 1224531 SUSE bug 1224534 SUSE bug 1224535 SUSE bug 1224537 SUSE bug 1224541 SUSE bug 1224543 SUSE bug 1224549 SUSE bug 1224550 SUSE bug 1224558 SUSE bug 1224559 SUSE bug 1224566 SUSE bug 1224567 SUSE bug 1224571 SUSE bug 1224575 SUSE bug 1224576 SUSE bug 1224579 SUSE bug 1224580 SUSE bug 1224581 SUSE bug 1224582 SUSE bug 1224586 SUSE bug 1224587 SUSE bug 1224592 SUSE bug 1224598 SUSE bug 1224601 SUSE bug 1224607 SUSE bug 1224608 SUSE bug 1224611 SUSE bug 1224615 SUSE bug 1224617 SUSE bug 1224618 SUSE bug 1224621 SUSE bug 1224622 SUSE bug 1224624 SUSE bug 1224627 SUSE bug 1224628 SUSE bug 1224629 SUSE bug 1224632 SUSE bug 1224636 SUSE bug 1224637 SUSE bug 1224638 SUSE bug 1224640 SUSE bug 1224643 SUSE bug 1224644 SUSE bug 1224645 SUSE bug 1224647 SUSE bug 1224648 SUSE bug 1224649 SUSE bug 1224650 SUSE bug 1224651 SUSE bug 1224657 SUSE bug 1224659 SUSE bug 1224660 SUSE bug 1224663 SUSE bug 1224664 SUSE bug 1224665 SUSE bug 1224666 SUSE bug 1224667 SUSE bug 1224668 SUSE bug 1224671 SUSE bug 1224672 SUSE bug 1224676 SUSE bug 1224678 SUSE bug 1224679 SUSE bug 1224680 SUSE bug 1224681 SUSE bug 1224682 SUSE bug 1224685 SUSE bug 1224686 SUSE bug 1224692 SUSE bug 1224697 SUSE bug 1224699 SUSE bug 1224701 SUSE bug 1224703 SUSE bug 1224705 SUSE bug 1224707 SUSE bug 1224717 SUSE bug 1224718 SUSE bug 1224721 SUSE bug 1224722 SUSE bug 1224723 SUSE bug 1224725 SUSE bug 1224727 SUSE bug 1224728 SUSE bug 1224729 SUSE bug 1224730 SUSE bug 1224731 SUSE bug 1224732 SUSE bug 1224733 SUSE bug 1224736 SUSE bug 1224738 SUSE bug 1224739 SUSE bug 1224740 SUSE bug 1224747 SUSE bug 1224749 SUSE bug 1224759 SUSE bug 1224763 SUSE bug 1224764 SUSE bug 1224765 SUSE bug 1224766 SUSE bug 1224794 SUSE bug 1224795 SUSE bug 1224796 SUSE bug 1224803 SUSE bug 1224816 SUSE bug 1224895 SUSE bug 1224898 SUSE bug 1224900 SUSE bug 1224901 SUSE bug 1224902 SUSE bug 1224903 SUSE bug 1224904 SUSE bug 1224905 SUSE bug 1224907 SUSE bug 1224909 SUSE bug 1224910 SUSE bug 1224911 SUSE bug 1224912 SUSE bug 1224913 SUSE bug 1224914 SUSE bug 1224915 SUSE bug 1224920 SUSE bug 1224928 SUSE bug 1224929 SUSE bug 1224930 SUSE bug 1224931 SUSE bug 1224932 SUSE bug 1224936 SUSE bug 1224937 SUSE bug 1224941 SUSE bug 1224942 SUSE bug 1224944 SUSE bug 1224945 SUSE bug 1224947 SUSE bug 1224956 SUSE bug 1224988 SUSE bug 1224992 SUSE bug 1225000 SUSE bug 1225003 SUSE bug 1225005 SUSE bug 1225008 SUSE bug 1225009 SUSE bug 1225022 SUSE bug 1225031 SUSE bug 1225032 SUSE bug 1225036 SUSE bug 1225041 SUSE bug 1225044 SUSE bug 1225053 SUSE bug 1225076 SUSE bug 1225077 SUSE bug 1225082 SUSE bug 1225085 SUSE bug 1225086 SUSE bug 1225092 SUSE bug 1225095 SUSE bug 1225096 SUSE bug 1225097 SUSE bug 1225106 SUSE bug 1225108 SUSE bug 1225109 SUSE bug 1225114 SUSE bug 1225118 SUSE bug 1225121 SUSE bug 1225122 SUSE bug 1225123 SUSE bug 1225125 SUSE bug 1225126 SUSE bug 1225127 SUSE bug 1225129 SUSE bug 1225131 SUSE bug 1225132 SUSE bug 1225138 SUSE bug 1225139 SUSE bug 1225145 SUSE bug 1225151 SUSE bug 1225153 SUSE bug 1225156 SUSE bug 1225158 SUSE bug 1225160 SUSE bug 1225161 SUSE bug 1225164 SUSE bug 1225167 SUSE bug 1225180 SUSE bug 1225183 SUSE bug 1225184 SUSE bug 1225186 SUSE bug 1225187 SUSE bug 1225189 SUSE bug 1225190 SUSE bug 1225191 SUSE bug 1225192 SUSE bug 1225193 SUSE bug 1225195 SUSE bug 1225198 SUSE bug 1225201 SUSE bug 1225203 SUSE bug 1225205 SUSE bug 1225206 SUSE bug 1225207 SUSE bug 1225208 SUSE bug 1225209 SUSE bug 1225210 SUSE bug 1225214 SUSE bug 1225222 SUSE bug 1225223 SUSE bug 1225224 SUSE bug 1225225 SUSE bug 1225227 SUSE bug 1225228 SUSE bug 1225229 SUSE bug 1225230 SUSE bug 1225232 SUSE bug 1225233 SUSE bug 1225235 SUSE bug 1225236 SUSE bug 1225237 SUSE bug 1225238 SUSE bug 1225239 SUSE bug 1225240 SUSE bug 1225241 SUSE bug 1225242 SUSE bug 1225243 SUSE bug 1225244 SUSE bug 1225245 SUSE bug 1225246 SUSE bug 1225247 SUSE bug 1225248 SUSE bug 1225249 SUSE bug 1225250 SUSE bug 1225251 SUSE bug 1225252 SUSE bug 1225253 SUSE bug 1225254 SUSE bug 1225255 SUSE bug 1225256 SUSE bug 1225257 SUSE bug 1225258 SUSE bug 1225259 SUSE bug 1225260 SUSE bug 1225261 SUSE bug 1225262 SUSE bug 1225263 SUSE bug 1225268 SUSE bug 1225301 SUSE bug 1225303 SUSE bug 1225304 SUSE bug 1225306 SUSE bug 1225316 SUSE bug 1225318 SUSE bug 1225320 SUSE bug 1225321 SUSE bug 1225322 SUSE bug 1225323 SUSE bug 1225326 SUSE bug 1225327 SUSE bug 1225328 SUSE bug 1225329 SUSE bug 1225330 SUSE bug 1225331 SUSE bug 1225332 SUSE bug 1225333 SUSE bug 1225334 SUSE bug 1225335 SUSE bug 1225336 SUSE bug 1225337 SUSE bug 1225338 SUSE bug 1225339 SUSE bug 1225341 SUSE bug 1225342 SUSE bug 1225344 SUSE bug 1225346 SUSE bug 1225347 SUSE bug 1225351 SUSE bug 1225353 SUSE bug 1225354 SUSE bug 1225355 SUSE bug 1225357 SUSE bug 1225358 SUSE bug 1225360 SUSE bug 1225361 SUSE bug 1225366 SUSE bug 1225367 SUSE bug 1225368 SUSE bug 1225369 SUSE bug 1225370 SUSE bug 1225372 SUSE bug 1225373 SUSE bug 1225374 SUSE bug 1225375 SUSE bug 1225376 SUSE bug 1225377 SUSE bug 1225379 SUSE bug 1225380 SUSE bug 1225382 SUSE bug 1225383 SUSE bug 1225384 SUSE bug 1225386 SUSE bug 1225387 SUSE bug 1225388 SUSE bug 1225390 SUSE bug 1225392 SUSE bug 1225393 SUSE bug 1225396 SUSE bug 1225400 SUSE bug 1225404 SUSE bug 1225405 SUSE bug 1225408 SUSE bug 1225409 SUSE bug 1225410 SUSE bug 1225411 SUSE bug 1225424 SUSE bug 1225425 SUSE bug 1225427 SUSE bug 1225431 SUSE bug 1225435 SUSE bug 1225436 SUSE bug 1225437 SUSE bug 1225438 SUSE bug 1225439 SUSE bug 1225441 SUSE bug 1225442 SUSE bug 1225443 SUSE bug 1225444 SUSE bug 1225445 SUSE bug 1225446 SUSE bug 1225447 SUSE bug 1225450 SUSE bug 1225453 SUSE bug 1225455 SUSE bug 1225461 SUSE bug 1225463 SUSE bug 1225464 SUSE bug 1225466 SUSE bug 1225467 SUSE bug 1225468 SUSE bug 1225471 SUSE bug 1225472 SUSE bug 1225478 SUSE bug 1225479 SUSE bug 1225480 SUSE bug 1225482 SUSE bug 1225483 SUSE bug 1225486 SUSE bug 1225488 SUSE bug 1225490 SUSE bug 1225492 SUSE bug 1225495 SUSE bug 1225499 SUSE bug 1225500 SUSE bug 1225501 SUSE bug 1225502 SUSE bug 1225506 SUSE bug 1225508 SUSE bug 1225510 SUSE bug 1225513 SUSE bug 1225515 SUSE bug 1225529 SUSE bug 1225530 SUSE bug 1225532 SUSE bug 1225534 SUSE bug 1225535 SUSE bug 1225548 SUSE bug 1225549 SUSE bug 1225550 SUSE bug 1225553 SUSE bug 1225554 SUSE bug 1225555 SUSE bug 1225556 SUSE bug 1225557 SUSE bug 1225559 SUSE bug 1225560 SUSE bug 1225565 SUSE bug 1225566 SUSE bug 1225568 SUSE bug 1225569 SUSE bug 1225570 SUSE bug 1225571 SUSE bug 1225572 SUSE bug 1225577 SUSE bug 1225583 SUSE bug 1225584 SUSE bug 1225587 SUSE bug 1225588 SUSE bug 1225589 SUSE bug 1225590 SUSE bug 1225591 SUSE bug 1225592 SUSE bug 1225593 SUSE bug 1225595 SUSE bug 1225599 SUSE bug 1225616 SUSE bug 1225640 SUSE bug 1225642 SUSE bug 1225705 SUSE bug 1225708 SUSE bug 1225715 SUSE bug 1225720 SUSE bug 1225722 SUSE bug 1225734 SUSE bug 1225735 SUSE bug 1225747 SUSE bug 1225748 SUSE bug 1225756 SUSE bug 1225761 SUSE bug 1225766 SUSE bug 1225775 SUSE bug 1225810 SUSE bug 1225820 SUSE bug 1225829 SUSE bug 1225835 SUSE bug 1225842 CVE-2020-36788 at SUSE CVE-2020-36788 at NVD CVE-2021-39698 at SUSE CVE-2021-39698 at NVD CVE-2021-4148 at SUSE CVE-2021-4148 at NVD CVE-2021-42327 at SUSE CVE-2021-42327 at NVD CVE-2021-43056 at SUSE CVE-2021-43056 at NVD CVE-2021-43527 at SUSE CVE-2021-43527 at NVD CVE-2021-47200 at SUSE CVE-2021-47200 at NVD CVE-2021-47358 at SUSE CVE-2021-47358 at NVD CVE-2021-47359 at SUSE CVE-2021-47359 at NVD CVE-2021-47360 at SUSE CVE-2021-47360 at NVD CVE-2021-47361 at SUSE CVE-2021-47361 at NVD CVE-2021-47362 at SUSE CVE-2021-47362 at NVD CVE-2021-47363 at SUSE CVE-2021-47363 at NVD CVE-2021-47364 at SUSE CVE-2021-47364 at NVD CVE-2021-47365 at SUSE CVE-2021-47365 at NVD CVE-2021-47366 at SUSE CVE-2021-47366 at NVD CVE-2021-47367 at SUSE CVE-2021-47367 at NVD CVE-2021-47368 at SUSE CVE-2021-47368 at NVD CVE-2021-47369 at SUSE CVE-2021-47369 at NVD CVE-2021-47370 at SUSE CVE-2021-47370 at NVD CVE-2021-47371 at SUSE CVE-2021-47371 at NVD CVE-2021-47372 at SUSE CVE-2021-47372 at NVD CVE-2021-47373 at SUSE CVE-2021-47373 at NVD CVE-2021-47374 at SUSE CVE-2021-47374 at NVD CVE-2021-47375 at SUSE CVE-2021-47375 at NVD CVE-2021-47376 at SUSE CVE-2021-47376 at NVD CVE-2021-47378 at SUSE CVE-2021-47378 at NVD CVE-2021-47379 at SUSE CVE-2021-47379 at NVD CVE-2021-47380 at SUSE CVE-2021-47380 at NVD CVE-2021-47381 at SUSE CVE-2021-47381 at NVD CVE-2021-47382 at SUSE CVE-2021-47382 at NVD CVE-2021-47383 at SUSE CVE-2021-47383 at NVD CVE-2021-47384 at SUSE CVE-2021-47384 at NVD CVE-2021-47385 at SUSE CVE-2021-47385 at NVD CVE-2021-47386 at SUSE CVE-2021-47386 at NVD CVE-2021-47387 at SUSE CVE-2021-47387 at NVD CVE-2021-47388 at SUSE CVE-2021-47388 at NVD CVE-2021-47389 at SUSE CVE-2021-47389 at NVD CVE-2021-47390 at SUSE CVE-2021-47390 at NVD CVE-2021-47391 at SUSE CVE-2021-47391 at NVD CVE-2021-47392 at SUSE CVE-2021-47392 at NVD CVE-2021-47393 at SUSE CVE-2021-47393 at NVD CVE-2021-47394 at SUSE CVE-2021-47394 at NVD CVE-2021-47395 at SUSE CVE-2021-47395 at NVD CVE-2021-47396 at SUSE CVE-2021-47396 at NVD CVE-2021-47397 at SUSE CVE-2021-47397 at NVD CVE-2021-47398 at SUSE CVE-2021-47398 at NVD CVE-2021-47399 at SUSE CVE-2021-47399 at NVD CVE-2021-47400 at SUSE CVE-2021-47400 at NVD CVE-2021-47401 at SUSE CVE-2021-47401 at NVD CVE-2021-47402 at SUSE CVE-2021-47402 at NVD CVE-2021-47403 at SUSE CVE-2021-47403 at NVD CVE-2021-47404 at SUSE CVE-2021-47404 at NVD CVE-2021-47405 at SUSE CVE-2021-47405 at NVD CVE-2021-47406 at SUSE CVE-2021-47406 at NVD CVE-2021-47407 at SUSE CVE-2021-47407 at NVD CVE-2021-47408 at SUSE CVE-2021-47408 at NVD CVE-2021-47409 at SUSE CVE-2021-47409 at NVD CVE-2021-47410 at SUSE CVE-2021-47410 at NVD CVE-2021-47412 at SUSE CVE-2021-47412 at NVD CVE-2021-47413 at SUSE CVE-2021-47413 at NVD CVE-2021-47414 at SUSE CVE-2021-47414 at NVD CVE-2021-47415 at SUSE CVE-2021-47415 at NVD CVE-2021-47416 at SUSE CVE-2021-47416 at NVD CVE-2021-47417 at SUSE CVE-2021-47417 at NVD CVE-2021-47418 at SUSE CVE-2021-47418 at NVD CVE-2021-47419 at SUSE CVE-2021-47419 at NVD CVE-2021-47420 at SUSE CVE-2021-47420 at NVD CVE-2021-47421 at SUSE CVE-2021-47421 at NVD CVE-2021-47422 at SUSE CVE-2021-47422 at NVD CVE-2021-47423 at SUSE CVE-2021-47423 at NVD CVE-2021-47424 at SUSE CVE-2021-47424 at NVD CVE-2021-47425 at SUSE CVE-2021-47425 at NVD CVE-2021-47426 at SUSE CVE-2021-47426 at NVD CVE-2021-47427 at SUSE CVE-2021-47427 at NVD CVE-2021-47428 at SUSE CVE-2021-47428 at NVD CVE-2021-47429 at SUSE CVE-2021-47429 at NVD CVE-2021-47430 at SUSE CVE-2021-47430 at NVD CVE-2021-47431 at SUSE CVE-2021-47431 at NVD CVE-2021-47433 at SUSE CVE-2021-47433 at NVD CVE-2021-47434 at SUSE CVE-2021-47434 at NVD CVE-2021-47435 at SUSE CVE-2021-47435 at NVD CVE-2021-47436 at SUSE CVE-2021-47436 at NVD CVE-2021-47437 at SUSE CVE-2021-47437 at NVD CVE-2021-47438 at SUSE CVE-2021-47438 at NVD CVE-2021-47439 at SUSE CVE-2021-47439 at NVD CVE-2021-47440 at SUSE CVE-2021-47440 at NVD CVE-2021-47441 at SUSE CVE-2021-47441 at NVD CVE-2021-47442 at SUSE CVE-2021-47442 at NVD CVE-2021-47443 at SUSE CVE-2021-47443 at NVD CVE-2021-47444 at SUSE CVE-2021-47444 at NVD CVE-2021-47445 at SUSE CVE-2021-47445 at NVD CVE-2021-47446 at SUSE CVE-2021-47446 at NVD CVE-2021-47447 at SUSE CVE-2021-47447 at NVD CVE-2021-47448 at SUSE CVE-2021-47448 at NVD CVE-2021-47449 at SUSE CVE-2021-47449 at NVD CVE-2021-47450 at SUSE CVE-2021-47450 at NVD CVE-2021-47451 at SUSE CVE-2021-47451 at NVD CVE-2021-47452 at SUSE CVE-2021-47452 at NVD CVE-2021-47453 at SUSE CVE-2021-47453 at NVD CVE-2021-47454 at SUSE CVE-2021-47454 at NVD CVE-2021-47455 at SUSE CVE-2021-47455 at NVD CVE-2021-47456 at SUSE CVE-2021-47456 at NVD CVE-2021-47457 at SUSE CVE-2021-47457 at NVD CVE-2021-47458 at SUSE CVE-2021-47458 at NVD CVE-2021-47459 at SUSE CVE-2021-47459 at NVD CVE-2021-47460 at SUSE CVE-2021-47460 at NVD CVE-2021-47461 at SUSE CVE-2021-47461 at NVD CVE-2021-47462 at SUSE CVE-2021-47462 at NVD CVE-2021-47463 at SUSE CVE-2021-47463 at NVD CVE-2021-47464 at SUSE CVE-2021-47464 at NVD CVE-2021-47465 at SUSE CVE-2021-47465 at NVD CVE-2021-47466 at SUSE CVE-2021-47466 at NVD CVE-2021-47467 at SUSE CVE-2021-47467 at NVD CVE-2021-47468 at SUSE CVE-2021-47468 at NVD CVE-2021-47469 at SUSE CVE-2021-47469 at NVD CVE-2021-47470 at SUSE CVE-2021-47470 at NVD CVE-2021-47471 at SUSE CVE-2021-47471 at NVD CVE-2021-47472 at SUSE CVE-2021-47472 at NVD CVE-2021-47473 at SUSE CVE-2021-47473 at NVD CVE-2021-47474 at SUSE CVE-2021-47474 at NVD CVE-2021-47475 at SUSE CVE-2021-47475 at NVD CVE-2021-47476 at SUSE CVE-2021-47476 at NVD CVE-2021-47477 at SUSE CVE-2021-47477 at NVD CVE-2021-47478 at SUSE CVE-2021-47478 at NVD CVE-2021-47479 at SUSE CVE-2021-47479 at NVD CVE-2021-47480 at SUSE CVE-2021-47480 at NVD CVE-2021-47481 at SUSE CVE-2021-47481 at NVD CVE-2021-47482 at SUSE CVE-2021-47482 at NVD CVE-2021-47483 at SUSE CVE-2021-47483 at NVD CVE-2021-47484 at SUSE CVE-2021-47484 at NVD CVE-2021-47485 at SUSE CVE-2021-47485 at NVD CVE-2021-47486 at SUSE CVE-2021-47486 at NVD CVE-2021-47488 at SUSE CVE-2021-47488 at NVD CVE-2021-47489 at SUSE CVE-2021-47489 at NVD CVE-2021-47490 at SUSE CVE-2021-47490 at NVD CVE-2021-47491 at SUSE CVE-2021-47491 at NVD CVE-2021-47492 at SUSE CVE-2021-47492 at NVD CVE-2021-47493 at SUSE CVE-2021-47493 at NVD CVE-2021-47494 at SUSE CVE-2021-47494 at NVD CVE-2021-47495 at SUSE CVE-2021-47495 at NVD CVE-2021-47496 at SUSE CVE-2021-47496 at NVD CVE-2021-47497 at SUSE CVE-2021-47497 at NVD CVE-2021-47498 at SUSE CVE-2021-47498 at NVD CVE-2021-47499 at SUSE CVE-2021-47499 at NVD CVE-2021-47500 at SUSE CVE-2021-47500 at NVD CVE-2021-47501 at SUSE CVE-2021-47501 at NVD CVE-2021-47502 at SUSE CVE-2021-47502 at NVD CVE-2021-47503 at SUSE CVE-2021-47503 at NVD CVE-2021-47504 at SUSE CVE-2021-47504 at NVD CVE-2021-47505 at SUSE CVE-2021-47505 at NVD CVE-2021-47506 at SUSE CVE-2021-47506 at NVD CVE-2021-47507 at SUSE CVE-2021-47507 at NVD CVE-2021-47508 at SUSE CVE-2021-47508 at NVD CVE-2021-47509 at SUSE CVE-2021-47509 at NVD CVE-2021-47510 at SUSE CVE-2021-47510 at NVD CVE-2021-47511 at SUSE CVE-2021-47511 at NVD CVE-2021-47512 at SUSE CVE-2021-47512 at NVD CVE-2021-47513 at SUSE CVE-2021-47513 at NVD CVE-2021-47514 at SUSE CVE-2021-47514 at NVD CVE-2021-47516 at SUSE CVE-2021-47516 at NVD CVE-2021-47518 at SUSE CVE-2021-47518 at NVD CVE-2021-47520 at SUSE CVE-2021-47520 at NVD CVE-2021-47521 at SUSE CVE-2021-47521 at NVD CVE-2021-47522 at SUSE CVE-2021-47522 at NVD CVE-2021-47523 at SUSE CVE-2021-47523 at NVD CVE-2021-47524 at SUSE CVE-2021-47524 at NVD CVE-2021-47525 at SUSE CVE-2021-47525 at NVD CVE-2021-47526 at SUSE CVE-2021-47526 at NVD CVE-2021-47528 at SUSE CVE-2021-47528 at NVD CVE-2021-47529 at SUSE CVE-2021-47529 at NVD CVE-2021-47530 at SUSE CVE-2021-47530 at NVD CVE-2021-47531 at SUSE CVE-2021-47531 at NVD CVE-2021-47532 at SUSE CVE-2021-47532 at NVD CVE-2021-47533 at SUSE CVE-2021-47533 at NVD CVE-2021-47534 at SUSE CVE-2021-47534 at NVD CVE-2021-47535 at SUSE CVE-2021-47535 at NVD CVE-2021-47536 at SUSE CVE-2021-47536 at NVD CVE-2021-47537 at SUSE CVE-2021-47537 at NVD CVE-2021-47540 at SUSE CVE-2021-47540 at NVD CVE-2021-47541 at SUSE CVE-2021-47541 at NVD CVE-2021-47542 at SUSE CVE-2021-47542 at NVD CVE-2021-47544 at SUSE CVE-2021-47544 at NVD CVE-2021-47548 at SUSE CVE-2021-47548 at NVD CVE-2021-47549 at SUSE CVE-2021-47549 at NVD CVE-2021-47550 at SUSE CVE-2021-47550 at NVD CVE-2021-47551 at SUSE CVE-2021-47551 at NVD CVE-2021-47552 at SUSE CVE-2021-47552 at NVD CVE-2021-47553 at SUSE CVE-2021-47553 at NVD CVE-2021-47554 at SUSE CVE-2021-47554 at NVD CVE-2021-47555 at SUSE CVE-2021-47555 at NVD CVE-2021-47556 at SUSE CVE-2021-47556 at NVD CVE-2021-47557 at SUSE CVE-2021-47557 at NVD CVE-2021-47558 at SUSE CVE-2021-47558 at NVD CVE-2021-47559 at SUSE CVE-2021-47559 at NVD CVE-2021-47560 at SUSE CVE-2021-47560 at NVD CVE-2021-47562 at SUSE CVE-2021-47562 at NVD CVE-2021-47563 at SUSE CVE-2021-47563 at NVD CVE-2021-47564 at SUSE CVE-2021-47564 at NVD CVE-2021-47565 at SUSE CVE-2021-47565 at NVD CVE-2021-47569 at SUSE CVE-2021-47569 at NVD CVE-2022-48633 at SUSE CVE-2022-48633 at NVD CVE-2022-48662 at SUSE CVE-2022-48662 at NVD CVE-2022-48669 at SUSE CVE-2022-48669 at NVD CVE-2022-48689 at SUSE CVE-2022-48689 at NVD CVE-2022-48691 at SUSE CVE-2022-48691 at NVD CVE-2022-48699 at SUSE CVE-2022-48699 at NVD CVE-2022-48705 at SUSE CVE-2022-48705 at NVD CVE-2022-48708 at SUSE CVE-2022-48708 at NVD CVE-2022-48709 at SUSE CVE-2022-48709 at NVD CVE-2022-48710 at SUSE CVE-2022-48710 at NVD CVE-2023-0160 at SUSE CVE-2023-0160 at NVD CVE-2023-1829 at SUSE CVE-2023-1829 at NVD CVE-2023-42755 at SUSE CVE-2023-42755 at NVD CVE-2023-47233 at SUSE CVE-2023-47233 at NVD CVE-2023-52586 at SUSE CVE-2023-52586 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52618 at SUSE CVE-2023-52618 at NVD CVE-2023-52642 at SUSE CVE-2023-52642 at NVD CVE-2023-52643 at SUSE CVE-2023-52643 at NVD CVE-2023-52644 at SUSE CVE-2023-52644 at NVD CVE-2023-52646 at SUSE CVE-2023-52646 at NVD CVE-2023-52650 at SUSE CVE-2023-52650 at NVD CVE-2023-52653 at SUSE CVE-2023-52653 at NVD CVE-2023-52654 at SUSE CVE-2023-52654 at NVD CVE-2023-52655 at SUSE CVE-2023-52655 at NVD CVE-2023-52656 at SUSE CVE-2023-52656 at NVD CVE-2023-52657 at SUSE CVE-2023-52657 at NVD CVE-2023-52659 at SUSE CVE-2023-52659 at NVD CVE-2023-52660 at SUSE CVE-2023-52660 at NVD CVE-2023-52661 at SUSE CVE-2023-52661 at NVD CVE-2023-52662 at SUSE CVE-2023-52662 at NVD CVE-2023-52664 at SUSE CVE-2023-52664 at NVD CVE-2023-52669 at SUSE CVE-2023-52669 at NVD CVE-2023-52671 at SUSE CVE-2023-52671 at NVD CVE-2023-52674 at SUSE CVE-2023-52674 at NVD CVE-2023-52676 at SUSE CVE-2023-52676 at NVD CVE-2023-52678 at SUSE CVE-2023-52678 at NVD CVE-2023-52679 at SUSE CVE-2023-52679 at NVD CVE-2023-52680 at SUSE CVE-2023-52680 at NVD CVE-2023-52683 at SUSE CVE-2023-52683 at NVD CVE-2023-52685 at SUSE CVE-2023-52685 at NVD CVE-2023-52686 at SUSE CVE-2023-52686 at NVD CVE-2023-52690 at SUSE CVE-2023-52690 at NVD CVE-2023-52691 at SUSE CVE-2023-52691 at NVD CVE-2023-52692 at SUSE CVE-2023-52692 at NVD CVE-2023-52693 at SUSE CVE-2023-52693 at NVD CVE-2023-52694 at SUSE CVE-2023-52694 at NVD CVE-2023-52696 at SUSE CVE-2023-52696 at NVD CVE-2023-52698 at SUSE CVE-2023-52698 at NVD CVE-2023-52699 at SUSE CVE-2023-52699 at NVD CVE-2023-52702 at SUSE CVE-2023-52702 at NVD CVE-2023-52703 at SUSE CVE-2023-52703 at NVD CVE-2023-52705 at SUSE CVE-2023-52705 at NVD CVE-2023-52707 at SUSE CVE-2023-52707 at NVD CVE-2023-52708 at SUSE CVE-2023-52708 at NVD CVE-2023-52730 at SUSE CVE-2023-52730 at NVD CVE-2023-52731 at SUSE CVE-2023-52731 at NVD CVE-2023-52732 at SUSE CVE-2023-52732 at NVD CVE-2023-52733 at SUSE CVE-2023-52733 at NVD CVE-2023-52736 at SUSE CVE-2023-52736 at NVD CVE-2023-52738 at SUSE CVE-2023-52738 at NVD CVE-2023-52739 at SUSE CVE-2023-52739 at NVD CVE-2023-52740 at SUSE CVE-2023-52740 at NVD CVE-2023-52741 at SUSE CVE-2023-52741 at NVD CVE-2023-52742 at SUSE CVE-2023-52742 at NVD CVE-2023-52743 at SUSE CVE-2023-52743 at NVD CVE-2023-52744 at SUSE CVE-2023-52744 at NVD CVE-2023-52745 at SUSE CVE-2023-52745 at NVD CVE-2023-52746 at SUSE CVE-2023-52746 at NVD CVE-2023-52747 at SUSE CVE-2023-52747 at NVD CVE-2023-52753 at SUSE CVE-2023-52753 at NVD CVE-2023-52754 at SUSE CVE-2023-52754 at NVD CVE-2023-52756 at SUSE CVE-2023-52756 at NVD CVE-2023-52757 at SUSE CVE-2023-52757 at NVD CVE-2023-52759 at SUSE CVE-2023-52759 at NVD CVE-2023-52763 at SUSE CVE-2023-52763 at NVD CVE-2023-52764 at SUSE CVE-2023-52764 at NVD CVE-2023-52766 at SUSE CVE-2023-52766 at NVD CVE-2023-52773 at SUSE CVE-2023-52773 at NVD CVE-2023-52774 at SUSE CVE-2023-52774 at NVD CVE-2023-52777 at SUSE CVE-2023-52777 at NVD CVE-2023-52781 at SUSE CVE-2023-52781 at NVD CVE-2023-52788 at SUSE CVE-2023-52788 at NVD CVE-2023-52789 at SUSE CVE-2023-52789 at NVD CVE-2023-52791 at SUSE CVE-2023-52791 at NVD CVE-2023-52795 at SUSE CVE-2023-52795 at NVD CVE-2023-52796 at SUSE CVE-2023-52796 at NVD CVE-2023-52798 at SUSE CVE-2023-52798 at NVD CVE-2023-52799 at SUSE CVE-2023-52799 at NVD CVE-2023-52800 at SUSE CVE-2023-52800 at NVD CVE-2023-52803 at SUSE CVE-2023-52803 at NVD CVE-2023-52804 at SUSE CVE-2023-52804 at NVD CVE-2023-52805 at SUSE CVE-2023-52805 at NVD CVE-2023-52806 at SUSE CVE-2023-52806 at NVD CVE-2023-52807 at SUSE CVE-2023-52807 at NVD CVE-2023-52808 at SUSE CVE-2023-52808 at NVD CVE-2023-52809 at SUSE CVE-2023-52809 at NVD CVE-2023-52810 at SUSE CVE-2023-52810 at NVD CVE-2023-52811 at SUSE CVE-2023-52811 at NVD CVE-2023-52814 at SUSE CVE-2023-52814 at NVD CVE-2023-52815 at SUSE CVE-2023-52815 at NVD CVE-2023-52816 at SUSE CVE-2023-52816 at NVD CVE-2023-52817 at SUSE CVE-2023-52817 at NVD CVE-2023-52818 at SUSE CVE-2023-52818 at NVD CVE-2023-52819 at SUSE CVE-2023-52819 at NVD CVE-2023-52821 at SUSE CVE-2023-52821 at NVD CVE-2023-52825 at SUSE CVE-2023-52825 at NVD CVE-2023-52826 at SUSE CVE-2023-52826 at NVD CVE-2023-52832 at SUSE CVE-2023-52832 at NVD CVE-2023-52833 at SUSE CVE-2023-52833 at NVD CVE-2023-52834 at SUSE CVE-2023-52834 at NVD CVE-2023-52838 at SUSE CVE-2023-52838 at NVD CVE-2023-52840 at SUSE CVE-2023-52840 at NVD CVE-2023-52841 at SUSE CVE-2023-52841 at NVD CVE-2023-52844 at SUSE CVE-2023-52844 at NVD CVE-2023-52847 at SUSE CVE-2023-52847 at NVD CVE-2023-52851 at SUSE CVE-2023-52851 at NVD CVE-2023-52853 at SUSE CVE-2023-52853 at NVD CVE-2023-52854 at SUSE CVE-2023-52854 at NVD CVE-2023-52855 at SUSE CVE-2023-52855 at NVD CVE-2023-52856 at SUSE CVE-2023-52856 at NVD CVE-2023-52858 at SUSE CVE-2023-52858 at NVD CVE-2023-52860 at SUSE CVE-2023-52860 at NVD CVE-2023-52861 at SUSE CVE-2023-52861 at NVD CVE-2023-52864 at SUSE CVE-2023-52864 at NVD CVE-2023-52865 at SUSE CVE-2023-52865 at NVD CVE-2023-52867 at SUSE CVE-2023-52867 at NVD CVE-2023-52868 at SUSE CVE-2023-52868 at NVD CVE-2023-52870 at SUSE CVE-2023-52870 at NVD CVE-2023-52871 at SUSE CVE-2023-52871 at NVD CVE-2023-52872 at SUSE CVE-2023-52872 at NVD CVE-2023-52873 at SUSE CVE-2023-52873 at NVD CVE-2023-52875 at SUSE CVE-2023-52875 at NVD CVE-2023-52876 at SUSE CVE-2023-52876 at NVD CVE-2023-52877 at SUSE CVE-2023-52877 at NVD CVE-2023-52878 at SUSE CVE-2023-52878 at NVD CVE-2023-52880 at SUSE CVE-2023-52880 at NVD CVE-2023-6531 at SUSE CVE-2023-6531 at NVD CVE-2024-2201 at SUSE CVE-2024-2201 at NVD CVE-2024-26597 at SUSE CVE-2024-26597 at NVD CVE-2024-26643 at SUSE CVE-2024-26643 at NVD CVE-2024-26679 at SUSE CVE-2024-26679 at NVD CVE-2024-26692 at SUSE CVE-2024-26692 at NVD CVE-2024-26698 at SUSE CVE-2024-26698 at NVD CVE-2024-26700 at SUSE CVE-2024-26700 at NVD CVE-2024-26715 at SUSE CVE-2024-26715 at NVD CVE-2024-26739 at SUSE CVE-2024-26739 at NVD CVE-2024-26742 at SUSE CVE-2024-26742 at NVD CVE-2024-26748 at SUSE CVE-2024-26748 at NVD CVE-2024-26758 at SUSE CVE-2024-26758 at NVD CVE-2024-26764 at SUSE CVE-2024-26764 at NVD CVE-2024-26775 at SUSE CVE-2024-26775 at NVD CVE-2024-26777 at SUSE CVE-2024-26777 at NVD CVE-2024-26778 at SUSE CVE-2024-26778 at NVD CVE-2024-26788 at SUSE CVE-2024-26788 at NVD CVE-2024-26791 at SUSE CVE-2024-26791 at NVD CVE-2024-26801 at SUSE CVE-2024-26801 at NVD CVE-2024-26822 at SUSE CVE-2024-26822 at NVD CVE-2024-26828 at SUSE CVE-2024-26828 at NVD CVE-2024-26829 at SUSE CVE-2024-26829 at NVD CVE-2024-26838 at SUSE CVE-2024-26838 at NVD CVE-2024-26839 at SUSE CVE-2024-26839 at NVD CVE-2024-26840 at SUSE CVE-2024-26840 at NVD CVE-2024-26846 at SUSE CVE-2024-26846 at NVD CVE-2024-26859 at SUSE CVE-2024-26859 at NVD CVE-2024-26870 at SUSE CVE-2024-26870 at NVD CVE-2024-26874 at SUSE CVE-2024-26874 at NVD CVE-2024-26876 at SUSE CVE-2024-26876 at NVD CVE-2024-26877 at SUSE CVE-2024-26877 at NVD CVE-2024-26880 at SUSE CVE-2024-26880 at NVD CVE-2024-26889 at SUSE CVE-2024-26889 at NVD CVE-2024-26894 at SUSE CVE-2024-26894 at NVD CVE-2024-26900 at SUSE CVE-2024-26900 at NVD CVE-2024-26907 at SUSE CVE-2024-26907 at NVD CVE-2024-26915 at SUSE CVE-2024-26915 at NVD CVE-2024-26916 at SUSE CVE-2024-26916 at NVD CVE-2024-26919 at SUSE CVE-2024-26919 at NVD CVE-2024-26920 at SUSE CVE-2024-26920 at NVD CVE-2024-26921 at SUSE CVE-2024-26921 at NVD CVE-2024-26922 at SUSE CVE-2024-26922 at NVD CVE-2024-26925 at SUSE CVE-2024-26925 at NVD CVE-2024-26928 at SUSE CVE-2024-26928 at NVD CVE-2024-26929 at SUSE CVE-2024-26929 at NVD CVE-2024-26930 at SUSE CVE-2024-26930 at NVD CVE-2024-26931 at SUSE CVE-2024-26931 at NVD CVE-2024-26933 at SUSE CVE-2024-26933 at NVD CVE-2024-26934 at SUSE CVE-2024-26934 at NVD CVE-2024-26935 at SUSE CVE-2024-26935 at NVD CVE-2024-26937 at SUSE CVE-2024-26937 at NVD CVE-2024-26938 at SUSE CVE-2024-26938 at NVD CVE-2024-26939 at SUSE CVE-2024-26939 at NVD CVE-2024-26940 at SUSE CVE-2024-26940 at NVD CVE-2024-26943 at SUSE CVE-2024-26943 at NVD CVE-2024-26957 at SUSE CVE-2024-26957 at NVD CVE-2024-26958 at SUSE CVE-2024-26958 at NVD CVE-2024-26964 at SUSE CVE-2024-26964 at NVD CVE-2024-26974 at SUSE CVE-2024-26974 at NVD CVE-2024-26977 at SUSE CVE-2024-26977 at NVD CVE-2024-26979 at SUSE CVE-2024-26979 at NVD CVE-2024-26984 at SUSE CVE-2024-26984 at NVD CVE-2024-26988 at SUSE CVE-2024-26988 at NVD CVE-2024-26989 at SUSE CVE-2024-26989 at NVD CVE-2024-26994 at SUSE CVE-2024-26994 at NVD CVE-2024-26996 at SUSE CVE-2024-26996 at NVD CVE-2024-26997 at SUSE CVE-2024-26997 at NVD CVE-2024-26999 at SUSE CVE-2024-26999 at NVD CVE-2024-27000 at SUSE CVE-2024-27000 at NVD CVE-2024-27001 at SUSE CVE-2024-27001 at NVD CVE-2024-27004 at SUSE CVE-2024-27004 at NVD CVE-2024-27008 at SUSE CVE-2024-27008 at NVD CVE-2024-27028 at SUSE CVE-2024-27028 at NVD CVE-2024-27037 at SUSE CVE-2024-27037 at NVD CVE-2024-27042 at SUSE CVE-2024-27042 at NVD CVE-2024-27045 at SUSE CVE-2024-27045 at NVD CVE-2024-27047 at SUSE CVE-2024-27047 at NVD CVE-2024-27051 at SUSE CVE-2024-27051 at NVD CVE-2024-27052 at SUSE CVE-2024-27052 at NVD CVE-2024-27053 at SUSE CVE-2024-27053 at NVD CVE-2024-27054 at SUSE CVE-2024-27054 at NVD CVE-2024-27059 at SUSE CVE-2024-27059 at NVD CVE-2024-27072 at SUSE CVE-2024-27072 at NVD CVE-2024-27073 at SUSE CVE-2024-27073 at NVD CVE-2024-27074 at SUSE CVE-2024-27074 at NVD CVE-2024-27075 at SUSE CVE-2024-27075 at NVD CVE-2024-27076 at SUSE CVE-2024-27076 at NVD CVE-2024-27077 at SUSE CVE-2024-27077 at NVD CVE-2024-27078 at SUSE CVE-2024-27078 at NVD CVE-2024-27388 at SUSE CVE-2024-27388 at NVD CVE-2024-27393 at SUSE CVE-2024-27393 at NVD CVE-2024-27395 at SUSE CVE-2024-27395 at NVD CVE-2024-27396 at SUSE CVE-2024-27396 at NVD CVE-2024-27398 at SUSE CVE-2024-27398 at NVD CVE-2024-27399 at SUSE CVE-2024-27399 at NVD CVE-2024-27400 at SUSE CVE-2024-27400 at NVD CVE-2024-27401 at SUSE CVE-2024-27401 at NVD CVE-2024-27405 at SUSE CVE-2024-27405 at NVD CVE-2024-27410 at SUSE CVE-2024-27410 at NVD CVE-2024-27412 at SUSE CVE-2024-27412 at NVD CVE-2024-27413 at SUSE CVE-2024-27413 at NVD CVE-2024-27416 at SUSE CVE-2024-27416 at NVD CVE-2024-27417 at SUSE CVE-2024-27417 at NVD CVE-2024-27419 at SUSE CVE-2024-27419 at NVD CVE-2024-27431 at SUSE CVE-2024-27431 at NVD CVE-2024-27435 at SUSE CVE-2024-27435 at NVD CVE-2024-27436 at SUSE CVE-2024-27436 at NVD CVE-2024-35789 at SUSE CVE-2024-35789 at NVD CVE-2024-35791 at SUSE CVE-2024-35791 at NVD CVE-2024-35796 at SUSE CVE-2024-35796 at NVD CVE-2024-35799 at SUSE CVE-2024-35799 at NVD CVE-2024-35801 at SUSE CVE-2024-35801 at NVD CVE-2024-35804 at SUSE CVE-2024-35804 at NVD CVE-2024-35806 at SUSE CVE-2024-35806 at NVD CVE-2024-35809 at SUSE CVE-2024-35809 at NVD CVE-2024-35811 at SUSE CVE-2024-35811 at NVD CVE-2024-35812 at SUSE CVE-2024-35812 at NVD CVE-2024-35813 at SUSE CVE-2024-35813 at NVD CVE-2024-35815 at SUSE CVE-2024-35815 at NVD CVE-2024-35817 at SUSE CVE-2024-35817 at NVD CVE-2024-35821 at SUSE CVE-2024-35821 at NVD CVE-2024-35822 at SUSE CVE-2024-35822 at NVD CVE-2024-35823 at SUSE CVE-2024-35823 at NVD CVE-2024-35825 at SUSE CVE-2024-35825 at NVD CVE-2024-35828 at SUSE CVE-2024-35828 at NVD CVE-2024-35829 at SUSE CVE-2024-35829 at NVD CVE-2024-35830 at SUSE CVE-2024-35830 at NVD CVE-2024-35833 at SUSE CVE-2024-35833 at NVD CVE-2024-35845 at SUSE CVE-2024-35845 at NVD CVE-2024-35847 at SUSE CVE-2024-35847 at NVD CVE-2024-35849 at SUSE CVE-2024-35849 at NVD CVE-2024-35851 at SUSE CVE-2024-35851 at NVD CVE-2024-35852 at SUSE CVE-2024-35852 at NVD CVE-2024-35854 at SUSE CVE-2024-35854 at NVD CVE-2024-35860 at SUSE CVE-2024-35860 at NVD CVE-2024-35861 at SUSE CVE-2024-35861 at NVD CVE-2024-35862 at SUSE CVE-2024-35862 at NVD CVE-2024-35863 at SUSE CVE-2024-35863 at NVD CVE-2024-35864 at SUSE CVE-2024-35864 at NVD CVE-2024-35865 at SUSE CVE-2024-35865 at NVD CVE-2024-35866 at SUSE CVE-2024-35866 at NVD CVE-2024-35867 at SUSE CVE-2024-35867 at NVD CVE-2024-35868 at SUSE CVE-2024-35868 at NVD CVE-2024-35869 at SUSE CVE-2024-35869 at NVD CVE-2024-35870 at SUSE CVE-2024-35870 at NVD CVE-2024-35872 at SUSE CVE-2024-35872 at NVD CVE-2024-35875 at SUSE CVE-2024-35875 at NVD CVE-2024-35877 at SUSE CVE-2024-35877 at NVD CVE-2024-35878 at SUSE CVE-2024-35878 at NVD CVE-2024-35879 at SUSE CVE-2024-35879 at NVD CVE-2024-35885 at SUSE CVE-2024-35885 at NVD CVE-2024-35887 at SUSE CVE-2024-35887 at NVD CVE-2024-35895 at SUSE CVE-2024-35895 at NVD CVE-2024-35901 at SUSE CVE-2024-35901 at NVD CVE-2024-35904 at SUSE CVE-2024-35904 at NVD CVE-2024-35905 at SUSE CVE-2024-35905 at NVD CVE-2024-35907 at SUSE CVE-2024-35907 at NVD CVE-2024-35912 at SUSE CVE-2024-35912 at NVD CVE-2024-35914 at SUSE CVE-2024-35914 at NVD CVE-2024-35915 at SUSE CVE-2024-35915 at NVD CVE-2024-35922 at SUSE CVE-2024-35922 at NVD CVE-2024-35924 at SUSE CVE-2024-35924 at NVD CVE-2024-35930 at SUSE CVE-2024-35930 at NVD CVE-2024-35932 at SUSE CVE-2024-35932 at NVD CVE-2024-35933 at SUSE CVE-2024-35933 at NVD CVE-2024-35935 at SUSE CVE-2024-35935 at NVD CVE-2024-35936 at SUSE CVE-2024-35936 at NVD CVE-2024-35938 at SUSE CVE-2024-35938 at NVD CVE-2024-35939 at SUSE CVE-2024-35939 at NVD CVE-2024-35940 at SUSE CVE-2024-35940 at NVD CVE-2024-35943 at SUSE CVE-2024-35943 at NVD CVE-2024-35944 at SUSE CVE-2024-35944 at NVD CVE-2024-35947 at SUSE CVE-2024-35947 at NVD CVE-2024-35950 at SUSE CVE-2024-35950 at NVD CVE-2024-35951 at SUSE CVE-2024-35951 at NVD CVE-2024-35952 at SUSE CVE-2024-35952 at NVD CVE-2024-35955 at SUSE CVE-2024-35955 at NVD CVE-2024-35959 at SUSE CVE-2024-35959 at NVD CVE-2024-35963 at SUSE CVE-2024-35963 at NVD CVE-2024-35964 at SUSE CVE-2024-35964 at NVD CVE-2024-35965 at SUSE CVE-2024-35965 at NVD CVE-2024-35966 at SUSE CVE-2024-35966 at NVD CVE-2024-35967 at SUSE CVE-2024-35967 at NVD CVE-2024-35969 at SUSE CVE-2024-35969 at NVD CVE-2024-35973 at SUSE CVE-2024-35973 at NVD CVE-2024-35976 at SUSE CVE-2024-35976 at NVD CVE-2024-35978 at SUSE CVE-2024-35978 at NVD CVE-2024-35982 at SUSE CVE-2024-35982 at NVD CVE-2024-35984 at SUSE CVE-2024-35984 at NVD CVE-2024-35989 at SUSE CVE-2024-35989 at NVD CVE-2024-35990 at SUSE CVE-2024-35990 at NVD CVE-2024-35998 at SUSE CVE-2024-35998 at NVD CVE-2024-35999 at SUSE CVE-2024-35999 at NVD CVE-2024-36006 at SUSE CVE-2024-36006 at NVD CVE-2024-36007 at SUSE CVE-2024-36007 at NVD CVE-2024-36012 at SUSE CVE-2024-36012 at NVD CVE-2024-36014 at SUSE CVE-2024-36014 at NVD CVE-2024-36015 at SUSE CVE-2024-36015 at NVD CVE-2024-36016 at SUSE CVE-2024-36016 at NVD CVE-2024-36026 at SUSE CVE-2024-36026 at NVD CVE-2024-36029 at SUSE CVE-2024-36029 at NVD CVE-2024-36032 at SUSE CVE-2024-36032 at NVD CVE-2024-36880 at SUSE CVE-2024-36880 at NVD CVE-2024-36893 at SUSE CVE-2024-36893 at NVD CVE-2024-36896 at SUSE CVE-2024-36896 at NVD CVE-2024-36897 at SUSE CVE-2024-36897 at NVD CVE-2024-36906 at SUSE CVE-2024-36906 at NVD CVE-2024-36918 at SUSE CVE-2024-36918 at NVD CVE-2024-36924 at SUSE CVE-2024-36924 at NVD CVE-2024-36926 at SUSE CVE-2024-36926 at NVD CVE-2024-36928 at SUSE CVE-2024-36928 at NVD CVE-2024-36931 at SUSE CVE-2024-36931 at NVD CVE-2024-36938 at SUSE CVE-2024-36938 at NVD CVE-2024-36940 at SUSE CVE-2024-36940 at NVD CVE-2024-36941 at SUSE CVE-2024-36941 at NVD CVE-2024-36942 at SUSE CVE-2024-36942 at NVD CVE-2024-36944 at SUSE CVE-2024-36944 at NVD CVE-2024-36947 at SUSE CVE-2024-36947 at NVD CVE-2024-36950 at SUSE CVE-2024-36950 at NVD CVE-2024-36952 at SUSE CVE-2024-36952 at NVD CVE-2024-36955 at SUSE CVE-2024-36955 at NVD CVE-2024-36959 at SUSE CVE-2024-36959 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2023-3164: Fixed a heap buffer overflow in tiffcrop. (bsc#1212233) Moderate SUSE bug 1212233 CVE-2023-3164 at SUSE CVE-2023-3164 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (bsc#1224122) - CVE-2024-24786: Fixed an infinite loop in protojson. (bsc#1226136) Important SUSE bug 1224122 SUSE bug 1226136 CVE-2024-24786 at SUSE CVE-2024-24786 at NVD CVE-2024-3727 at SUSE CVE-2024-3727 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Important) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Important SUSE bug 1225551 CVE-2024-4741 at SUSE CVE-2024-4741 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gdk-pixbuf (Important) SUSE Linux Enterprise Micro 5.5 This update for gdk-pixbuf fixes the following issues: gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed heap memory corruption on gdk-pixbuf (bsc#1219276) - Changes in version 2.42.12: + ani: Reject files with multiple INA or IART chunks, + ani: validate chunk size, + Updated translations. - Enable other image loaders such as xpm and xbm (bsc#1223903) - Changes in version 2.42.11: + Disable fringe loaders by default. + Introspection fixes. + Updated translations. - Changes in version 2.42.10: + Search for rst2man.py. + Update the memory size limit for JPEG images. + Updated translations. - Fixed loading of larger images - Avoid Bash specific syntax in baselibs postscript (bsc#1195391) Important SUSE bug 1195391 SUSE bug 1219276 SUSE bug 1223903 CVE-2022-48622 at SUSE CVE-2022-48622 at NVD cpe:/o:suse:sle-micro:5.5 Security update for containerd (Important) SUSE Linux Enterprise Micro 5.5 This update for containerd fixes the following issues: Update to containerd v1.7.17. - CVE-2023-45288: Fixed the limit of CONTINUATION frames read for an HTTP/2 request (bsc#1221400). - Fixed /sys/devices/virtual/powercap accessibility by default containers to mitigate power-based side channel attacks (bsc#1224323). Important SUSE bug 1221400 SUSE bug 1224323 CVE-2023-45288 at SUSE CVE-2023-45288 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libarchive (Important) SUSE Linux Enterprise Micro 5.5 This update for libarchive fixes the following issues: - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Important SUSE bug 1225971 CVE-2024-20696 at SUSE CVE-2024-20696 at NVD cpe:/o:suse:sle-micro:5.5 Security update for wget (Moderate) SUSE Linux Enterprise Micro 5.5 This update for wget fixes the following issues: - CVE-2024-38428: Fix mishandled semicolons in the userinfo subcomponent of a URI. (bsc#1226419) Moderate SUSE bug 1226419 CVE-2024-38428 at SUSE CVE-2024-38428 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506) - CVE-2022-48689: Fixed data-race in lru_add_fn (bsc#1223959) - CVE-2022-48691: Fixed memory leak in netfilter (bsc#1223961) - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335). - CVE-2023-42755: Check user supplied offsets (bsc#1215702). - CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081). - CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615). - CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169). - CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187). - CVE-2023-52660: Fiedx IRQ handling due to shared interrupts (bsc#1224443). - CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747). - CVE-2023-52671: Fixed hang/underflow when transitioning to ODM4:1 (bsc#1224729). - CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727). - CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608). - CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628). - CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621) - CVE-2023-52746: Prevent potential spectre v1 gadget in xfrm_xlate32_attr() (bsc#1225114) - CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). - CVE-2023-52795: Fixed use after free in vhost_vdpa_probe() (bsc#1225085). - CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930). - CVE-2023-52807: Fixed out-of-bounds access may occur when coalesce info is read via debugfs (bsc#1225097). - CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936). - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447). - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385). - CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464). - CVE-2024-26700: Fixed drm/amd/display: Fix MST Null Ptr for RV (bsc#1222870) - CVE-2024-26715: Fixed NULL pointer dereference in dwc3_gadget_suspend (bsc#1222561). - CVE-2024-26742: Fixed disable_managed_interrupts (git-fixes bsc#1222608). - CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627). - CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) - CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) - CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793) - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011). - CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084). - CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975) - CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119). - CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046). - CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). - CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207) - CVE-2024-26919: Fixed debugfs directory leak (bsc#1223847). - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138). - CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390). - CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). - CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679). - CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653). - CVE-2024-27042: Fixed potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (bsc#1223823). - CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098). - CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096). - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174). - CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181). - CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438). - CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721) - CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759) - CVE-2024-27431: Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718). - CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725). - CVE-2024-35799: Prevent crash when disable stream (bsc#1224740). - CVE-2024-35804: Mark target gfn of emulated atomic instruction as dirty (bsc#1224638). - CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736). - CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502). - CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636). - CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765,). - CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668). - CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667). - CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). - CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). - CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679). - CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224020, bsc#1224672). - CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530). - CVE-2024-35875: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665). - CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525). - CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671). - CVE-2024-35879: kABI workaround for drivers/of/dynamic.c (bsc#1224524). - CVE-2024-35885: Stop interface during shutdown (bsc#1224519). - CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494). - CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488). - CVE-2024-35907: Call request_irq() after NAPI initialized (bsc#1224492). - CVE-2024-35924: Limit read size on v1.2 (bsc#1224657). - CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). - CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649). - CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648). - CVE-2024-35951: Fixed the error path in panfrost_mmu_map_fault_addr() (bsc#1224701). - CVE-2024-35959: Fixed mlx5e_priv_init() cleanup flow (bsc#1224666). - CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581). - CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580). - CVE-2024-35973: Fixed header validation in geneve[6]_xmit_skb (bsc#1224586). - CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). - CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). - CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550). - CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541). - CVE-2024-36007: Fixed warning during rehash (bsc#1224543). - CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). The following non-security bugs were fixed: - 9p: explicitly deny setlease attempts (git-fixes). - ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes). - ACPI: disable -Wstringop-truncation (git-fixes). - ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes). - ACPI: LPSS: Advertise number of chip selects via property (git-fixes). - admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes). - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384). - af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384). - af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384). - ALSA: core: Fix NULL module pointer assignment at card init (git-fixes). - ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes). - ALSA: line6: Zero-initialize message buffers (stable-fixes). - ARM: 9381/1: kasan: clear stale stack poison (git-fixes). - ASoC: Intel: avs: Fix ASRC module initialization (git-fixes). - ASoC: Intel: avs: Fix potential integer overflow (git-fixes). - ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes). - ASoC: Intel: Disable route checks for Skylake boards (git-fixes). - ASoC: kirkwood: Fix potential NULL dereference (git-fixes). - ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes). - ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes). - ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes). - ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes). - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes). - ata: pata_legacy: make legacy_exit() work again (git-fixes). - ata: sata_gemini: Check clk_enable() result (stable-fixes). - autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166). - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes). - Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() (git-fixes). - Bluetooth: hci_sync: Do not double print name in add/remove adv_monitor (bsc#1216358). - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes). - Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes). - Bluetooth: qca: add missing firmware sanity checks (git-fixes). - Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes). - Bluetooth: qca: fix firmware check error path (git-fixes). - Bluetooth: qca: fix info leak when fetching fw build id (git-fixes). - Bluetooth: qca: fix NVM configuration parsing (git-fixes). - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes) - bpf: decouple prune and jump points (bsc#1225756). - bpf: fix precision backtracking instruction iteration (bsc#1225756). - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes). - bpf: handle ldimm64 properly in check_cfg() (bsc#1225756). - bpf: mostly decouple jump history management from is_state_visited() (bsc#1225756). - bpf: remove unnecessary prune and jump points (bsc#1225756). - btrfs: add error messages to all unrecognized mount options (git-fixes) - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes) - btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes) - btrfs: extend locking to all space_info members accesses (git-fixes) - btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes) - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes) - btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes) - btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes) - btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes) - btrfs: fix silent failure when deleting root reference (git-fixes) - btrfs: fix use-after-free after failure to create a snapshot (git-fixes) - btrfs: free exchange changeset on failures (git-fixes) - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes) - btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes) - btrfs: prevent copying too big compressed lzo segment (git-fixes) - btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes) - btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes) - btrfs: repair super block num_devices automatically (git-fixes) - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes) - btrfs: send: ensure send_fd is writable (git-fixes) - btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes) - btrfs: send: in case of IO error log it (git-fixes) - btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes) - btrfs: tree-checker: check item_size for dev_item (git-fixes) - btrfs: tree-checker: check item_size for inode_item (git-fixes) - cifs: account for primary channel in the interface list (bsc#1224020). - cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1224020). - cifs: distribute channels across interfaces based on speed (bsc#1224020). - cifs: do not pass cifs_sb when trying to add channels (bsc#1224020). - cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1224020). - cifs: fix charset issue in reconnection (bsc#1224020). - cifs: fix leak of iface for primary channel (git-fixes, bsc#1224020). - cifs: handle cases where a channel is closed (bsc#1224020). - cifs: handle cases where multiple sessions share connection (bsc#1224020). - cifs: reconnect work should have reference on server struct (bsc#1224020). - clk: Do not hold prepare_lock when calling kref_put() (stable-fixes). - clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes). - counter: stm32-lptimer-cnt: Provide defines for clock polarities (git-fixes). - counter: stm32-timer-cnt: Provide defines for slave mode selection (git-fixes). - cppc_cpufreq: Fix possible null pointer dereference (git-fixes). - cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state (git-fixes). - cpumask: Add for_each_cpu_from() (bsc#1225053). - crypto: bcm - Fix pointer arithmetic (git-fixes). - crypto: ccp - drop platform ifdef checks (git-fixes). - crypto: ecdsa - Fix module auto-load on add-key (git-fixes). - crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes). - crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes). - crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes). - dmaengine: axi-dmac: fix possible race in remove() (git-fixes). - dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes). - dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes). - dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575). - docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes). - drivers/nvme: Add quirks for device 126f:2262 (git-fixes). - drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes). - drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes). - drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes). - drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes). - drm/amd: Flush GFXOFF requests in prepare stage (git-fixes). - drm/amdgpu: Refine IB schedule error logging (stable-fixes). - drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes). - drm/arm/malidp: fix a possible null pointer dereference (git-fixes). - drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes). - drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes). - drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes). - drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes). - drm/connector: Add \n to message about demoting connector force-probes (git-fixes). - drm/i915/bios: Fix parsing backlight BDB data (git-fixes). - drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes). - drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes). - drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes). - drm/meson: dw-hdmi: power up phy on device init (git-fixes). - drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes). - drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes). - drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes). - drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes). - drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes). - drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD does not assert (git-fixes). - drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes). - drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes). - drm: vc4: Fix possible null pointer dereference (git-fixes). - dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes) - dyndbg: fix old BUG_ON in >control parser (stable-fixes). - efi: libstub: only free priv.runtime_map when allocated (git-fixes). - extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes). - fail_function: fix wrong use of fei_attr_remove(). - fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes). - fbdev: shmobile: fix snprintf truncation (git-fixes). - fbdev: sisfb: hide unused variables (git-fixes). - firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes). - firmware: dmi-id: add a release callback function (git-fixes). - firmware: raspberrypi: Use correct device for DMA mappings (git-fixes). - fs/9p: drop inodes immediately on non-.L too (git-fixes). - fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes). - fs/9p: translate O_TRUNC into OTRUNC (git-fixes). - gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes). - gpio: wcove: Use -ENOTSUPP consistently (stable-fixes). - gpu: host1x: Do not setup DMA for virtual devices (stable-fixes). - HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes). - hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes). - hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes). - hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes). - hwmon: (lm70) fix links in doc and comments (git-fixes). - hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes). - i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes). - i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes). - IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes) - idpf: extend tx watchdog timeout (bsc#1224137). - iio: core: Leave private pointer NULL when no private data supplied (git-fixes). - iio: pressure: dps310: support negative temperature values (git-fixes). - Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes). - Input: ims-pcu - fix printf string overflow (git-fixes). - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes). - iomap: Fix inline extent handling in iomap_readpage (git-fixes) - iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes) - iomap: Support partial direct I/O on user copy failures (git-fixes) - iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331) - io_uring/unix: drop usage of io_uring socket (git-fixes). - irqchip/gic-v3-its: Prevent double free on error (git-fixes). - jffs2: prevent xattr node from overflowing the eraseblock (git-fixes). - kABI: bpf: struct bpf_insn_aux_data kABI workaround (bsc#1225756). - kcm: do not sense pfmemalloc status in kcm_sendpage() (git-fixes bsc#1223959) - KEYS: trusted: Do not use WARN when encode fails (git-fixes). - KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes). - KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224794). - leds: pwm: Disable PWM when going to suspend (git-fixes). - libsubcmd: Fix parse-options memory leak (git-fixes). - locking/atomic: Make test_and_*_bit() ordered on failure (git-fixes). - media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes). - media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes). - media: mc: mark the media devnode as registered from the, start (git-fixes). - media: ngene: Add dvb_ca_en50221_init return value check (git-fixes). - media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes). - mei: me: add lunar lake point M DID (stable-fixes). - mfd: intel-lpss: Revert 'Add missing check for platform_get_resource' (git-fixes). - mfd: ti_am335x_tscadc: Support the correctly spelled DT property (git-fixes). - mfd: tqmx86: Specify IO port register range more precisely (git-fixes). - mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes). - mlxbf_gige: Fix intermittent no ip issue (git-fixes). - mlxbf_gige: stop PHY during open() error paths (git-fixes). - mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes). - mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes). - Move upstreamed patches into sorted section - mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes). - mtd: rawnand: hynix: fixed typo (git-fixes). - net: do not sense pfmemalloc status in skb_append_pagefrags() (git-fixes bsc#1223959) - netfilter: nf_tables: bail out early if hardware offload is not supported (git-fixes bsc#1223961) - net: introduce __skb_fill_page_desc_noacc (git-fixes bsc#1223959) - net: nfc: remove inappropriate attrs check (stable-fixes). - net: qualcomm: rmnet: fix global oob in rmnet_policy (git-fixes). - net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes). - net:usb:qmi_wwan: support Rolling modules (stable-fixes). - net: usb: smsc95xx: stop lying about skb->truesize (git-fixes). - net: usb: sr9700: stop lying about skb->truesize (git-fixes). - net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360). - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes). - nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). - nilfs2: fix out-of-range warning (git-fixes). - nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes). - nilfs2: fix use-after-free of timer for log writer thread (git-fixes). - nilfs2: make superblock data array index computation sparse friendly (git-fixes). - nvme: ensure disabling pairs with unquiesce (bsc#1224534). - nvme: fix miss command type check (git-fixes). - nvme: fix multipath batched completion accounting (git-fixes). - nvme-multipath: fix io accounting on failover (git-fixes). - nvmet: fix ns enable/disable possible hang (git-fixes). - PCI: dwc: Detect iATU settings after getting 'addr_space' resource (git-fixes). - PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes). - PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes). - PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes). - PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes). - PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes). - PCI: tegra194: Fix probe path for Endpoint mode (git-fixes). - pinctrl: armada-37xx: remove an unused variable (git-fixes). - pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes). - pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() (stable-fixes). - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes). - pinctrl/meson: fix typo in PDM's pin name (git-fixes). - pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes). - platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes). - platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes). - powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740). - powerpc/eeh: Small refactor of eeh_handle_normal_event() (bsc#1223991 ltc#205740). - powerpc/eeh: Use a goto for recovery failures (bsc#1223991 ltc#205740). - powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729). - powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes). - powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783). - powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869). - powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869). - power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes). - ppdev: Add an error check in register_device (git-fixes). - printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616). - qibfs: fix dentry leak (git-fixes) - RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes) - RDMA/hns: Fix deadlock on SRQ async events. (git-fixes) - RDMA/hns: Fix GMV table pagesize (git-fixes) - RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes) - RDMA/hns: Fix UAF for cq async event (git-fixes) - RDMA/hns: Modify the print level of CQE error (git-fixes) - RDMA/hns: Use complete parentheses in macros (git-fixes) - RDMA/IPoIB: Fix format truncation compilation errors (git-fixes) - RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes) - RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes) - RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes) - RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes) - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes) - RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes) - RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes) - RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes) - regulator: bd71828: Do not overwrite runtime voltages (git-fixes). - regulator: core: fix debugfs creation regression (git-fixes). - regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes). - remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes). - Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1224020). - Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes). - ring-buffer: Fix a race between readers and resize checks (git-fixes). - s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224795). - s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224796). - s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224346). - s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225139). - s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225138). - sched/topology: Optimize topology_span_sane() (bsc#1225053). - scsi: arcmsr: Support new PCI device IDs 1883 and 1886 (git-fixes). - scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes). - scsi: core: Consult supported VPD page list prior to fetching page (git-fixes). - scsi: core: Fix unremoved procfs host directory regression (git-fixes). - scsi: csiostor: Avoid function pointer casts (git-fixes). - scsi: libfc: Do not schedule abort twice (git-fixes). - scsi: libfc: Fix up timeout error in fc_fcp_rec_error() (git-fixes). - scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842). - scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842). - scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842). - scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842). - scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842). - scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842). - scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842). - scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842). - scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes). - scsi: mylex: Fix sysfs buffer lengths (git-fixes). - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes). - scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes). - selftests/pidfd: Fix config for pidfd_setns_test (git-fixes). - serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes). - serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes). - serial: max3100: Fix bitwise types (git-fixes). - serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes). - serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes). - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes). - serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes). - smb3: show beginning time for per share stats (bsc#1224020). - smb: client: ensure to try all targets when finding nested links (bsc#1224020). - smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1224020). - smb: client: get rid of dfs code dep in namespace.c (bsc#1224020). - smb: client: get rid of dfs naming in automount code (bsc#1224020). - smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020). - smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1224020). - smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1224020). - smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020). - soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes). - soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes). - Sort recent BHI patches - speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes). - spmi: Add a check for remove callback when removing a SPMI driver (git-fixes). - spmi: hisi-spmi-controller: Do not override device identifier (git-fixes). - swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331). - swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331) - swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331) - swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331) - sysv: do not call sb_bread() with pointers_lock held (git-fixes). - thermal/drivers/tsens: Fix null pointer dereference (git-fixes). - tools/latency-collector: Fix -Wformat-security compile warns (git-fixes). - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535) - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes). - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes). - tracing: hide unused ftrace_event_id_fops (git-fixes). - tty: n_gsm: fix missing receive state reset after mode switch (git-fixes). - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes). - usb: aqc111: stop lying about skb->truesize (git-fixes). - USB: core: Add hub_get() and hub_put() routines (git-fixes). - USB: core: Fix access violation during port device removal (git-fixes). - USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes). - usb: dwc3: core: Prevent phy suspend during init (Git-fixes). - usb: gadget: u_audio: Clear uac pointer when freed (git-fixes). - usb: typec: tipd: fix event checking for tps6598x (git-fixes). - usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes). - VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes). - VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes). - vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes). - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes). - watchdog: ixp4xx: Make sure restart always works (git-fixes). - watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes). - wifi: ar5523: enable proper endpoint verification (git-fixes). - wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes). - wifi: ath10k: poll service ready message before failing (git-fixes). - wifi: ath10k: populate board data for WCN3990 (git-fixes). - wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes). - wifi: carl9170: add a proper sanity check for endpoints (git-fixes). - wifi: carl9170: re-fix fortified-memset warning (git-fixes). - wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes). - wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes). - wifi: mwl8k: initialize cmd->addr[] properly (git-fixes). - x86/boot: Ignore NMIs during very early boot (git-fixes). - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes). - x86/bugs: Fix BHI documentation (git-fixes). - x86/bugs: Fix BHI handling of RRSBA (git-fixes). - x86/bugs: Fix BHI retpoline check (git-fixes). - x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes). - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes). - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes). - x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes). - x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes). - x86/lib: Fix overflow when counting digits (git-fixes). - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes). - x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes). - x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes). - x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes). - x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes). - x86/tdx: Preserve shared bit on mprotect() (git-fixes). - xfs: fix exception caused by unexpected illegal bestcount in leaf dir (git-fixes). - xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (git-fixes). - xfs: fix imprecise logic in xchk_btree_check_block_owner (git-fixes). - xfs: fix inode reservation space for removing transaction (git-fixes). - xfs: shrink failure needs to hold AGI buffer (git-fixes). Important SUSE bug 1065729 SUSE bug 1141539 SUSE bug 1174585 SUSE bug 1181674 SUSE bug 1187716 SUSE bug 1190569 SUSE bug 1191949 SUSE bug 1192107 SUSE bug 1193983 SUSE bug 1194288 SUSE bug 1194869 SUSE bug 1196956 SUSE bug 1197915 SUSE bug 1200465 SUSE bug 1205205 SUSE bug 1207284 SUSE bug 1207361 SUSE bug 1207948 SUSE bug 1208149 SUSE bug 1209657 SUSE bug 1209799 SUSE bug 1209834 SUSE bug 1209980 SUSE bug 1210335 SUSE bug 1213863 SUSE bug 1214852 SUSE bug 1215322 SUSE bug 1215702 SUSE bug 1216358 SUSE bug 1216702 SUSE bug 1217169 SUSE bug 1217339 SUSE bug 1217515 SUSE bug 1218447 SUSE bug 1220021 SUSE bug 1220267 SUSE bug 1220363 SUSE bug 1220783 SUSE bug 1221044 SUSE bug 1221081 SUSE bug 1221615 SUSE bug 1221777 SUSE bug 1221816 SUSE bug 1221829 SUSE bug 1222011 SUSE bug 1222374 SUSE bug 1222385 SUSE bug 1222413 SUSE bug 1222464 SUSE bug 1222513 SUSE bug 1222559 SUSE bug 1222561 SUSE bug 1222608 SUSE bug 1222619 SUSE bug 1222627 SUSE bug 1222721 SUSE bug 1222765 SUSE bug 1222770 SUSE bug 1222783 SUSE bug 1222793 SUSE bug 1222870 SUSE bug 1222893 SUSE bug 1222960 SUSE bug 1222961 SUSE bug 1222974 SUSE bug 1222975 SUSE bug 1222976 SUSE bug 1223011 SUSE bug 1223023 SUSE bug 1223027 SUSE bug 1223031 SUSE bug 1223043 SUSE bug 1223046 SUSE bug 1223048 SUSE bug 1223049 SUSE bug 1223084 SUSE bug 1223113 SUSE bug 1223119 SUSE bug 1223137 SUSE bug 1223138 SUSE bug 1223140 SUSE bug 1223188 SUSE bug 1223203 SUSE bug 1223207 SUSE bug 1223315 SUSE bug 1223360 SUSE bug 1223384 SUSE bug 1223390 SUSE bug 1223432 SUSE bug 1223489 SUSE bug 1223505 SUSE bug 1223532 SUSE bug 1223575 SUSE bug 1223595 SUSE bug 1223626 SUSE bug 1223627 SUSE bug 1223628 SUSE bug 1223631 SUSE bug 1223633 SUSE bug 1223638 SUSE bug 1223650 SUSE bug 1223653 SUSE bug 1223666 SUSE bug 1223670 SUSE bug 1223671 SUSE bug 1223675 SUSE bug 1223677 SUSE bug 1223678 SUSE bug 1223679 SUSE bug 1223698 SUSE bug 1223712 SUSE bug 1223715 SUSE bug 1223717 SUSE bug 1223718 SUSE bug 1223737 SUSE bug 1223738 SUSE bug 1223741 SUSE bug 1223744 SUSE bug 1223747 SUSE bug 1223748 SUSE bug 1223750 SUSE bug 1223752 SUSE bug 1223754 SUSE bug 1223756 SUSE bug 1223757 SUSE bug 1223762 SUSE bug 1223769 SUSE bug 1223770 SUSE bug 1223779 SUSE bug 1223780 SUSE bug 1223781 SUSE bug 1223788 SUSE bug 1223802 SUSE bug 1223819 SUSE bug 1223823 SUSE bug 1223826 SUSE bug 1223828 SUSE bug 1223829 SUSE bug 1223837 SUSE bug 1223842 SUSE bug 1223843 SUSE bug 1223844 SUSE bug 1223847 SUSE bug 1223858 SUSE bug 1223875 SUSE bug 1223879 SUSE bug 1223895 SUSE bug 1223959 SUSE bug 1223961 SUSE bug 1223991 SUSE bug 1223996 SUSE bug 1224020 SUSE bug 1224076 SUSE bug 1224096 SUSE bug 1224098 SUSE bug 1224099 SUSE bug 1224137 SUSE bug 1224166 SUSE bug 1224174 SUSE bug 1224177 SUSE bug 1224180 SUSE bug 1224181 SUSE bug 1224187 SUSE bug 1224331 SUSE bug 1224346 SUSE bug 1224423 SUSE bug 1224432 SUSE bug 1224437 SUSE bug 1224438 SUSE bug 1224442 SUSE bug 1224443 SUSE bug 1224445 SUSE bug 1224449 SUSE bug 1224479 SUSE bug 1224482 SUSE bug 1224487 SUSE bug 1224488 SUSE bug 1224492 SUSE bug 1224494 SUSE bug 1224495 SUSE bug 1224502 SUSE bug 1224508 SUSE bug 1224509 SUSE bug 1224511 SUSE bug 1224519 SUSE bug 1224524 SUSE bug 1224525 SUSE bug 1224530 SUSE bug 1224531 SUSE bug 1224534 SUSE bug 1224535 SUSE bug 1224537 SUSE bug 1224541 SUSE bug 1224543 SUSE bug 1224549 SUSE bug 1224550 SUSE bug 1224558 SUSE bug 1224559 SUSE bug 1224566 SUSE bug 1224567 SUSE bug 1224571 SUSE bug 1224575 SUSE bug 1224576 SUSE bug 1224579 SUSE bug 1224580 SUSE bug 1224581 SUSE bug 1224582 SUSE bug 1224586 SUSE bug 1224587 SUSE bug 1224592 SUSE bug 1224598 SUSE bug 1224601 SUSE bug 1224607 SUSE bug 1224608 SUSE bug 1224611 SUSE bug 1224615 SUSE bug 1224617 SUSE bug 1224618 SUSE bug 1224621 SUSE bug 1224622 SUSE bug 1224624 SUSE bug 1224627 SUSE bug 1224628 SUSE bug 1224629 SUSE bug 1224632 SUSE bug 1224636 SUSE bug 1224637 SUSE bug 1224638 SUSE bug 1224640 SUSE bug 1224643 SUSE bug 1224644 SUSE bug 1224645 SUSE bug 1224647 SUSE bug 1224648 SUSE bug 1224649 SUSE bug 1224650 SUSE bug 1224651 SUSE bug 1224657 SUSE bug 1224659 SUSE bug 1224660 SUSE bug 1224663 SUSE bug 1224664 SUSE bug 1224665 SUSE bug 1224666 SUSE bug 1224667 SUSE bug 1224668 SUSE bug 1224671 SUSE bug 1224672 SUSE bug 1224676 SUSE bug 1224678 SUSE bug 1224679 SUSE bug 1224680 SUSE bug 1224681 SUSE bug 1224682 SUSE bug 1224685 SUSE bug 1224686 SUSE bug 1224692 SUSE bug 1224697 SUSE bug 1224699 SUSE bug 1224701 SUSE bug 1224703 SUSE bug 1224705 SUSE bug 1224707 SUSE bug 1224717 SUSE bug 1224718 SUSE bug 1224721 SUSE bug 1224722 SUSE bug 1224723 SUSE bug 1224725 SUSE bug 1224727 SUSE bug 1224728 SUSE bug 1224729 SUSE bug 1224730 SUSE bug 1224731 SUSE bug 1224732 SUSE bug 1224733 SUSE bug 1224736 SUSE bug 1224738 SUSE bug 1224739 SUSE bug 1224740 SUSE bug 1224747 SUSE bug 1224749 SUSE bug 1224759 SUSE bug 1224763 SUSE bug 1224764 SUSE bug 1224765 SUSE bug 1224766 SUSE bug 1224794 SUSE bug 1224795 SUSE bug 1224796 SUSE bug 1224803 SUSE bug 1224816 SUSE bug 1224895 SUSE bug 1224898 SUSE bug 1224900 SUSE bug 1224901 SUSE bug 1224902 SUSE bug 1224903 SUSE bug 1224904 SUSE bug 1224905 SUSE bug 1224907 SUSE bug 1224909 SUSE bug 1224910 SUSE bug 1224911 SUSE bug 1224912 SUSE bug 1224913 SUSE bug 1224914 SUSE bug 1224915 SUSE bug 1224920 SUSE bug 1224928 SUSE bug 1224929 SUSE bug 1224930 SUSE bug 1224931 SUSE bug 1224932 SUSE bug 1224936 SUSE bug 1224937 SUSE bug 1224941 SUSE bug 1224942 SUSE bug 1224944 SUSE bug 1224945 SUSE bug 1224947 SUSE bug 1224956 SUSE bug 1224988 SUSE bug 1224992 SUSE bug 1225000 SUSE bug 1225003 SUSE bug 1225005 SUSE bug 1225008 SUSE bug 1225009 SUSE bug 1225022 SUSE bug 1225031 SUSE bug 1225032 SUSE bug 1225036 SUSE bug 1225041 SUSE bug 1225044 SUSE bug 1225053 SUSE bug 1225076 SUSE bug 1225077 SUSE bug 1225082 SUSE bug 1225085 SUSE bug 1225086 SUSE bug 1225092 SUSE bug 1225095 SUSE bug 1225096 SUSE bug 1225097 SUSE bug 1225106 SUSE bug 1225108 SUSE bug 1225109 SUSE bug 1225114 SUSE bug 1225118 SUSE bug 1225121 SUSE bug 1225122 SUSE bug 1225123 SUSE bug 1225125 SUSE bug 1225126 SUSE bug 1225127 SUSE bug 1225129 SUSE bug 1225131 SUSE bug 1225132 SUSE bug 1225138 SUSE bug 1225139 SUSE bug 1225145 SUSE bug 1225151 SUSE bug 1225153 SUSE bug 1225156 SUSE bug 1225158 SUSE bug 1225160 SUSE bug 1225161 SUSE bug 1225164 SUSE bug 1225167 SUSE bug 1225180 SUSE bug 1225183 SUSE bug 1225184 SUSE bug 1225186 SUSE bug 1225187 SUSE bug 1225189 SUSE bug 1225190 SUSE bug 1225191 SUSE bug 1225192 SUSE bug 1225193 SUSE bug 1225195 SUSE bug 1225198 SUSE bug 1225201 SUSE bug 1225203 SUSE bug 1225205 SUSE bug 1225206 SUSE bug 1225207 SUSE bug 1225208 SUSE bug 1225209 SUSE bug 1225210 SUSE bug 1225214 SUSE bug 1225222 SUSE bug 1225223 SUSE bug 1225224 SUSE bug 1225225 SUSE bug 1225227 SUSE bug 1225228 SUSE bug 1225229 SUSE bug 1225230 SUSE bug 1225232 SUSE bug 1225233 SUSE bug 1225235 SUSE bug 1225236 SUSE bug 1225237 SUSE bug 1225238 SUSE bug 1225239 SUSE bug 1225240 SUSE bug 1225241 SUSE bug 1225242 SUSE bug 1225243 SUSE bug 1225244 SUSE bug 1225245 SUSE bug 1225246 SUSE bug 1225247 SUSE bug 1225248 SUSE bug 1225249 SUSE bug 1225250 SUSE bug 1225251 SUSE bug 1225252 SUSE bug 1225253 SUSE bug 1225254 SUSE bug 1225255 SUSE bug 1225256 SUSE bug 1225257 SUSE bug 1225258 SUSE bug 1225259 SUSE bug 1225260 SUSE bug 1225261 SUSE bug 1225262 SUSE bug 1225263 SUSE bug 1225268 SUSE bug 1225301 SUSE bug 1225303 SUSE bug 1225304 SUSE bug 1225306 SUSE bug 1225316 SUSE bug 1225318 SUSE bug 1225320 SUSE bug 1225321 SUSE bug 1225322 SUSE bug 1225323 SUSE bug 1225326 SUSE bug 1225327 SUSE bug 1225328 SUSE bug 1225329 SUSE bug 1225330 SUSE bug 1225331 SUSE bug 1225332 SUSE bug 1225333 SUSE bug 1225334 SUSE bug 1225335 SUSE bug 1225336 SUSE bug 1225337 SUSE bug 1225338 SUSE bug 1225339 SUSE bug 1225341 SUSE bug 1225342 SUSE bug 1225344 SUSE bug 1225346 SUSE bug 1225347 SUSE bug 1225351 SUSE bug 1225353 SUSE bug 1225354 SUSE bug 1225355 SUSE bug 1225357 SUSE bug 1225358 SUSE bug 1225360 SUSE bug 1225361 SUSE bug 1225366 SUSE bug 1225367 SUSE bug 1225368 SUSE bug 1225369 SUSE bug 1225370 SUSE bug 1225372 SUSE bug 1225373 SUSE bug 1225374 SUSE bug 1225375 SUSE bug 1225376 SUSE bug 1225377 SUSE bug 1225379 SUSE bug 1225380 SUSE bug 1225382 SUSE bug 1225383 SUSE bug 1225384 SUSE bug 1225386 SUSE bug 1225387 SUSE bug 1225388 SUSE bug 1225390 SUSE bug 1225392 SUSE bug 1225393 SUSE bug 1225396 SUSE bug 1225400 SUSE bug 1225404 SUSE bug 1225405 SUSE bug 1225408 SUSE bug 1225409 SUSE bug 1225410 SUSE bug 1225411 SUSE bug 1225424 SUSE bug 1225425 SUSE bug 1225427 SUSE bug 1225431 SUSE bug 1225435 SUSE bug 1225436 SUSE bug 1225437 SUSE bug 1225438 SUSE bug 1225439 SUSE bug 1225441 SUSE bug 1225442 SUSE bug 1225443 SUSE bug 1225444 SUSE bug 1225445 SUSE bug 1225446 SUSE bug 1225447 SUSE bug 1225450 SUSE bug 1225453 SUSE bug 1225455 SUSE bug 1225461 SUSE bug 1225463 SUSE bug 1225464 SUSE bug 1225466 SUSE bug 1225467 SUSE bug 1225468 SUSE bug 1225471 SUSE bug 1225472 SUSE bug 1225478 SUSE bug 1225479 SUSE bug 1225480 SUSE bug 1225482 SUSE bug 1225483 SUSE bug 1225486 SUSE bug 1225488 SUSE bug 1225490 SUSE bug 1225492 SUSE bug 1225495 SUSE bug 1225499 SUSE bug 1225500 SUSE bug 1225501 SUSE bug 1225502 SUSE bug 1225506 SUSE bug 1225508 SUSE bug 1225510 SUSE bug 1225513 SUSE bug 1225515 SUSE bug 1225529 SUSE bug 1225530 SUSE bug 1225532 SUSE bug 1225534 SUSE bug 1225535 SUSE bug 1225548 SUSE bug 1225549 SUSE bug 1225550 SUSE bug 1225553 SUSE bug 1225554 SUSE bug 1225555 SUSE bug 1225556 SUSE bug 1225557 SUSE bug 1225559 SUSE bug 1225560 SUSE bug 1225565 SUSE bug 1225566 SUSE bug 1225568 SUSE bug 1225569 SUSE bug 1225570 SUSE bug 1225571 SUSE bug 1225572 SUSE bug 1225577 SUSE bug 1225583 SUSE bug 1225584 SUSE bug 1225587 SUSE bug 1225588 SUSE bug 1225589 SUSE bug 1225590 SUSE bug 1225591 SUSE bug 1225592 SUSE bug 1225593 SUSE bug 1225595 SUSE bug 1225599 SUSE bug 1225616 SUSE bug 1225640 SUSE bug 1225642 SUSE bug 1225705 SUSE bug 1225708 SUSE bug 1225715 SUSE bug 1225720 SUSE bug 1225722 SUSE bug 1225734 SUSE bug 1225735 SUSE bug 1225747 SUSE bug 1225748 SUSE bug 1225756 SUSE bug 1225761 SUSE bug 1225766 SUSE bug 1225775 SUSE bug 1225810 SUSE bug 1225820 SUSE bug 1225829 SUSE bug 1225835 SUSE bug 1225842 CVE-2020-36788 at SUSE CVE-2020-36788 at NVD CVE-2021-4148 at SUSE CVE-2021-4148 at NVD CVE-2021-43527 at SUSE CVE-2021-43527 at NVD CVE-2021-47358 at SUSE CVE-2021-47358 at NVD CVE-2021-47359 at SUSE CVE-2021-47359 at NVD CVE-2021-47360 at SUSE CVE-2021-47360 at NVD CVE-2021-47361 at SUSE CVE-2021-47361 at NVD CVE-2021-47362 at SUSE CVE-2021-47362 at NVD CVE-2021-47363 at SUSE CVE-2021-47363 at NVD CVE-2021-47364 at SUSE CVE-2021-47364 at NVD CVE-2021-47365 at SUSE CVE-2021-47365 at NVD CVE-2021-47366 at SUSE CVE-2021-47366 at NVD CVE-2021-47367 at SUSE CVE-2021-47367 at NVD CVE-2021-47368 at SUSE CVE-2021-47368 at NVD CVE-2021-47369 at SUSE CVE-2021-47369 at NVD CVE-2021-47370 at SUSE CVE-2021-47370 at NVD CVE-2021-47371 at SUSE CVE-2021-47371 at NVD CVE-2021-47372 at SUSE CVE-2021-47372 at NVD CVE-2021-47373 at SUSE CVE-2021-47373 at NVD CVE-2021-47374 at SUSE CVE-2021-47374 at NVD CVE-2021-47375 at SUSE CVE-2021-47375 at NVD CVE-2021-47376 at SUSE CVE-2021-47376 at NVD CVE-2021-47378 at SUSE CVE-2021-47378 at NVD CVE-2021-47379 at SUSE CVE-2021-47379 at NVD CVE-2021-47380 at SUSE CVE-2021-47380 at NVD CVE-2021-47381 at SUSE CVE-2021-47381 at NVD CVE-2021-47382 at SUSE CVE-2021-47382 at NVD CVE-2021-47383 at SUSE CVE-2021-47383 at NVD CVE-2021-47384 at SUSE CVE-2021-47384 at NVD CVE-2021-47385 at SUSE CVE-2021-47385 at NVD CVE-2021-47386 at SUSE CVE-2021-47386 at NVD CVE-2021-47387 at SUSE CVE-2021-47387 at NVD CVE-2021-47388 at SUSE CVE-2021-47388 at NVD CVE-2021-47389 at SUSE CVE-2021-47389 at NVD CVE-2021-47390 at SUSE CVE-2021-47390 at NVD CVE-2021-47391 at SUSE CVE-2021-47391 at NVD CVE-2021-47392 at SUSE CVE-2021-47392 at NVD CVE-2021-47393 at SUSE CVE-2021-47393 at NVD CVE-2021-47394 at SUSE CVE-2021-47394 at NVD CVE-2021-47395 at SUSE CVE-2021-47395 at NVD CVE-2021-47396 at SUSE CVE-2021-47396 at NVD CVE-2021-47397 at SUSE CVE-2021-47397 at NVD CVE-2021-47398 at SUSE CVE-2021-47398 at NVD CVE-2021-47399 at SUSE CVE-2021-47399 at NVD CVE-2021-47400 at SUSE CVE-2021-47400 at NVD CVE-2021-47401 at SUSE CVE-2021-47401 at NVD CVE-2021-47402 at SUSE CVE-2021-47402 at NVD CVE-2021-47403 at SUSE CVE-2021-47403 at NVD CVE-2021-47404 at SUSE CVE-2021-47404 at NVD CVE-2021-47405 at SUSE CVE-2021-47405 at NVD CVE-2021-47406 at SUSE CVE-2021-47406 at NVD CVE-2021-47407 at SUSE CVE-2021-47407 at NVD CVE-2021-47408 at SUSE CVE-2021-47408 at NVD CVE-2021-47409 at SUSE CVE-2021-47409 at NVD CVE-2021-47410 at SUSE CVE-2021-47410 at NVD CVE-2021-47412 at SUSE CVE-2021-47412 at NVD CVE-2021-47413 at SUSE CVE-2021-47413 at NVD CVE-2021-47414 at SUSE CVE-2021-47414 at NVD CVE-2021-47415 at SUSE CVE-2021-47415 at NVD CVE-2021-47416 at SUSE CVE-2021-47416 at NVD CVE-2021-47417 at SUSE CVE-2021-47417 at NVD CVE-2021-47418 at SUSE CVE-2021-47418 at NVD CVE-2021-47419 at SUSE CVE-2021-47419 at NVD CVE-2021-47420 at SUSE CVE-2021-47420 at NVD CVE-2021-47421 at SUSE CVE-2021-47421 at NVD CVE-2021-47422 at SUSE CVE-2021-47422 at NVD CVE-2021-47423 at SUSE CVE-2021-47423 at NVD CVE-2021-47424 at SUSE CVE-2021-47424 at NVD CVE-2021-47425 at SUSE CVE-2021-47425 at NVD CVE-2021-47426 at SUSE CVE-2021-47426 at NVD CVE-2021-47427 at SUSE CVE-2021-47427 at NVD CVE-2021-47428 at SUSE CVE-2021-47428 at NVD CVE-2021-47429 at SUSE CVE-2021-47429 at NVD CVE-2021-47430 at SUSE CVE-2021-47430 at NVD CVE-2021-47431 at SUSE CVE-2021-47431 at NVD CVE-2021-47433 at SUSE CVE-2021-47433 at NVD CVE-2021-47434 at SUSE CVE-2021-47434 at NVD CVE-2021-47435 at SUSE CVE-2021-47435 at NVD CVE-2021-47436 at SUSE CVE-2021-47436 at NVD CVE-2021-47437 at SUSE CVE-2021-47437 at NVD CVE-2021-47438 at SUSE CVE-2021-47438 at NVD CVE-2021-47439 at SUSE CVE-2021-47439 at NVD CVE-2021-47440 at SUSE CVE-2021-47440 at NVD CVE-2021-47441 at SUSE CVE-2021-47441 at NVD CVE-2021-47442 at SUSE CVE-2021-47442 at NVD CVE-2021-47443 at SUSE CVE-2021-47443 at NVD CVE-2021-47444 at SUSE CVE-2021-47444 at NVD CVE-2021-47445 at SUSE CVE-2021-47445 at NVD CVE-2021-47446 at SUSE CVE-2021-47446 at NVD CVE-2021-47447 at SUSE CVE-2021-47447 at NVD CVE-2021-47448 at SUSE CVE-2021-47448 at NVD CVE-2021-47449 at SUSE CVE-2021-47449 at NVD CVE-2021-47450 at SUSE CVE-2021-47450 at NVD CVE-2021-47451 at SUSE CVE-2021-47451 at NVD CVE-2021-47452 at SUSE CVE-2021-47452 at NVD CVE-2021-47453 at SUSE CVE-2021-47453 at NVD CVE-2021-47454 at SUSE CVE-2021-47454 at NVD CVE-2021-47455 at SUSE CVE-2021-47455 at NVD CVE-2021-47456 at SUSE CVE-2021-47456 at NVD CVE-2021-47457 at SUSE CVE-2021-47457 at NVD CVE-2021-47458 at SUSE CVE-2021-47458 at NVD CVE-2021-47459 at SUSE CVE-2021-47459 at NVD CVE-2021-47460 at SUSE CVE-2021-47460 at NVD CVE-2021-47461 at SUSE CVE-2021-47461 at NVD CVE-2021-47462 at SUSE CVE-2021-47462 at NVD CVE-2021-47463 at SUSE CVE-2021-47463 at NVD CVE-2021-47464 at SUSE CVE-2021-47464 at NVD CVE-2021-47465 at SUSE CVE-2021-47465 at NVD CVE-2021-47466 at SUSE CVE-2021-47466 at NVD CVE-2021-47467 at SUSE CVE-2021-47467 at NVD CVE-2021-47468 at SUSE CVE-2021-47468 at NVD CVE-2021-47469 at SUSE CVE-2021-47469 at NVD CVE-2021-47470 at SUSE CVE-2021-47470 at NVD CVE-2021-47471 at SUSE CVE-2021-47471 at NVD CVE-2021-47472 at SUSE CVE-2021-47472 at NVD CVE-2021-47473 at SUSE CVE-2021-47473 at NVD CVE-2021-47474 at SUSE CVE-2021-47474 at NVD CVE-2021-47475 at SUSE CVE-2021-47475 at NVD CVE-2021-47476 at SUSE CVE-2021-47476 at NVD CVE-2021-47477 at SUSE CVE-2021-47477 at NVD CVE-2021-47478 at SUSE CVE-2021-47478 at NVD CVE-2021-47479 at SUSE CVE-2021-47479 at NVD CVE-2021-47480 at SUSE CVE-2021-47480 at NVD CVE-2021-47481 at SUSE CVE-2021-47481 at NVD CVE-2021-47482 at SUSE CVE-2021-47482 at NVD CVE-2021-47483 at SUSE CVE-2021-47483 at NVD CVE-2021-47484 at SUSE CVE-2021-47484 at NVD CVE-2021-47485 at SUSE CVE-2021-47485 at NVD CVE-2021-47486 at SUSE CVE-2021-47486 at NVD CVE-2021-47488 at SUSE CVE-2021-47488 at NVD CVE-2021-47489 at SUSE CVE-2021-47489 at NVD CVE-2021-47490 at SUSE CVE-2021-47490 at NVD CVE-2021-47491 at SUSE CVE-2021-47491 at NVD CVE-2021-47492 at SUSE CVE-2021-47492 at NVD CVE-2021-47493 at SUSE CVE-2021-47493 at NVD CVE-2021-47494 at SUSE CVE-2021-47494 at NVD CVE-2021-47495 at SUSE CVE-2021-47495 at NVD CVE-2021-47496 at SUSE CVE-2021-47496 at NVD CVE-2021-47497 at SUSE CVE-2021-47497 at NVD CVE-2021-47498 at SUSE CVE-2021-47498 at NVD CVE-2021-47499 at SUSE CVE-2021-47499 at NVD CVE-2021-47500 at SUSE CVE-2021-47500 at NVD CVE-2021-47501 at SUSE CVE-2021-47501 at NVD CVE-2021-47502 at SUSE CVE-2021-47502 at NVD CVE-2021-47503 at SUSE CVE-2021-47503 at NVD CVE-2021-47504 at SUSE CVE-2021-47504 at NVD CVE-2021-47505 at SUSE CVE-2021-47505 at NVD CVE-2021-47506 at SUSE CVE-2021-47506 at NVD CVE-2021-47507 at SUSE CVE-2021-47507 at NVD CVE-2021-47508 at SUSE CVE-2021-47508 at NVD CVE-2021-47509 at SUSE CVE-2021-47509 at NVD CVE-2021-47510 at SUSE CVE-2021-47510 at NVD CVE-2021-47511 at SUSE CVE-2021-47511 at NVD CVE-2021-47512 at SUSE CVE-2021-47512 at NVD CVE-2021-47513 at SUSE CVE-2021-47513 at NVD CVE-2021-47514 at SUSE CVE-2021-47514 at NVD CVE-2021-47516 at SUSE CVE-2021-47516 at NVD CVE-2021-47518 at SUSE CVE-2021-47518 at NVD CVE-2021-47520 at SUSE CVE-2021-47520 at NVD CVE-2021-47521 at SUSE CVE-2021-47521 at NVD CVE-2021-47522 at SUSE CVE-2021-47522 at NVD CVE-2021-47523 at SUSE CVE-2021-47523 at NVD CVE-2021-47524 at SUSE CVE-2021-47524 at NVD CVE-2021-47525 at SUSE CVE-2021-47525 at NVD CVE-2021-47526 at SUSE CVE-2021-47526 at NVD CVE-2021-47528 at SUSE CVE-2021-47528 at NVD CVE-2021-47529 at SUSE CVE-2021-47529 at NVD CVE-2021-47530 at SUSE CVE-2021-47530 at NVD CVE-2021-47531 at SUSE CVE-2021-47531 at NVD CVE-2021-47532 at SUSE CVE-2021-47532 at NVD CVE-2021-47533 at SUSE CVE-2021-47533 at NVD CVE-2021-47534 at SUSE CVE-2021-47534 at NVD CVE-2021-47535 at SUSE CVE-2021-47535 at NVD CVE-2021-47536 at SUSE CVE-2021-47536 at NVD CVE-2021-47537 at SUSE CVE-2021-47537 at NVD CVE-2021-47540 at SUSE CVE-2021-47540 at NVD CVE-2021-47541 at SUSE CVE-2021-47541 at NVD CVE-2021-47542 at SUSE CVE-2021-47542 at NVD CVE-2021-47544 at SUSE CVE-2021-47544 at NVD CVE-2021-47548 at SUSE CVE-2021-47548 at NVD CVE-2021-47549 at SUSE CVE-2021-47549 at NVD CVE-2021-47550 at SUSE CVE-2021-47550 at NVD CVE-2021-47551 at SUSE CVE-2021-47551 at NVD CVE-2021-47552 at SUSE CVE-2021-47552 at NVD CVE-2021-47553 at SUSE CVE-2021-47553 at NVD CVE-2021-47554 at SUSE CVE-2021-47554 at NVD CVE-2021-47555 at SUSE CVE-2021-47555 at NVD CVE-2021-47556 at SUSE CVE-2021-47556 at NVD CVE-2021-47557 at SUSE CVE-2021-47557 at NVD CVE-2021-47558 at SUSE CVE-2021-47558 at NVD CVE-2021-47559 at SUSE CVE-2021-47559 at NVD CVE-2021-47560 at SUSE CVE-2021-47560 at NVD CVE-2021-47562 at SUSE CVE-2021-47562 at NVD CVE-2021-47563 at SUSE CVE-2021-47563 at NVD CVE-2021-47564 at SUSE CVE-2021-47564 at NVD CVE-2021-47565 at SUSE CVE-2021-47565 at NVD CVE-2021-47569 at SUSE CVE-2021-47569 at NVD CVE-2022-48633 at SUSE CVE-2022-48633 at NVD CVE-2022-48662 at SUSE CVE-2022-48662 at NVD CVE-2022-48669 at SUSE CVE-2022-48669 at NVD CVE-2022-48689 at SUSE CVE-2022-48689 at NVD CVE-2022-48691 at SUSE CVE-2022-48691 at NVD CVE-2022-48699 at SUSE CVE-2022-48699 at NVD CVE-2022-48705 at SUSE CVE-2022-48705 at NVD CVE-2022-48708 at SUSE CVE-2022-48708 at NVD CVE-2022-48709 at SUSE CVE-2022-48709 at NVD CVE-2022-48710 at SUSE CVE-2022-48710 at NVD CVE-2023-0160 at SUSE CVE-2023-0160 at NVD CVE-2023-1829 at SUSE CVE-2023-1829 at NVD CVE-2023-42755 at SUSE CVE-2023-42755 at NVD CVE-2023-47233 at SUSE CVE-2023-47233 at NVD CVE-2023-52586 at SUSE CVE-2023-52586 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52618 at SUSE CVE-2023-52618 at NVD CVE-2023-52642 at SUSE CVE-2023-52642 at NVD CVE-2023-52643 at SUSE CVE-2023-52643 at NVD CVE-2023-52644 at SUSE CVE-2023-52644 at NVD CVE-2023-52646 at SUSE CVE-2023-52646 at NVD CVE-2023-52650 at SUSE CVE-2023-52650 at NVD CVE-2023-52653 at SUSE CVE-2023-52653 at NVD CVE-2023-52654 at SUSE CVE-2023-52654 at NVD CVE-2023-52655 at SUSE CVE-2023-52655 at NVD CVE-2023-52656 at SUSE CVE-2023-52656 at NVD CVE-2023-52657 at SUSE CVE-2023-52657 at NVD CVE-2023-52659 at SUSE CVE-2023-52659 at NVD CVE-2023-52660 at SUSE CVE-2023-52660 at NVD CVE-2023-52661 at SUSE CVE-2023-52661 at NVD CVE-2023-52662 at SUSE CVE-2023-52662 at NVD CVE-2023-52664 at SUSE CVE-2023-52664 at NVD CVE-2023-52669 at SUSE CVE-2023-52669 at NVD CVE-2023-52671 at SUSE CVE-2023-52671 at NVD CVE-2023-52674 at SUSE CVE-2023-52674 at NVD CVE-2023-52676 at SUSE CVE-2023-52676 at NVD CVE-2023-52678 at SUSE CVE-2023-52678 at NVD CVE-2023-52679 at SUSE CVE-2023-52679 at NVD CVE-2023-52680 at SUSE CVE-2023-52680 at NVD CVE-2023-52683 at SUSE CVE-2023-52683 at NVD CVE-2023-52685 at SUSE CVE-2023-52685 at NVD CVE-2023-52686 at SUSE CVE-2023-52686 at NVD CVE-2023-52690 at SUSE CVE-2023-52690 at NVD CVE-2023-52691 at SUSE CVE-2023-52691 at NVD CVE-2023-52692 at SUSE CVE-2023-52692 at NVD CVE-2023-52693 at SUSE CVE-2023-52693 at NVD CVE-2023-52694 at SUSE CVE-2023-52694 at NVD CVE-2023-52696 at SUSE CVE-2023-52696 at NVD CVE-2023-52698 at SUSE CVE-2023-52698 at NVD CVE-2023-52699 at SUSE CVE-2023-52699 at NVD CVE-2023-52702 at SUSE CVE-2023-52702 at NVD CVE-2023-52703 at SUSE CVE-2023-52703 at NVD CVE-2023-52705 at SUSE CVE-2023-52705 at NVD CVE-2023-52707 at SUSE CVE-2023-52707 at NVD CVE-2023-52708 at SUSE CVE-2023-52708 at NVD CVE-2023-52730 at SUSE CVE-2023-52730 at NVD CVE-2023-52731 at SUSE CVE-2023-52731 at NVD CVE-2023-52732 at SUSE CVE-2023-52732 at NVD CVE-2023-52733 at SUSE CVE-2023-52733 at NVD CVE-2023-52736 at SUSE CVE-2023-52736 at NVD CVE-2023-52738 at SUSE CVE-2023-52738 at NVD CVE-2023-52739 at SUSE CVE-2023-52739 at NVD CVE-2023-52740 at SUSE CVE-2023-52740 at NVD CVE-2023-52741 at SUSE CVE-2023-52741 at NVD CVE-2023-52742 at SUSE CVE-2023-52742 at NVD CVE-2023-52743 at SUSE CVE-2023-52743 at NVD CVE-2023-52744 at SUSE CVE-2023-52744 at NVD CVE-2023-52745 at SUSE CVE-2023-52745 at NVD CVE-2023-52746 at SUSE CVE-2023-52746 at NVD CVE-2023-52747 at SUSE CVE-2023-52747 at NVD CVE-2023-52753 at SUSE CVE-2023-52753 at NVD CVE-2023-52754 at SUSE CVE-2023-52754 at NVD CVE-2023-52756 at SUSE CVE-2023-52756 at NVD CVE-2023-52757 at SUSE CVE-2023-52757 at NVD CVE-2023-52759 at SUSE CVE-2023-52759 at NVD CVE-2023-52763 at SUSE CVE-2023-52763 at NVD CVE-2023-52764 at SUSE CVE-2023-52764 at NVD CVE-2023-52766 at SUSE CVE-2023-52766 at NVD CVE-2023-52773 at SUSE CVE-2023-52773 at NVD CVE-2023-52774 at SUSE CVE-2023-52774 at NVD CVE-2023-52777 at SUSE CVE-2023-52777 at NVD CVE-2023-52781 at SUSE CVE-2023-52781 at NVD CVE-2023-52788 at SUSE CVE-2023-52788 at NVD CVE-2023-52789 at SUSE CVE-2023-52789 at NVD CVE-2023-52791 at SUSE CVE-2023-52791 at NVD CVE-2023-52795 at SUSE CVE-2023-52795 at NVD CVE-2023-52796 at SUSE CVE-2023-52796 at NVD CVE-2023-52798 at SUSE CVE-2023-52798 at NVD CVE-2023-52799 at SUSE CVE-2023-52799 at NVD CVE-2023-52800 at SUSE CVE-2023-52800 at NVD CVE-2023-52803 at SUSE CVE-2023-52803 at NVD CVE-2023-52804 at SUSE CVE-2023-52804 at NVD CVE-2023-52805 at SUSE CVE-2023-52805 at NVD CVE-2023-52806 at SUSE CVE-2023-52806 at NVD CVE-2023-52807 at SUSE CVE-2023-52807 at NVD CVE-2023-52808 at SUSE CVE-2023-52808 at NVD CVE-2023-52809 at SUSE CVE-2023-52809 at NVD CVE-2023-52810 at SUSE CVE-2023-52810 at NVD CVE-2023-52811 at SUSE CVE-2023-52811 at NVD CVE-2023-52814 at SUSE CVE-2023-52814 at NVD CVE-2023-52815 at SUSE CVE-2023-52815 at NVD CVE-2023-52816 at SUSE CVE-2023-52816 at NVD CVE-2023-52817 at SUSE CVE-2023-52817 at NVD CVE-2023-52818 at SUSE CVE-2023-52818 at NVD CVE-2023-52819 at SUSE CVE-2023-52819 at NVD CVE-2023-52821 at SUSE CVE-2023-52821 at NVD CVE-2023-52825 at SUSE CVE-2023-52825 at NVD CVE-2023-52826 at SUSE CVE-2023-52826 at NVD CVE-2023-52832 at SUSE CVE-2023-52832 at NVD CVE-2023-52833 at SUSE CVE-2023-52833 at NVD CVE-2023-52834 at SUSE CVE-2023-52834 at NVD CVE-2023-52838 at SUSE CVE-2023-52838 at NVD CVE-2023-52840 at SUSE CVE-2023-52840 at NVD CVE-2023-52841 at SUSE CVE-2023-52841 at NVD CVE-2023-52844 at SUSE CVE-2023-52844 at NVD CVE-2023-52847 at SUSE CVE-2023-52847 at NVD CVE-2023-52851 at SUSE CVE-2023-52851 at NVD CVE-2023-52853 at SUSE CVE-2023-52853 at NVD CVE-2023-52854 at SUSE CVE-2023-52854 at NVD CVE-2023-52855 at SUSE CVE-2023-52855 at NVD CVE-2023-52856 at SUSE CVE-2023-52856 at NVD CVE-2023-52858 at SUSE CVE-2023-52858 at NVD CVE-2023-52860 at SUSE CVE-2023-52860 at NVD CVE-2023-52861 at SUSE CVE-2023-52861 at NVD CVE-2023-52864 at SUSE CVE-2023-52864 at NVD CVE-2023-52865 at SUSE CVE-2023-52865 at NVD CVE-2023-52867 at SUSE CVE-2023-52867 at NVD CVE-2023-52868 at SUSE CVE-2023-52868 at NVD CVE-2023-52870 at SUSE CVE-2023-52870 at NVD CVE-2023-52871 at SUSE CVE-2023-52871 at NVD CVE-2023-52872 at SUSE CVE-2023-52872 at NVD CVE-2023-52873 at SUSE CVE-2023-52873 at NVD CVE-2023-52875 at SUSE CVE-2023-52875 at NVD CVE-2023-52876 at SUSE CVE-2023-52876 at NVD CVE-2023-52877 at SUSE CVE-2023-52877 at NVD CVE-2023-52878 at SUSE CVE-2023-52878 at NVD CVE-2023-52880 at SUSE CVE-2023-52880 at NVD CVE-2023-6531 at SUSE CVE-2023-6531 at NVD CVE-2024-2201 at SUSE CVE-2024-2201 at NVD CVE-2024-26597 at SUSE CVE-2024-26597 at NVD CVE-2024-26643 at SUSE CVE-2024-26643 at NVD CVE-2024-26679 at SUSE CVE-2024-26679 at NVD CVE-2024-26692 at SUSE CVE-2024-26692 at NVD CVE-2024-26698 at SUSE CVE-2024-26698 at NVD CVE-2024-26700 at SUSE CVE-2024-26700 at NVD CVE-2024-26715 at SUSE CVE-2024-26715 at NVD CVE-2024-26739 at SUSE CVE-2024-26739 at NVD CVE-2024-26742 at SUSE CVE-2024-26742 at NVD CVE-2024-26748 at SUSE CVE-2024-26748 at NVD CVE-2024-26758 at SUSE CVE-2024-26758 at NVD CVE-2024-26764 at SUSE CVE-2024-26764 at NVD CVE-2024-26775 at SUSE CVE-2024-26775 at NVD CVE-2024-26777 at SUSE CVE-2024-26777 at NVD CVE-2024-26778 at SUSE CVE-2024-26778 at NVD CVE-2024-26788 at SUSE CVE-2024-26788 at NVD CVE-2024-26791 at SUSE CVE-2024-26791 at NVD CVE-2024-26801 at SUSE CVE-2024-26801 at NVD CVE-2024-26822 at SUSE CVE-2024-26822 at NVD CVE-2024-26828 at SUSE CVE-2024-26828 at NVD CVE-2024-26829 at SUSE CVE-2024-26829 at NVD CVE-2024-26838 at SUSE CVE-2024-26838 at NVD CVE-2024-26839 at SUSE CVE-2024-26839 at NVD CVE-2024-26840 at SUSE CVE-2024-26840 at NVD CVE-2024-26846 at SUSE CVE-2024-26846 at NVD CVE-2024-26859 at SUSE CVE-2024-26859 at NVD CVE-2024-26870 at SUSE CVE-2024-26870 at NVD CVE-2024-26874 at SUSE CVE-2024-26874 at NVD CVE-2024-26876 at SUSE CVE-2024-26876 at NVD CVE-2024-26877 at SUSE CVE-2024-26877 at NVD CVE-2024-26880 at SUSE CVE-2024-26880 at NVD CVE-2024-26889 at SUSE CVE-2024-26889 at NVD CVE-2024-26894 at SUSE CVE-2024-26894 at NVD CVE-2024-26900 at SUSE CVE-2024-26900 at NVD CVE-2024-26907 at SUSE CVE-2024-26907 at NVD CVE-2024-26915 at SUSE CVE-2024-26915 at NVD CVE-2024-26916 at SUSE CVE-2024-26916 at NVD CVE-2024-26919 at SUSE CVE-2024-26919 at NVD CVE-2024-26920 at SUSE CVE-2024-26920 at NVD CVE-2024-26921 at SUSE CVE-2024-26921 at NVD CVE-2024-26922 at SUSE CVE-2024-26922 at NVD CVE-2024-26925 at SUSE CVE-2024-26925 at NVD CVE-2024-26928 at SUSE CVE-2024-26928 at NVD CVE-2024-26929 at SUSE CVE-2024-26929 at NVD CVE-2024-26930 at SUSE CVE-2024-26930 at NVD CVE-2024-26931 at SUSE CVE-2024-26931 at NVD CVE-2024-26933 at SUSE CVE-2024-26933 at NVD CVE-2024-26934 at SUSE CVE-2024-26934 at NVD CVE-2024-26935 at SUSE CVE-2024-26935 at NVD CVE-2024-26937 at SUSE CVE-2024-26937 at NVD CVE-2024-26938 at SUSE CVE-2024-26938 at NVD CVE-2024-26939 at SUSE CVE-2024-26939 at NVD CVE-2024-26940 at SUSE CVE-2024-26940 at NVD CVE-2024-26943 at SUSE CVE-2024-26943 at NVD CVE-2024-26957 at SUSE CVE-2024-26957 at NVD CVE-2024-26958 at SUSE CVE-2024-26958 at NVD CVE-2024-26964 at SUSE CVE-2024-26964 at NVD CVE-2024-26974 at SUSE CVE-2024-26974 at NVD CVE-2024-26977 at SUSE CVE-2024-26977 at NVD CVE-2024-26979 at SUSE CVE-2024-26979 at NVD CVE-2024-26984 at SUSE CVE-2024-26984 at NVD CVE-2024-26988 at SUSE CVE-2024-26988 at NVD CVE-2024-26989 at SUSE CVE-2024-26989 at NVD CVE-2024-26994 at SUSE CVE-2024-26994 at NVD CVE-2024-26996 at SUSE CVE-2024-26996 at NVD CVE-2024-26997 at SUSE CVE-2024-26997 at NVD CVE-2024-26999 at SUSE CVE-2024-26999 at NVD CVE-2024-27000 at SUSE CVE-2024-27000 at NVD CVE-2024-27001 at SUSE CVE-2024-27001 at NVD CVE-2024-27004 at SUSE CVE-2024-27004 at NVD CVE-2024-27008 at SUSE CVE-2024-27008 at NVD CVE-2024-27028 at SUSE CVE-2024-27028 at NVD CVE-2024-27037 at SUSE CVE-2024-27037 at NVD CVE-2024-27042 at SUSE CVE-2024-27042 at NVD CVE-2024-27045 at SUSE CVE-2024-27045 at NVD CVE-2024-27047 at SUSE CVE-2024-27047 at NVD CVE-2024-27051 at SUSE CVE-2024-27051 at NVD CVE-2024-27052 at SUSE CVE-2024-27052 at NVD CVE-2024-27053 at SUSE CVE-2024-27053 at NVD CVE-2024-27054 at SUSE CVE-2024-27054 at NVD CVE-2024-27059 at SUSE CVE-2024-27059 at NVD CVE-2024-27072 at SUSE CVE-2024-27072 at NVD CVE-2024-27073 at SUSE CVE-2024-27073 at NVD CVE-2024-27074 at SUSE CVE-2024-27074 at NVD CVE-2024-27075 at SUSE CVE-2024-27075 at NVD CVE-2024-27076 at SUSE CVE-2024-27076 at NVD CVE-2024-27077 at SUSE CVE-2024-27077 at NVD CVE-2024-27078 at SUSE CVE-2024-27078 at NVD CVE-2024-27388 at SUSE CVE-2024-27388 at NVD CVE-2024-27393 at SUSE CVE-2024-27393 at NVD CVE-2024-27395 at SUSE CVE-2024-27395 at NVD CVE-2024-27396 at SUSE CVE-2024-27396 at NVD CVE-2024-27398 at SUSE CVE-2024-27398 at NVD CVE-2024-27399 at SUSE CVE-2024-27399 at NVD CVE-2024-27400 at SUSE CVE-2024-27400 at NVD CVE-2024-27401 at SUSE CVE-2024-27401 at NVD CVE-2024-27405 at SUSE CVE-2024-27405 at NVD CVE-2024-27410 at SUSE CVE-2024-27410 at NVD CVE-2024-27412 at SUSE CVE-2024-27412 at NVD CVE-2024-27413 at SUSE CVE-2024-27413 at NVD CVE-2024-27416 at SUSE CVE-2024-27416 at NVD CVE-2024-27417 at SUSE CVE-2024-27417 at NVD CVE-2024-27419 at SUSE CVE-2024-27419 at NVD CVE-2024-27431 at SUSE CVE-2024-27431 at NVD CVE-2024-27435 at SUSE CVE-2024-27435 at NVD CVE-2024-27436 at SUSE CVE-2024-27436 at NVD CVE-2024-35789 at SUSE CVE-2024-35789 at NVD CVE-2024-35791 at SUSE CVE-2024-35791 at NVD CVE-2024-35796 at SUSE CVE-2024-35796 at NVD CVE-2024-35799 at SUSE CVE-2024-35799 at NVD CVE-2024-35801 at SUSE CVE-2024-35801 at NVD CVE-2024-35804 at SUSE CVE-2024-35804 at NVD CVE-2024-35806 at SUSE CVE-2024-35806 at NVD CVE-2024-35809 at SUSE CVE-2024-35809 at NVD CVE-2024-35811 at SUSE CVE-2024-35811 at NVD CVE-2024-35812 at SUSE CVE-2024-35812 at NVD CVE-2024-35813 at SUSE CVE-2024-35813 at NVD CVE-2024-35815 at SUSE CVE-2024-35815 at NVD CVE-2024-35817 at SUSE CVE-2024-35817 at NVD CVE-2024-35821 at SUSE CVE-2024-35821 at NVD CVE-2024-35822 at SUSE CVE-2024-35822 at NVD CVE-2024-35823 at SUSE CVE-2024-35823 at NVD CVE-2024-35825 at SUSE CVE-2024-35825 at NVD CVE-2024-35828 at SUSE CVE-2024-35828 at NVD CVE-2024-35829 at SUSE CVE-2024-35829 at NVD CVE-2024-35830 at SUSE CVE-2024-35830 at NVD CVE-2024-35833 at SUSE CVE-2024-35833 at NVD CVE-2024-35845 at SUSE CVE-2024-35845 at NVD CVE-2024-35847 at SUSE CVE-2024-35847 at NVD CVE-2024-35849 at SUSE CVE-2024-35849 at NVD CVE-2024-35851 at SUSE CVE-2024-35851 at NVD CVE-2024-35852 at SUSE CVE-2024-35852 at NVD CVE-2024-35854 at SUSE CVE-2024-35854 at NVD CVE-2024-35860 at SUSE CVE-2024-35860 at NVD CVE-2024-35861 at SUSE CVE-2024-35861 at NVD CVE-2024-35862 at SUSE CVE-2024-35862 at NVD CVE-2024-35863 at SUSE CVE-2024-35863 at NVD CVE-2024-35864 at SUSE CVE-2024-35864 at NVD CVE-2024-35865 at SUSE CVE-2024-35865 at NVD CVE-2024-35866 at SUSE CVE-2024-35866 at NVD CVE-2024-35867 at SUSE CVE-2024-35867 at NVD CVE-2024-35868 at SUSE CVE-2024-35868 at NVD CVE-2024-35869 at SUSE CVE-2024-35869 at NVD CVE-2024-35870 at SUSE CVE-2024-35870 at NVD CVE-2024-35872 at SUSE CVE-2024-35872 at NVD CVE-2024-35875 at SUSE CVE-2024-35875 at NVD CVE-2024-35877 at SUSE CVE-2024-35877 at NVD CVE-2024-35878 at SUSE CVE-2024-35878 at NVD CVE-2024-35879 at SUSE CVE-2024-35879 at NVD CVE-2024-35885 at SUSE CVE-2024-35885 at NVD CVE-2024-35887 at SUSE CVE-2024-35887 at NVD CVE-2024-35895 at SUSE CVE-2024-35895 at NVD CVE-2024-35901 at SUSE CVE-2024-35901 at NVD CVE-2024-35904 at SUSE CVE-2024-35904 at NVD CVE-2024-35905 at SUSE CVE-2024-35905 at NVD CVE-2024-35907 at SUSE CVE-2024-35907 at NVD CVE-2024-35912 at SUSE CVE-2024-35912 at NVD CVE-2024-35914 at SUSE CVE-2024-35914 at NVD CVE-2024-35915 at SUSE CVE-2024-35915 at NVD CVE-2024-35922 at SUSE CVE-2024-35922 at NVD CVE-2024-35924 at SUSE CVE-2024-35924 at NVD CVE-2024-35930 at SUSE CVE-2024-35930 at NVD CVE-2024-35932 at SUSE CVE-2024-35932 at NVD CVE-2024-35933 at SUSE CVE-2024-35933 at NVD CVE-2024-35935 at SUSE CVE-2024-35935 at NVD CVE-2024-35936 at SUSE CVE-2024-35936 at NVD CVE-2024-35938 at SUSE CVE-2024-35938 at NVD CVE-2024-35939 at SUSE CVE-2024-35939 at NVD CVE-2024-35940 at SUSE CVE-2024-35940 at NVD CVE-2024-35943 at SUSE CVE-2024-35943 at NVD CVE-2024-35944 at SUSE CVE-2024-35944 at NVD CVE-2024-35947 at SUSE CVE-2024-35947 at NVD CVE-2024-35950 at SUSE CVE-2024-35950 at NVD CVE-2024-35951 at SUSE CVE-2024-35951 at NVD CVE-2024-35952 at SUSE CVE-2024-35952 at NVD CVE-2024-35955 at SUSE CVE-2024-35955 at NVD CVE-2024-35959 at SUSE CVE-2024-35959 at NVD CVE-2024-35963 at SUSE CVE-2024-35963 at NVD CVE-2024-35964 at SUSE CVE-2024-35964 at NVD CVE-2024-35965 at SUSE CVE-2024-35965 at NVD CVE-2024-35966 at SUSE CVE-2024-35966 at NVD CVE-2024-35967 at SUSE CVE-2024-35967 at NVD CVE-2024-35969 at SUSE CVE-2024-35969 at NVD CVE-2024-35973 at SUSE CVE-2024-35973 at NVD CVE-2024-35976 at SUSE CVE-2024-35976 at NVD CVE-2024-35978 at SUSE CVE-2024-35978 at NVD CVE-2024-35982 at SUSE CVE-2024-35982 at NVD CVE-2024-35984 at SUSE CVE-2024-35984 at NVD CVE-2024-35989 at SUSE CVE-2024-35989 at NVD CVE-2024-35990 at SUSE CVE-2024-35990 at NVD CVE-2024-35998 at SUSE CVE-2024-35998 at NVD CVE-2024-35999 at SUSE CVE-2024-35999 at NVD CVE-2024-36006 at SUSE CVE-2024-36006 at NVD CVE-2024-36007 at SUSE CVE-2024-36007 at NVD CVE-2024-36012 at SUSE CVE-2024-36012 at NVD CVE-2024-36014 at SUSE CVE-2024-36014 at NVD CVE-2024-36015 at SUSE CVE-2024-36015 at NVD CVE-2024-36016 at SUSE CVE-2024-36016 at NVD CVE-2024-36026 at SUSE CVE-2024-36026 at NVD CVE-2024-36029 at SUSE CVE-2024-36029 at NVD CVE-2024-36032 at SUSE CVE-2024-36032 at NVD CVE-2024-36880 at SUSE CVE-2024-36880 at NVD CVE-2024-36893 at SUSE CVE-2024-36893 at NVD CVE-2024-36896 at SUSE CVE-2024-36896 at NVD CVE-2024-36897 at SUSE CVE-2024-36897 at NVD CVE-2024-36906 at SUSE CVE-2024-36906 at NVD CVE-2024-36918 at SUSE CVE-2024-36918 at NVD CVE-2024-36924 at SUSE CVE-2024-36924 at NVD CVE-2024-36926 at SUSE CVE-2024-36926 at NVD CVE-2024-36928 at SUSE CVE-2024-36928 at NVD CVE-2024-36931 at SUSE CVE-2024-36931 at NVD CVE-2024-36938 at SUSE CVE-2024-36938 at NVD CVE-2024-36940 at SUSE CVE-2024-36940 at NVD CVE-2024-36941 at SUSE CVE-2024-36941 at NVD CVE-2024-36942 at SUSE CVE-2024-36942 at NVD CVE-2024-36944 at SUSE CVE-2024-36944 at NVD CVE-2024-36947 at SUSE CVE-2024-36947 at NVD CVE-2024-36950 at SUSE CVE-2024-36950 at NVD CVE-2024-36952 at SUSE CVE-2024-36952 at NVD CVE-2024-36955 at SUSE CVE-2024-36955 at NVD CVE-2024-36959 at SUSE CVE-2024-36959 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Important) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: - Collect component Role rules under operator Role instead of ClusterRole (bsc#1223965, CVE-2024-33394) - Ensure procps is installed (provides ps for tests) This update also rebuilds it against current go releases. Important SUSE bug 1223965 CVE-2024-33394 at SUSE CVE-2024-33394 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libndp (Important) SUSE Linux Enterprise Micro 5.5 This update for libndp fixes the following issues: - CVE-2024-5564: Add a check on the route information option length field. (bsc#1225771) Important SUSE bug 1225771 CVE-2024-5564 at SUSE CVE-2024-5564 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file (bsc#1227052). Moderate SUSE bug 1227052 CVE-2024-6104 at SUSE CVE-2024-6104 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Low) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). Low SUSE bug 1224282 CVE-2024-34459 at SUSE CVE-2024-34459 at NVD cpe:/o:suse:sle-micro:5.5 Security update for krb5 (Important) SUSE Linux Enterprise Micro 5.5 This update for krb5 fixes the following issues: - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). Important SUSE bug 1227186 SUSE bug 1227187 CVE-2024-37370 at SUSE CVE-2024-37370 at NVD CVE-2024-37371 at SUSE CVE-2024-37371 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cockpit (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cockpit fixes the following issues: - CVE-2024-6126: Fixed Integer overflow in pam_sm_close_session() (bsc#1226040). Moderate SUSE bug 1226040 CVE-2024-6126 at SUSE CVE-2024-6126 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kernel-firmware (Important) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware fixes the following issues: Update AMD ucode to 20231030 (bsc#1215831): - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. - CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation. - CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service. 0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity. - CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. - CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. - CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality. - CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. - CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality. - CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service. - CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823). Important SUSE bug 1215823 SUSE bug 1215831 CVE-2021-26345 at SUSE CVE-2021-26345 at NVD CVE-2021-46766 at SUSE CVE-2021-46766 at NVD CVE-2021-46774 at SUSE CVE-2021-46774 at NVD CVE-2022-23820 at SUSE CVE-2022-23820 at NVD CVE-2022-23830 at SUSE CVE-2022-23830 at NVD CVE-2023-20519 at SUSE CVE-2023-20519 at NVD CVE-2023-20521 at SUSE CVE-2023-20521 at NVD CVE-2023-20526 at SUSE CVE-2023-20526 at NVD CVE-2023-20533 at SUSE CVE-2023-20533 at NVD CVE-2023-20566 at SUSE CVE-2023-20566 at NVD CVE-2023-20592 at SUSE CVE-2023-20592 at NVD cpe:/o:suse:sle-micro:5.5 Security update for haproxy (Moderate) SUSE Linux Enterprise Micro 5.5 This update for haproxy fixes the following issues: - CVE-2023-45539: Fixed misinterpretation of a path_end rule with # as part of the URI component (bsc#1217653). Moderate SUSE bug 1217653 CVE-2023-45539 at SUSE CVE-2023-45539 at NVD cpe:/o:suse:sle-micro:5.5 Security update for jbigkit (Low) SUSE Linux Enterprise Micro 5.5 This update for jbigkit fixes the following issues: - CVE-2022-1210: Fixed denial of service in TIFF File Handler (bsc#1198146). Low SUSE bug 1198146 CVE-2022-1210 at SUSE CVE-2022-1210 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cpio (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). Moderate SUSE bug 1218571 CVE-2023-7207 at SUSE CVE-2023-7207 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ppp (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ppp fixes the following issues: - CVE-2022-4603: Fixed improper validation of array index of the component pppdump (bsc#1218251). Moderate SUSE bug 1218251 CVE-2022-4603 at SUSE CVE-2022-4603 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958. - CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391). - CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426). - CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448). - CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452). - CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). - CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). - CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389). - CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678). - CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). - CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). - CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719). - CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603). - CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). - CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). - CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). - CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). - CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). - CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). - CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). - CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). - CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). - CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). - CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). - CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). - CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050). - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). - CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692). - CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) - CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072). - CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). - CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). - CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). - CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641). - CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716). - CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). - CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). - CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). - CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). - CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). - CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). - CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). - CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). - CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). - CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). - CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497). - CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). - CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) - CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). - CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). - CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). - CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). - CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). - CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). - CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698). - CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699). - CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). - CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). - CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714). - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). - CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). - CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). - CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). - CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). - CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). - CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). - CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). - CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). - CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). - CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). - CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). - CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). - CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). - CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587). - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). - CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). - CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). - CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). - CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). - CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). - CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). - CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). - CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). - CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). - CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). - CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). - CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). - CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). - CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). - CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). - CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). - CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). - CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103. - CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992). The following non-security bugs were fixed: - ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes). - ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes). - ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes). - ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes). - ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes). - ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes). - ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes). - ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes). - ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes). - ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes). - ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes). - ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes). - ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes). - ALSA: timer: Set lower bound of start tick time (stable-fixes). - ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes). - ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes). - ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes). - ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes). - ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes). - ASoC: rt715-sdca: volume step modification (stable-fixes). - ASoC: rt715: add vendor clear control register (stable-fixes). - Add remote for nfs maintainer - Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes). - Fix new build warnings regarding unused variables: Changed build warnings: ***** 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable] - HID: core: remove unnecessary WARN_ON() in implement() (git-fixes). - HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes). - Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes). - NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). - NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). - NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). - PCI/ASPM: Update save_state when configuration changes (bsc#1226915) - PCI: Clear Secondary Status errors after enumeration (bsc#1226928) - RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300). - RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). - RDMA/hns: Fix incorrect sge nums calculation (git-fixes) - RDMA/irdma: Drop unused kernel push code (git-fixes) - RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) - Revert 'Add remote for nfs maintainer' - Revert 'build initrd without systemd' (bsc#1195775)' - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes). - USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes). - X.509: Fix the parser of extended key usage for length (bsc#1218820). - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). - arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690). - arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690). - arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690). - arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690). - ata: ahci: Clean up sysfs file on error (git-fixes). - ata: libata-core: Fix double free on error (git-fixes). - ata: libata-core: Fix null pointer dereference on error (git-fixes). - batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes). - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes). - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282). - cachefiles: remove requests from xarray during flushing requests (bsc#1226588). - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). - ceph: always check dir caps asynchronously (bsc#1226022). - ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). - ceph: break the check delayed cap loop every 5s (bsc#1226022). - ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). - cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). - cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). - cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). - cgroup: Remove unnecessary list_empty() (bsc#1222254). - cgroup: preserve KABI of cgroup_root (bsc#1222254). - cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368). - cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes). - crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes). - dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes). - dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes). - drivers: core: synchronize really_probe() and dev_uevent() (git-fixes). - drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes). - drm/amd/display: Add dtbclk access to dcn315 (stable-fixes). - drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes). - drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes). - drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes). - drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes). - drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes). - drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes). - drm/amdgpu/mes: fix use-after-free issue (stable-fixes). - drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes). - drm/amdgpu: Update BO eviction priorities (stable-fixes). - drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes). - drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes). - drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes). - drm/amdkfd: Rework kfd_locked handling (bsc#1225872) - drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes). - drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes). - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes). - drm/i915/dpt: Make DPT object unshrinkable (git-fixes). - drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes). - drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes). - drm/i915/guc: avoid FIELD_PREP warning (git-fixes). - drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes). - drm/komeda: check for error-valued pointer (git-fixes). - drm/lima: add mask irq callback to gp and pp (stable-fixes). - drm/lima: mask irqs in timeout path before hard reset (stable-fixes). - drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes). - drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes). - drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes). - drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes). - drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes). - drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes). - drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes). - drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes). - drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes). - gpio: davinci: Validate the obtained number of IRQs (git-fixes). - gpio: tqmx86: fix typo in Kconfig label (git-fixes). - gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes). - gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes). - hwmon: (shtc1) Fix property misspelling (git-fixes). - i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes). - i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes). - i2c: ocores: set IACK bit after core is enabled (git-fixes). - i2c: testunit: discard write requests while old command is running (git-fixes). - i2c: testunit: do not erase registers after STOP (git-fixes). - iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes). - iio: adc: ad7266: Fix variable checking bug (git-fixes). - iio: adc: ad9467: fix scan type sign (git-fixes). - iio: chemical: bme680: Fix calibration data variable (git-fixes). - iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes). - iio: chemical: bme680: Fix pressure value output (git-fixes). - iio: chemical: bme680: Fix sensor data read operation (git-fixes). - iio: dac: ad5592r: fix temperature channel scaling value (git-fixes). - iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes). - intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes). - iommu/amd: Fix sysfs leak in iommu init (git-fixes). - iommu: Return right value in iommu_sva_bind_device() (git-fixes). - iommu: mtk: fix module autoloading (git-fixes). - ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) - kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes). - kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274). - kconfig: doc: fix a typo in the note about 'imply' (git-fixes). - kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes). - kernel-doc: fix struct_group_tagged() parsing (git-fixes). - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes). - media: flexcop-usb: clean up endpoint sanity checks (stable-fixes). - media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes). - media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes). - media: lgdt3306a: Add a check against null-pointer-def (stable-fixes). - media: mxl5xx: Move xpt structures off stack (stable-fixes). - media: radio-shark2: Avoid led_names truncations (git-fixes). - media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes). - mei: me: release irq in mei_me_pci_resume error path (git-fixes). - mkspec-dtb: add toplevel symlinks also on arm - mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes). - mmc: core: Do not force a retune before RPMB switch (stable-fixes). - mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes). - mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes). - mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes). - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes). - mmc: sdhci: Do not invert write-protect twice (git-fixes). - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes). - mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes). - mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes). - mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes). - mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes). - mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes). - mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes). - mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes). - net/mlx5e: Fix a race in command alloc flow (git-fixes). - net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes). - net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes). - net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes). - net: ena: Fix redundant device NUMA node override (jsc#PED-8690). - net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). - net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes). - net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes). - net: usb: ax88179_178a: improve link status logs (git-fixes). - net: usb: ax88179_178a: improve reset check (git-fixes). - net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes). - net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes). - nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). - nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes). - nvme: find numa distance only if controller has valid numa id (git-fixes). - nvmet-passthru: propagate status from id override functions (git-fixes). - ocfs2: adjust enabling place for la window (bsc#1219224). - ocfs2: fix sparse warnings (bsc#1219224). - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). - ocfs2: speed up chain-list searching (bsc#1219224). - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes). - pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes). - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes). - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes). - pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes). - pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes). - random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). - regulator: bd71815: fix ramp values (git-fixes). - regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes). - regulator: irq_helpers: duplicate IRQ name (stable-fixes). - regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes). - rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. - rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. - rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. - rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them. - sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). - scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570). - smb: client: ensure to try all targets when finding nested links (bsc#1224020). - smb: client: guarantee refcounted children from parent session (bsc#1224679). - soundwire: cadence: fix invalid PDI offset (stable-fixes). - spi: stm32: Do not warn about spurious interrupts (git-fixes). - supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) - supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional. - supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems. - tty: mcf: MCF54418 has 10 UARTS (git-fixes). - usb-storage: alauda: Check whether the media is initialized (git-fixes). - usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes). - usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes). - usb: fotg210-hcd: delete an incorrect bounds test (git-fixes). - usb: gadget: printer: fix races against disable (git-fixes). - usb: musb: da8xx: fix a resource leak in probe() (git-fixes). - usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes). - usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes). - usb: typec: ucsi: Ack also failed Get Error commands (git-fixes). - usb: typec: ucsi: Never send a lone connector change ack (git-fixes). - usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes). - usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes). - usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes). - watchdog: bd9576: Drop 'always-running' property (git-fixes). - watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes). - wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes). - wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes). - wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes). - wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes). - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes). - wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes). - wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes). - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes). - wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes). - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes). - wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes). - wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes). - wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes). - x86/mce: Dynamically size space for machine check records (bsc#1222241). - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). - xfs: make sure sb_fdblocks is non-negative (bsc#1225419). - xhci: Fix failure to detect ring expansion need (git-fixes). - xhci: Fix transfer ring expansion size calculation (git-fixes). - xhci: Handle TD clearing for multiple streams case (git-fixes). - xhci: Simplify event ring dequeue pointer update for port change events (git-fixes). - xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes). - xhci: fix matching completion events with TDs (git-fixes). - xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes). - xhci: restre deleted trb fields for tracing (git-fixes). - xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes). - xhci: simplify event ring dequeue tracking for transfer events (git-fixes). - xhci: update event ring dequeue pointer position to controller correctly (git-fixes). Important SUSE bug 1156395 SUSE bug 1190336 SUSE bug 1191958 SUSE bug 1193883 SUSE bug 1194826 SUSE bug 1195065 SUSE bug 1195254 SUSE bug 1195341 SUSE bug 1195349 SUSE bug 1195775 SUSE bug 1196746 SUSE bug 1197915 SUSE bug 1198014 SUSE bug 1199295 SUSE bug 1202767 SUSE bug 1202780 SUSE bug 1205205 SUSE bug 1207361 SUSE bug 1217912 SUSE bug 1218148 SUSE bug 1218570 SUSE bug 1218820 SUSE bug 1219224 SUSE bug 1219633 SUSE bug 1219847 SUSE bug 1220368 SUSE bug 1220812 SUSE bug 1220958 SUSE bug 1221086 SUSE bug 1221282 SUSE bug 1221958 SUSE bug 1222015 SUSE bug 1222072 SUSE bug 1222080 SUSE bug 1222241 SUSE bug 1222254 SUSE bug 1222364 SUSE bug 1222893 SUSE bug 1223013 SUSE bug 1223018 SUSE bug 1223265 SUSE bug 1223384 SUSE bug 1223641 SUSE bug 1224020 SUSE bug 1224331 SUSE bug 1224488 SUSE bug 1224497 SUSE bug 1224498 SUSE bug 1224504 SUSE bug 1224520 SUSE bug 1224539 SUSE bug 1224540 SUSE bug 1224552 SUSE bug 1224583 SUSE bug 1224588 SUSE bug 1224602 SUSE bug 1224603 SUSE bug 1224605 SUSE bug 1224612 SUSE bug 1224614 SUSE bug 1224619 SUSE bug 1224661 SUSE bug 1224662 SUSE bug 1224670 SUSE bug 1224671 SUSE bug 1224674 SUSE bug 1224677 SUSE bug 1224679 SUSE bug 1224696 SUSE bug 1224703 SUSE bug 1224712 SUSE bug 1224716 SUSE bug 1224719 SUSE bug 1224735 SUSE bug 1224749 SUSE bug 1224764 SUSE bug 1224765 SUSE bug 1224766 SUSE bug 1224935 SUSE bug 1224946 SUSE bug 1224951 SUSE bug 1225050 SUSE bug 1225098 SUSE bug 1225105 SUSE bug 1225300 SUSE bug 1225389 SUSE bug 1225391 SUSE bug 1225419 SUSE bug 1225426 SUSE bug 1225448 SUSE bug 1225452 SUSE bug 1225467 SUSE bug 1225475 SUSE bug 1225484 SUSE bug 1225487 SUSE bug 1225514 SUSE bug 1225518 SUSE bug 1225535 SUSE bug 1225585 SUSE bug 1225602 SUSE bug 1225611 SUSE bug 1225681 SUSE bug 1225692 SUSE bug 1225698 SUSE bug 1225699 SUSE bug 1225704 SUSE bug 1225714 SUSE bug 1225726 SUSE bug 1225732 SUSE bug 1225737 SUSE bug 1225749 SUSE bug 1225758 SUSE bug 1225759 SUSE bug 1225760 SUSE bug 1225767 SUSE bug 1225770 SUSE bug 1225823 SUSE bug 1225834 SUSE bug 1225840 SUSE bug 1225866 SUSE bug 1225872 SUSE bug 1225894 SUSE bug 1226022 SUSE bug 1226131 SUSE bug 1226145 SUSE bug 1226149 SUSE bug 1226155 SUSE bug 1226211 SUSE bug 1226212 SUSE bug 1226226 SUSE bug 1226514 SUSE bug 1226520 SUSE bug 1226537 SUSE bug 1226538 SUSE bug 1226539 SUSE bug 1226550 SUSE bug 1226552 SUSE bug 1226553 SUSE bug 1226554 SUSE bug 1226556 SUSE bug 1226557 SUSE bug 1226558 SUSE bug 1226559 SUSE bug 1226561 SUSE bug 1226562 SUSE bug 1226563 SUSE bug 1226564 SUSE bug 1226566 SUSE bug 1226567 SUSE bug 1226569 SUSE bug 1226572 SUSE bug 1226575 SUSE bug 1226576 SUSE bug 1226577 SUSE bug 1226579 SUSE bug 1226580 SUSE bug 1226581 SUSE bug 1226582 SUSE bug 1226583 SUSE bug 1226585 SUSE bug 1226587 SUSE bug 1226588 SUSE bug 1226593 SUSE bug 1226595 SUSE bug 1226597 SUSE bug 1226601 SUSE bug 1226602 SUSE bug 1226603 SUSE bug 1226607 SUSE bug 1226610 SUSE bug 1226614 SUSE bug 1226616 SUSE bug 1226617 SUSE bug 1226618 SUSE bug 1226619 SUSE bug 1226621 SUSE bug 1226622 SUSE bug 1226624 SUSE bug 1226626 SUSE bug 1226628 SUSE bug 1226629 SUSE bug 1226632 SUSE bug 1226633 SUSE bug 1226634 SUSE bug 1226637 SUSE bug 1226643 SUSE bug 1226644 SUSE bug 1226645 SUSE bug 1226647 SUSE bug 1226650 SUSE bug 1226653 SUSE bug 1226657 SUSE bug 1226658 SUSE bug 1226669 SUSE bug 1226670 SUSE bug 1226672 SUSE bug 1226673 SUSE bug 1226674 SUSE bug 1226675 SUSE bug 1226678 SUSE bug 1226679 SUSE bug 1226683 SUSE bug 1226685 SUSE bug 1226686 SUSE bug 1226690 SUSE bug 1226691 SUSE bug 1226692 SUSE bug 1226693 SUSE bug 1226696 SUSE bug 1226697 SUSE bug 1226698 SUSE bug 1226699 SUSE bug 1226701 SUSE bug 1226702 SUSE bug 1226703 SUSE bug 1226704 SUSE bug 1226705 SUSE bug 1226706 SUSE bug 1226708 SUSE bug 1226709 SUSE bug 1226710 SUSE bug 1226711 SUSE bug 1226712 SUSE bug 1226713 SUSE bug 1226715 SUSE bug 1226716 SUSE bug 1226718 SUSE bug 1226719 SUSE bug 1226720 SUSE bug 1226721 SUSE bug 1226730 SUSE bug 1226732 SUSE bug 1226734 SUSE bug 1226735 SUSE bug 1226737 SUSE bug 1226738 SUSE bug 1226739 SUSE bug 1226740 SUSE bug 1226744 SUSE bug 1226746 SUSE bug 1226747 SUSE bug 1226749 SUSE bug 1226754 SUSE bug 1226762 SUSE bug 1226764 SUSE bug 1226767 SUSE bug 1226768 SUSE bug 1226769 SUSE bug 1226771 SUSE bug 1226774 SUSE bug 1226777 SUSE bug 1226780 SUSE bug 1226781 SUSE bug 1226785 SUSE bug 1226786 SUSE bug 1226789 SUSE bug 1226791 SUSE bug 1226839 SUSE bug 1226840 SUSE bug 1226841 SUSE bug 1226842 SUSE bug 1226848 SUSE bug 1226852 SUSE bug 1226857 SUSE bug 1226861 SUSE bug 1226863 SUSE bug 1226864 SUSE bug 1226867 SUSE bug 1226868 SUSE bug 1226876 SUSE bug 1226878 SUSE bug 1226883 SUSE bug 1226886 SUSE bug 1226890 SUSE bug 1226891 SUSE bug 1226895 SUSE bug 1226908 SUSE bug 1226915 SUSE bug 1226928 SUSE bug 1226948 SUSE bug 1226949 SUSE bug 1226950 SUSE bug 1226953 SUSE bug 1226962 SUSE bug 1226976 SUSE bug 1226992 SUSE bug 1226994 SUSE bug 1226996 SUSE bug 1227066 SUSE bug 1227096 SUSE bug 1227101 SUSE bug 1227103 SUSE bug 1227274 CVE-2021-4439 at SUSE CVE-2021-4439 at NVD CVE-2021-47089 at SUSE CVE-2021-47089 at NVD CVE-2021-47432 at SUSE CVE-2021-47432 at NVD CVE-2021-47515 at SUSE CVE-2021-47515 at NVD CVE-2021-47534 at SUSE CVE-2021-47534 at NVD CVE-2021-47538 at SUSE CVE-2021-47538 at NVD CVE-2021-47539 at SUSE CVE-2021-47539 at NVD CVE-2021-47555 at SUSE CVE-2021-47555 at NVD CVE-2021-47566 at SUSE CVE-2021-47566 at NVD CVE-2021-47571 at SUSE CVE-2021-47571 at NVD CVE-2021-47572 at SUSE CVE-2021-47572 at NVD CVE-2021-47576 at SUSE CVE-2021-47576 at NVD CVE-2021-47577 at SUSE CVE-2021-47577 at NVD CVE-2021-47578 at SUSE CVE-2021-47578 at NVD CVE-2021-47580 at SUSE CVE-2021-47580 at NVD CVE-2021-47582 at SUSE CVE-2021-47582 at NVD CVE-2021-47583 at SUSE CVE-2021-47583 at NVD CVE-2021-47584 at SUSE CVE-2021-47584 at NVD CVE-2021-47585 at SUSE CVE-2021-47585 at NVD CVE-2021-47586 at SUSE CVE-2021-47586 at NVD CVE-2021-47587 at SUSE CVE-2021-47587 at NVD CVE-2021-47589 at SUSE CVE-2021-47589 at NVD CVE-2021-47592 at SUSE CVE-2021-47592 at NVD CVE-2021-47595 at SUSE CVE-2021-47595 at NVD CVE-2021-47596 at SUSE CVE-2021-47596 at NVD CVE-2021-47597 at SUSE CVE-2021-47597 at NVD CVE-2021-47600 at SUSE CVE-2021-47600 at NVD CVE-2021-47601 at SUSE CVE-2021-47601 at NVD CVE-2021-47602 at SUSE CVE-2021-47602 at NVD CVE-2021-47603 at SUSE CVE-2021-47603 at NVD CVE-2021-47604 at SUSE CVE-2021-47604 at NVD CVE-2021-47605 at SUSE CVE-2021-47605 at NVD CVE-2021-47607 at SUSE CVE-2021-47607 at NVD CVE-2021-47608 at SUSE CVE-2021-47608 at NVD CVE-2021-47609 at SUSE CVE-2021-47609 at NVD CVE-2021-47610 at SUSE CVE-2021-47610 at NVD CVE-2021-47611 at SUSE CVE-2021-47611 at NVD CVE-2021-47612 at SUSE CVE-2021-47612 at NVD CVE-2021-47614 at SUSE CVE-2021-47614 at NVD CVE-2021-47615 at SUSE CVE-2021-47615 at NVD CVE-2021-47616 at SUSE CVE-2021-47616 at NVD CVE-2021-47617 at SUSE CVE-2021-47617 at NVD CVE-2021-47618 at SUSE CVE-2021-47618 at NVD CVE-2021-47619 at SUSE CVE-2021-47619 at NVD CVE-2021-47620 at SUSE CVE-2021-47620 at NVD CVE-2022-48711 at SUSE CVE-2022-48711 at NVD CVE-2022-48712 at SUSE CVE-2022-48712 at NVD CVE-2022-48713 at SUSE CVE-2022-48713 at NVD CVE-2022-48714 at SUSE CVE-2022-48714 at NVD CVE-2022-48715 at SUSE CVE-2022-48715 at NVD CVE-2022-48716 at SUSE CVE-2022-48716 at NVD CVE-2022-48717 at SUSE CVE-2022-48717 at NVD CVE-2022-48718 at SUSE CVE-2022-48718 at NVD CVE-2022-48720 at SUSE CVE-2022-48720 at NVD CVE-2022-48721 at SUSE CVE-2022-48721 at NVD CVE-2022-48722 at SUSE CVE-2022-48722 at NVD CVE-2022-48723 at SUSE CVE-2022-48723 at NVD CVE-2022-48724 at SUSE CVE-2022-48724 at NVD CVE-2022-48725 at SUSE CVE-2022-48725 at NVD CVE-2022-48726 at SUSE CVE-2022-48726 at NVD CVE-2022-48727 at SUSE CVE-2022-48727 at NVD CVE-2022-48728 at SUSE CVE-2022-48728 at NVD CVE-2022-48729 at SUSE CVE-2022-48729 at NVD CVE-2022-48730 at SUSE CVE-2022-48730 at NVD CVE-2022-48732 at SUSE CVE-2022-48732 at NVD CVE-2022-48733 at SUSE CVE-2022-48733 at NVD CVE-2022-48734 at SUSE CVE-2022-48734 at NVD CVE-2022-48735 at SUSE CVE-2022-48735 at NVD CVE-2022-48736 at SUSE CVE-2022-48736 at NVD CVE-2022-48737 at SUSE CVE-2022-48737 at NVD CVE-2022-48738 at SUSE CVE-2022-48738 at NVD CVE-2022-48739 at SUSE CVE-2022-48739 at NVD CVE-2022-48740 at SUSE CVE-2022-48740 at NVD CVE-2022-48743 at SUSE CVE-2022-48743 at NVD CVE-2022-48744 at SUSE CVE-2022-48744 at NVD CVE-2022-48745 at SUSE CVE-2022-48745 at NVD CVE-2022-48746 at SUSE CVE-2022-48746 at NVD CVE-2022-48747 at SUSE CVE-2022-48747 at NVD CVE-2022-48748 at SUSE CVE-2022-48748 at NVD CVE-2022-48749 at SUSE CVE-2022-48749 at NVD CVE-2022-48751 at SUSE CVE-2022-48751 at NVD CVE-2022-48752 at SUSE CVE-2022-48752 at NVD CVE-2022-48753 at SUSE CVE-2022-48753 at NVD CVE-2022-48754 at SUSE CVE-2022-48754 at NVD CVE-2022-48755 at SUSE CVE-2022-48755 at NVD CVE-2022-48756 at SUSE CVE-2022-48756 at NVD CVE-2022-48758 at SUSE CVE-2022-48758 at NVD CVE-2022-48759 at SUSE CVE-2022-48759 at NVD CVE-2022-48760 at SUSE CVE-2022-48760 at NVD CVE-2022-48761 at SUSE CVE-2022-48761 at NVD CVE-2022-48763 at SUSE CVE-2022-48763 at NVD CVE-2022-48765 at SUSE CVE-2022-48765 at NVD CVE-2022-48766 at SUSE CVE-2022-48766 at NVD CVE-2022-48767 at SUSE CVE-2022-48767 at NVD CVE-2022-48768 at SUSE CVE-2022-48768 at NVD CVE-2022-48769 at SUSE CVE-2022-48769 at NVD CVE-2022-48770 at SUSE CVE-2022-48770 at NVD CVE-2022-48771 at SUSE CVE-2022-48771 at NVD CVE-2022-48772 at SUSE CVE-2022-48772 at NVD CVE-2023-24023 at SUSE CVE-2023-24023 at NVD CVE-2023-52622 at SUSE CVE-2023-52622 at NVD CVE-2023-52658 at SUSE CVE-2023-52658 at NVD CVE-2023-52667 at SUSE CVE-2023-52667 at NVD CVE-2023-52670 at SUSE CVE-2023-52670 at NVD CVE-2023-52672 at SUSE CVE-2023-52672 at NVD CVE-2023-52675 at SUSE CVE-2023-52675 at NVD CVE-2023-52735 at SUSE CVE-2023-52735 at NVD CVE-2023-52737 at SUSE CVE-2023-52737 at NVD CVE-2023-52752 at SUSE CVE-2023-52752 at NVD CVE-2023-52766 at SUSE CVE-2023-52766 at NVD CVE-2023-52784 at SUSE CVE-2023-52784 at NVD CVE-2023-52787 at SUSE CVE-2023-52787 at NVD CVE-2023-52800 at SUSE CVE-2023-52800 at NVD CVE-2023-52835 at SUSE CVE-2023-52835 at NVD CVE-2023-52837 at SUSE CVE-2023-52837 at NVD CVE-2023-52843 at SUSE CVE-2023-52843 at NVD CVE-2023-52845 at SUSE CVE-2023-52845 at NVD CVE-2023-52846 at SUSE CVE-2023-52846 at NVD CVE-2023-52869 at SUSE CVE-2023-52869 at NVD CVE-2023-52881 at SUSE CVE-2023-52881 at NVD CVE-2023-52882 at SUSE CVE-2023-52882 at NVD CVE-2023-52884 at SUSE CVE-2023-52884 at NVD CVE-2024-26625 at SUSE CVE-2024-26625 at NVD CVE-2024-26644 at SUSE CVE-2024-26644 at NVD CVE-2024-26720 at SUSE CVE-2024-26720 at NVD CVE-2024-26842 at SUSE CVE-2024-26842 at NVD CVE-2024-26845 at SUSE CVE-2024-26845 at NVD CVE-2024-26923 at SUSE CVE-2024-26923 at NVD CVE-2024-26973 at SUSE CVE-2024-26973 at NVD CVE-2024-27432 at SUSE CVE-2024-27432 at NVD CVE-2024-33619 at SUSE CVE-2024-33619 at NVD CVE-2024-35247 at SUSE CVE-2024-35247 at NVD CVE-2024-35789 at SUSE CVE-2024-35789 at NVD CVE-2024-35790 at SUSE CVE-2024-35790 at NVD CVE-2024-35807 at SUSE CVE-2024-35807 at NVD CVE-2024-35814 at SUSE CVE-2024-35814 at NVD CVE-2024-35835 at SUSE CVE-2024-35835 at NVD CVE-2024-35848 at SUSE CVE-2024-35848 at NVD CVE-2024-35857 at SUSE CVE-2024-35857 at NVD CVE-2024-35861 at SUSE CVE-2024-35861 at NVD CVE-2024-35862 at SUSE CVE-2024-35862 at NVD CVE-2024-35864 at SUSE CVE-2024-35864 at NVD CVE-2024-35869 at SUSE CVE-2024-35869 at NVD CVE-2024-35878 at SUSE CVE-2024-35878 at NVD CVE-2024-35884 at SUSE CVE-2024-35884 at NVD CVE-2024-35886 at SUSE CVE-2024-35886 at NVD CVE-2024-35896 at SUSE CVE-2024-35896 at NVD CVE-2024-35898 at SUSE CVE-2024-35898 at NVD CVE-2024-35900 at SUSE CVE-2024-35900 at NVD CVE-2024-35905 at SUSE CVE-2024-35905 at NVD CVE-2024-35925 at SUSE CVE-2024-35925 at NVD CVE-2024-35950 at SUSE CVE-2024-35950 at NVD CVE-2024-35956 at SUSE CVE-2024-35956 at NVD CVE-2024-35958 at SUSE CVE-2024-35958 at NVD CVE-2024-35960 at SUSE CVE-2024-35960 at NVD CVE-2024-35962 at SUSE CVE-2024-35962 at NVD CVE-2024-35997 at SUSE CVE-2024-35997 at NVD CVE-2024-36005 at SUSE CVE-2024-36005 at NVD CVE-2024-36008 at SUSE CVE-2024-36008 at NVD CVE-2024-36017 at SUSE CVE-2024-36017 at NVD CVE-2024-36020 at SUSE CVE-2024-36020 at NVD CVE-2024-36021 at SUSE CVE-2024-36021 at NVD CVE-2024-36025 at SUSE CVE-2024-36025 at NVD CVE-2024-36477 at SUSE CVE-2024-36477 at NVD CVE-2024-36478 at SUSE CVE-2024-36478 at NVD CVE-2024-36479 at SUSE CVE-2024-36479 at NVD CVE-2024-36890 at SUSE CVE-2024-36890 at NVD CVE-2024-36894 at SUSE CVE-2024-36894 at NVD CVE-2024-36899 at SUSE CVE-2024-36899 at NVD CVE-2024-36900 at SUSE CVE-2024-36900 at NVD CVE-2024-36904 at SUSE CVE-2024-36904 at NVD CVE-2024-36915 at SUSE CVE-2024-36915 at NVD CVE-2024-36916 at SUSE CVE-2024-36916 at NVD CVE-2024-36917 at SUSE CVE-2024-36917 at NVD CVE-2024-36919 at SUSE CVE-2024-36919 at NVD CVE-2024-36934 at SUSE CVE-2024-36934 at NVD CVE-2024-36937 at SUSE CVE-2024-36937 at NVD CVE-2024-36940 at SUSE CVE-2024-36940 at NVD CVE-2024-36945 at SUSE CVE-2024-36945 at NVD CVE-2024-36949 at SUSE CVE-2024-36949 at NVD CVE-2024-36960 at SUSE CVE-2024-36960 at NVD CVE-2024-36964 at SUSE CVE-2024-36964 at NVD CVE-2024-36965 at SUSE CVE-2024-36965 at NVD CVE-2024-36967 at SUSE CVE-2024-36967 at NVD CVE-2024-36969 at SUSE CVE-2024-36969 at NVD CVE-2024-36971 at SUSE CVE-2024-36971 at NVD CVE-2024-36975 at SUSE CVE-2024-36975 at NVD CVE-2024-36978 at SUSE CVE-2024-36978 at NVD CVE-2024-37021 at SUSE CVE-2024-37021 at NVD CVE-2024-37078 at SUSE CVE-2024-37078 at NVD CVE-2024-37354 at SUSE CVE-2024-37354 at NVD CVE-2024-38381 at SUSE CVE-2024-38381 at NVD CVE-2024-38388 at SUSE CVE-2024-38388 at NVD CVE-2024-38390 at SUSE CVE-2024-38390 at NVD CVE-2024-38540 at SUSE CVE-2024-38540 at NVD CVE-2024-38541 at SUSE CVE-2024-38541 at NVD CVE-2024-38544 at SUSE CVE-2024-38544 at NVD CVE-2024-38545 at SUSE CVE-2024-38545 at NVD CVE-2024-38546 at SUSE CVE-2024-38546 at NVD CVE-2024-38547 at SUSE CVE-2024-38547 at NVD CVE-2024-38548 at SUSE CVE-2024-38548 at NVD CVE-2024-38549 at SUSE CVE-2024-38549 at NVD CVE-2024-38550 at SUSE CVE-2024-38550 at NVD CVE-2024-38552 at SUSE CVE-2024-38552 at NVD CVE-2024-38553 at SUSE CVE-2024-38553 at NVD CVE-2024-38555 at SUSE CVE-2024-38555 at NVD CVE-2024-38556 at SUSE CVE-2024-38556 at NVD CVE-2024-38557 at SUSE CVE-2024-38557 at NVD CVE-2024-38559 at SUSE CVE-2024-38559 at NVD CVE-2024-38560 at SUSE CVE-2024-38560 at NVD CVE-2024-38564 at SUSE CVE-2024-38564 at NVD CVE-2024-38565 at SUSE CVE-2024-38565 at NVD CVE-2024-38567 at SUSE CVE-2024-38567 at NVD CVE-2024-38568 at SUSE CVE-2024-38568 at NVD CVE-2024-38571 at SUSE CVE-2024-38571 at NVD CVE-2024-38573 at SUSE CVE-2024-38573 at NVD CVE-2024-38578 at SUSE CVE-2024-38578 at NVD CVE-2024-38579 at SUSE CVE-2024-38579 at NVD CVE-2024-38580 at SUSE CVE-2024-38580 at NVD CVE-2024-38581 at SUSE CVE-2024-38581 at NVD CVE-2024-38582 at SUSE CVE-2024-38582 at NVD CVE-2024-38583 at SUSE CVE-2024-38583 at NVD CVE-2024-38587 at SUSE CVE-2024-38587 at NVD CVE-2024-38590 at SUSE CVE-2024-38590 at NVD CVE-2024-38591 at SUSE CVE-2024-38591 at NVD CVE-2024-38594 at SUSE CVE-2024-38594 at NVD CVE-2024-38597 at SUSE CVE-2024-38597 at NVD CVE-2024-38599 at SUSE CVE-2024-38599 at NVD CVE-2024-38600 at SUSE CVE-2024-38600 at NVD CVE-2024-38601 at SUSE CVE-2024-38601 at NVD CVE-2024-38603 at SUSE CVE-2024-38603 at NVD CVE-2024-38605 at SUSE CVE-2024-38605 at NVD CVE-2024-38608 at SUSE CVE-2024-38608 at NVD CVE-2024-38616 at SUSE CVE-2024-38616 at NVD CVE-2024-38618 at SUSE CVE-2024-38618 at NVD CVE-2024-38619 at SUSE CVE-2024-38619 at NVD CVE-2024-38621 at SUSE CVE-2024-38621 at NVD CVE-2024-38627 at SUSE CVE-2024-38627 at NVD CVE-2024-38630 at SUSE CVE-2024-38630 at NVD CVE-2024-38633 at SUSE CVE-2024-38633 at NVD CVE-2024-38634 at SUSE CVE-2024-38634 at NVD CVE-2024-38635 at SUSE CVE-2024-38635 at NVD CVE-2024-38659 at SUSE CVE-2024-38659 at NVD CVE-2024-38661 at SUSE CVE-2024-38661 at NVD CVE-2024-38780 at SUSE CVE-2024-38780 at NVD CVE-2024-39301 at SUSE CVE-2024-39301 at NVD CVE-2024-39468 at SUSE CVE-2024-39468 at NVD CVE-2024-39469 at SUSE CVE-2024-39469 at NVD CVE-2024-39471 at SUSE CVE-2024-39471 at NVD cpe:/o:suse:sle-micro:5.5 Security update for oniguruma (Moderate) SUSE Linux Enterprise Micro 5.5 This update for oniguruma fixes the following issues: - CVE-2019-13225: Fixed null-pointer dereference in match_at() in regexec.c (bsc#1141157). Moderate SUSE bug 1141157 CVE-2019-13225 at SUSE CVE-2019-13225 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cni (Important) SUSE Linux Enterprise Micro 5.5 This update of cni fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). Important SUSE bug 1212475 SUSE bug 1216006 cpe:/o:suse:sle-micro:5.5 Security update for cni-plugins (Important) SUSE Linux Enterprise Micro 5.5 This update of cni-plugins fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). Important SUSE bug 1212475 SUSE bug 1216006 cpe:/o:suse:sle-micro:5.5 Security update for libeconf (Important) SUSE Linux Enterprise Micro 5.5 This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econf_writeFile' function (bsc#1211078). - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'read_file' function. (bsc#1211078) Important SUSE bug 1211078 CVE-2023-22652 at SUSE CVE-2023-22652 at NVD CVE-2023-30078 at SUSE CVE-2023-30078 at NVD CVE-2023-30079 at SUSE CVE-2023-30079 at NVD CVE-2023-32181 at SUSE CVE-2023-32181 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sqlite3 (Important) SUSE Linux Enterprise Micro 5.5 This update for sqlite3 fixes the following issues: - CVE-2023-2137: Fixed heap buffer overflow (bsc#1210660). Important SUSE bug 1210660 CVE-2023-2137 at SUSE CVE-2023-2137 at NVD cpe:/o:suse:sle-micro:5.5 Security update for zlib (Moderate) SUSE Linux Enterprise Micro 5.5 This update for zlib fixes the following issues: - CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent (bsc#1216378). Moderate SUSE bug 1216378 CVE-2023-45853 at SUSE CVE-2023-45853 at NVD cpe:/o:suse:sle-micro:5.5 Security update for zchunk (Important) SUSE Linux Enterprise Micro 5.5 This update for zchunk fixes the following issues: - CVE-2023-46228: Fixed a handle overflow errors in malformed zchunk files. (bsc#1216268) Important SUSE bug 1216268 CVE-2023-46228 at SUSE CVE-2023-46228 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3-setuptools (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3-setuptools fixes the following issues: - CVE-2022-40897: Fixed Regular Expression Denial of Service (ReDoS) in package_index.py (bsc#1206667). Moderate SUSE bug 1206667 CVE-2022-40897 at SUSE CVE-2022-40897 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libX11 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libX11 fixes the following issues: - CVE-2023-43786: Fixed stack exhaustion from infinite recursion in PutSubImage() (bsc#1215684). - CVE-2023-43787: Fixed integer overflow in XCreateImage() leading to a heap overflow (bsc#1215685). - CVE-2023-43785: Fixed out-of-bounds memory access in _XkbReadKeySyms() (bsc#1215683). Moderate SUSE bug 1215683 SUSE bug 1215684 SUSE bug 1215685 CVE-2023-43785 at SUSE CVE-2023-43785 at NVD CVE-2023-43786 at SUSE CVE-2023-43786 at NVD CVE-2023-43787 at SUSE CVE-2023-43787 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response (bsc#1216377). Moderate SUSE bug 1216377 CVE-2023-45803 at SUSE CVE-2023-45803 at NVD cpe:/o:suse:sle-micro:5.5 Security update for squashfs (Important) SUSE Linux Enterprise Micro 5.5 This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools (bsc#935380) - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination (bsc#1189936) - CVE-2021-41072: Fixed an issue where an attacker might have been able to write a file outside the destination directory via a symlink (bsc#1190531). update to 4.6.1: * Race condition which can cause corruption of the 'fragment table' fixed. This is a regression introduced in August 2022, and it has been seen when tailend packing is used (-tailends option). * Fix build failure when the tools are being built without extended attribute (XATTRs) support. * Fix XATTR error message when an unrecognised prefix is found * Fix incorrect free of pointer when an unrecognised XATTR prefix is found. * Major improvements in extended attribute handling, pseudo file handling, and miscellaneous new options and improvements * Extended attribute handling improved in Mksquashfs and Sqfstar * New Pseudo file xattr definition to add extended attributes to files. * New xattrs-add Action to add extended attributes to files * Extended attribute handling improved in Unsquashfs * Other major improvements * Unsquashfs can now output Pseudo files to standard out. * Mksquashfs can now input Pseudo files from standard in. * Squashfs filesystems can now be converted (different block size compression etc) without unpacking to an intermediate filesystem or mounting, by piping the output of Unsquashfs to Mksquashfs. * Pseudo files are now supported by Sqfstar. * 'Non-anchored' excludes are now supported by Unsquashfs. update to 4.5.1 (bsc#1190531, CVE-2021-41072): * This release adds Manpages for Mksquashfs(1), Unsquashfs(1), Sqfstar(1) and Sqfscat(1). * The -help text output from the utilities has been improved and extended as well (but the Manpages are now more comprehensive). * CVE-2021-41072 which is a writing outside of destination exploit, has been fixed. * The number of hard-links in the filesystem is now also displayed by Mksquashfs in the output summary. * The number of hard-links written by Unsquashfs is now also displayed in the output summary. * Unsquashfs will now write to a pre-existing destination directory, rather than aborting. * Unsquashfs now allows '.' to used as the destination, to extract to the current directory. * The Unsquashfs progress bar now tracks empty files and hardlinks, in addition to data blocks. * -no-hardlinks option has been implemented for Sqfstar. * More sanity checking for 'corrupted' filesystems, including checks for multiply linked directories and directory loops. * Options that may cause filesystems to be unmountable have been moved into a new 'experts' category in the Mksquashfs help text (and Manpage). * Maximum cpiostyle filename limited to PATH_MAX. This prevents attempts to overflow the stack, or cause system calls to fail with a too long pathname. * Don't always use 'max open file limit' when calculating length of queues, as a very large file limit can cause Unsquashfs to abort. Instead use the smaller of max open file limit and cache size. * Fix Mksquashfs silently ignoring Pseudo file definitions when appending. * Don't abort if no XATTR support has been built in, and there's XATTRs in the filesystem. This is a regression introduced in 2019 in Version 4.4. * Fix duplicate check when the last file block is sparse. update to 4.5: * Mksquashfs now supports 'Actions'. * New sqfstar command which will create a Squashfs image from a tar archive. * Tar style handling of source pathnames in Mksquashfs. * Cpio style handling of source pathnames in Mksquashfs. * New option to throttle the amount of CPU and I/O. * Mksquashfs now allows no source directory to be specified. * New Pseudo file 'R' definition which allows a Regular file o be created with data stored within the Pseudo file. * Symbolic links are now followed in extract files * Unsquashfs now supports 'exclude' files. * Max depth traversal option added. * Unsquashfs can now output a 'Pseudo file' representing the input Squashfs filesystem. * New -one-file-system option in Mksquashfs. * New -no-hardlinks option in Mksquashfs. * Exit code in Unsquashfs changed to distinguish between non-fatal errors (exit 2), and fatal errors (exit 1). * Xattr id count added in Unsquashfs '-stat' output. * Unsquashfs 'write outside directory' exploit fixed. * Error handling in Unsquashfs writer thread fixed. * Fix failure to truncate destination if appending aborted. * Prevent Mksquashfs reading the destination file. Important SUSE bug 1189936 SUSE bug 1190531 SUSE bug 935380 CVE-2015-4645 at SUSE CVE-2015-4645 at NVD CVE-2015-4646 at SUSE CVE-2015-4646 at NVD CVE-2021-40153 at SUSE CVE-2021-40153 at NVD CVE-2021-41072 at SUSE CVE-2021-41072 at NVD cpe:/o:suse:sle-micro:5.5 Security update for fdo-client (Moderate) SUSE Linux Enterprise Micro 5.5 This update for fdo-client fixes the following issues: - Removed build key via utils/keys_gen.sh. (bsc#1216293) Moderate SUSE bug 1216293 cpe:/o:suse:sle-micro:5.5 Security update for traceroute (Moderate) SUSE Linux Enterprise Micro 5.5 This update for traceroute fixes the following issues: - CVE-2023-46316: wrapper scripts do not properly parse command lines (bsc#1216591). Moderate SUSE bug 1216591 CVE-2023-46316 at SUSE CVE-2023-46316 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). - CVE-2024-0450: Fixed detecting the vulnerability of 'quoted-overlap' zipbomb (bsc#1221854). - CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) - CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) Important SUSE bug 1219559 SUSE bug 1220664 SUSE bug 1221563 SUSE bug 1221854 SUSE bug 1222075 SUSE bug 1226447 SUSE bug 1226448 CVE-2023-52425 at SUSE CVE-2023-52425 at NVD CVE-2024-0397 at SUSE CVE-2024-0397 at NVD CVE-2024-0450 at SUSE CVE-2024-0450 at NVD CVE-2024-4032 at SUSE CVE-2024-4032 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-46842: Fixed x86 HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984). - CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355). Important SUSE bug 1027519 SUSE bug 1214718 SUSE bug 1221984 SUSE bug 1227355 CVE-2023-46842 at SUSE CVE-2023-46842 at NVD CVE-2024-31143 at SUSE CVE-2024-31143 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-dnspython (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-dnspython fixes the following issues: - CVE-2023-29483: Fixed an issue that allowed remote attackers to interfere with DNS name resolution (bsc#1222693). Moderate SUSE bug 1222693 CVE-2023-29483 at SUSE CVE-2023-29483 at NVD cpe:/o:suse:sle-micro:5.5 Security update for git (Important) SUSE Linux Enterprise Micro 5.5 This update for git fixes the following issues: - CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) Important SUSE bug 1219660 CVE-2024-24577 at SUSE CVE-2024-24577 at NVD cpe:/o:suse:sle-micro:5.5 Security update for shadow (Important) SUSE Linux Enterprise Micro 5.5 This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). Important SUSE bug 916845 CVE-2013-4235 at SUSE CVE-2013-4235 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-46839: Fixed phantom functions assigned to incorrect contexts (XSA-449) (bsc#1218851) - CVE-2023-46840: Fixed VT-d: Failure to quarantine devices in !HVM builds (XSA-450) (bsc#1219080) Moderate SUSE bug 1218851 SUSE bug 1219080 CVE-2023-46839 at SUSE CVE-2023-46839 at NVD CVE-2023-46840 at SUSE CVE-2023-46840 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gtk2 (Important) SUSE Linux Enterprise Micro 5.5 This update for gtk2 fixes the following issues: - CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) Important SUSE bug 1228120 CVE-2024-6655 at SUSE CVE-2024-6655 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gtk3 (Important) SUSE Linux Enterprise Micro 5.5 This update for gtk3 fixes the following issues: - CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) Important SUSE bug 1228120 CVE-2024-6655 at SUSE CVE-2024-6655 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3 fixes the following issues: - CVE-2024-37891: Fixed proxy-authorization request header is not stripped during cross-origin redirects (bsc#1226469) Moderate SUSE bug 1226469 CVE-2024-37891 at SUSE CVE-2024-37891 at NVD cpe:/o:suse:sle-micro:5.5 Security update for orc (Important) SUSE Linux Enterprise Micro 5.5 This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages for certain input files (bsc#1228184) Important SUSE bug 1228184 CVE-2024-40897 at SUSE CVE-2024-40897 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.59.0 * Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.59.0 * Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.58.1 Moderate cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Moderate) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: - Update to version 1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0 - Use predefined configuration files for libvirt - Install psmisc (provides killall for tests) Moderate cpe:/o:suse:sle-micro:5.5 Recommended update for mozilla-nss (Moderate) SUSE Linux Enterprise Micro 5.5 This update for mozilla-nss fixes the following issues: - Fixed startup crash of Firefox when using FIPS-mode (bsc#1223724). - Added 'Provides: nss' so other RPMs that require 'nss' can be installed (jira PED-6358). - FIPS: added safe memsets (bsc#1222811) - FIPS: restrict AES-GCM (bsc#1222830) - FIPS: Updated FIPS approved cipher lists (bsc#1222813, bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118) - FIPS: Updated FIPS self tests (bsc#1222807, bsc#1222828, bsc#1222834) - FIPS: Updated FIPS approved cipher lists (bsc#1222804, bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116) - Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh depends on it and will create a broken, empty config, if sed is missing (bsc#1227918) Update to NSS 3.101.2: * bmo#1905691 - ChaChaXor to return after the function update to NSS 3.101.1: * GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. update to NSS 3.101: * add diagnostic assertions for SFTKObject refcount. * freeing the slot in DeleteCertAndKey if authentication failed * fix formatting issues. * Add Firmaprofesional CA Root-A Web to NSS. * remove invalid acvp fuzz test vectors. * pad short P-384 and P-521 signatures gtests. * remove unused FreeBL ECC code. * pad short P-384 and P-521 signatures. * be less strict about ECDSA private key length. * Integrate HACL* P-521. * Integrate HACL* P-384. * memory leak in create_objects_from_handles. * ensure all input is consumed in a few places in mozilla::pkix * SMIME/CMS and PKCS #12 do not integrate with modern NSS policy * clean up escape handling * Use lib::pkix as default validator instead of the old-one * Need to add high level support for PQ signing. * Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation * SMIME/CMS and PKCS #12 do not integrate with modern NSS policy * Allow for non-full length ecdsa signature when using softoken * Modification of .taskcluster.yml due to mozlint indent defects * Implement support for PBMAC1 in PKCS#12 * disable VLA warnings for fuzz builds. * remove redundant AllocItem implementation. * add PK11_ReadDistrustAfterAttribute. * - Clang-formatting of SEC_GetMgfTypeByOidTag update * Set SEC_ERROR_LIBRARY_FAILURE on self-test failure * sftk_getParameters(): Fix fallback to default variable after error with configfile. * Switch to the mozillareleases/image_builder image - switch from ec_field_GFp to ec_field_plain Update to NSS 3.100: * merge pk11_kyberSlotList into pk11_ecSlotList for faster Xyber operations. * remove ckcapi. * avoid a potential PK11GenericObject memory leak. * Remove incomplete ESDH code. * Decrypt RSA OAEP encrypted messages. * Fix certutil CRLDP URI code. * Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys. * Add ability to encrypt and decrypt CMS messages using ECDH. * Correct Templates for key agreement in smime/cmsasn.c. * Moving the decodedCert allocation to NSS. * Allow developers to speed up repeated local execution of NSS tests that depend on certificates. Update to NSS 3.99: * Removing check for message len in ed25519 (bmo#1325335) * add ed25519 to SECU_ecName2params. (bmo#1884276) * add EdDSA wycheproof tests. (bmo#1325335) * nss/lib layer code for EDDSA. (bmo#1325335) * Adding EdDSA implementation. (bmo#1325335) * Exporting Certificate Compression types (bmo#1881027) * Updating ACVP docker to rust 1.74 (bmo#1880857) * Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335) * Add NSS_CMSRecipient_IsSupported. (bmo#1877730) Update to NSS 3.98: * (CVE-2023-5388) Timing attack against RSA decryption in TLS * Certificate Compression: enabling the check that the compression was advertised * Move Windows workers to nss-1/b-win2022-alpha * Remove Email trust bit from OISTE WISeKey Global Root GC CA * Replace `distutils.spawn.find_executable` with `shutil.which` within `mach` in `nss` * Certificate Compression: Updating nss_bogo_shim to support Certificate compression * TLS Certificate Compression (RFC 8879) Implementation * Add valgrind annotations to freebl kyber operations for constant-time execution tests * Set nssckbi version number to 2.66 * Add Telekom Security roots * Add D-Trust 2022 S/MIME roots * Remove expired Security Communication RootCA1 root * move keys to a slot that supports concatenation in PK11_ConcatSymKeys * remove unmaintained tls-interop tests * bogo: add support for the -ipv6 and -shim-id shim flags * bogo: add support for the -curves shim flag and update Kyber expectations * bogo: adjust expectation for a key usage bit test * mozpkix: add option to ignore invalid subject alternative names * Fix selfserv not stripping `publicname:` from -X value * take ownership of ecckilla shims * add valgrind annotations to freebl/ec.c * PR_INADDR_ANY needs PR_htonl before assignment to inet.ip * Update zlib to 1.3.1 Update to NSS 3.97: * make Xyber768d00 opt-in by policy * add libssl support for xyber768d00 * add PK11_ConcatSymKeys * add Kyber and a PKCS#11 KEM interface to softoken * add a FreeBL API for Kyber * part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff * part 1: add a script for vendoring kyber from pq-crystals repo * Removing the calls to RSA Blind from loader.* * fix worker type for level3 mac tasks * RSA Blind implementation * Remove DSA selftests * read KWP testvectors from JSON * Backed out changeset dcb174139e4f * Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation * Wrap CC shell commands in gyp expansions Update to NSS 3.96.1: * Use pypi dependencies for MacOS worker in ./build_gyp.sh * p7sign: add -a hash and -u certusage (also p7verify cleanups) * add a defensive check for large ssl_DefSend return values * Add dependency to the taskcluster script for Darwin * Upgrade version of the MacOS worker for the CI Update to NSS 3.95: * Bump builtins version number. * Remove Email trust bit from Autoridad de Certificacion Firmaprofesional CIF A62634068 root cert. * Remove 4 DigiCert (Symantec/Verisign) Root Certificates * Remove 3 TrustCor Root Certificates from NSS. * Remove Camerfirma root certificates from NSS. * Remove old Autoridad de Certificacion Firmaprofesional Certificate. * Add four Commscope root certificates to NSS. * Add TrustAsia Global Root CA G3 and G4 root certificates. * Include P-384 and P-521 Scalar Validation from HACL* * Include P-256 Scalar Validation from HACL*. * After the HACL 256 ECC patch, NSS incorrectly encodes 256 ECC without DER wrapping at the softoken level * Add means to provide library parameters to C_Initialize * add OSXSAVE and XCR0 tests to AVX2 detection. * Typo in ssl3_AppendHandshakeNumber * Introducing input check of ssl3_AppendHandshakeNumber * Fix Invalid casts in instance.c Update to NSS 3.94: * Updated code and commit ID for HACL* * update ACVP fuzzed test vector: refuzzed with current NSS * Softoken C_ calls should use system FIPS setting to select NSC_ or FC_ variants * NSS needs a database tool that can dump the low level representation of the database * declare string literals using char in pkixnames_tests.cpp * avoid implicit conversion for ByteString * update rust version for acvp docker * Moving the init function of the mpi_ints before clean-up in ec.c * P-256 ECDH and ECDSA from HACL* * Add ACVP test vectors to the repository * Stop relying on std::basic_string<uint8_t> * Transpose the PPC_ABI check from Makefile to gyp Update to NSS 3.93: * Update zlib in NSS to 1.3. * softoken: iterate hashUpdate calls for long inputs. * regenerate NameConstraints test certificates (bsc#1214980). Update to NSS 3.92: * Set nssckbi version number to 2.62 * Add 4 Atos TrustedRoot Root CA certificates to NSS * Add 4 SSL.com Root CA certificates * Add Sectigo E46 and R46 Root CA certificates * Add LAWtrust Root CA2 (4096) * Remove E-Tugra Certification Authority root * Remove Camerfirma Chambers of Commerce Root. * Remove Hongkong Post Root CA 1 * Remove E-Tugra Global Root CA ECC v3 and RSA v3 * Avoid redefining BYTE_ORDER on hppa Linux Update to NSS 3.91: * Implementation of the HW support check for ADX instruction * Removing the support of Curve25519 * Fix comment about the addition of ticketSupportsEarlyData * Adding args to enable-legacy-db build * dbtests.sh failure in 'certutil dump keys with explicit default trust flags' * Initialize flags in slot structures * Improve the length check of RSA input to avoid heap overflow * Followup Fixes * avoid processing unexpected inputs by checking for m_exptmod base sign * add a limit check on order_k to avoid infinite loop * Update HACL* to commit 5f6051d2 * add SHA3 to cryptohi and softoken * HACL SHA3 * Disabling ASM C25519 for A but X86_64 Update to NSS 3.90.3: * GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. * clean up escape handling. * remove redundant AllocItem implementation. * Disable ASM support for Curve25519. * Disable ASM support for Curve25519 for all but X86_64. Moderate SUSE bug 1214980 SUSE bug 1222804 SUSE bug 1222807 SUSE bug 1222811 SUSE bug 1222813 SUSE bug 1222814 SUSE bug 1222821 SUSE bug 1222822 SUSE bug 1222826 SUSE bug 1222828 SUSE bug 1222830 SUSE bug 1222833 SUSE bug 1222834 SUSE bug 1223724 SUSE bug 1224113 SUSE bug 1224115 SUSE bug 1224116 SUSE bug 1224118 SUSE bug 1227918 CVE-2023-5388 at SUSE CVE-2023-5388 at NVD cpe:/o:suse:sle-micro:5.5 Security update for shadow (Moderate) SUSE Linux Enterprise Micro 5.5 This update for shadow fixes the following issues: - Fixed not copying of skel files (bsc#1228770) Moderate SUSE bug 1228770 CVE-2013-4235 at SUSE CVE-2013-4235 at NVD cpe:/o:suse:sle-micro:5.5 Security update for bind (Important) SUSE Linux Enterprise Micro 5.5 This update for bind fixes the following issues: Update to 9.16.50: - Bug Fixes: * A regression in cache-cleaning code enabled memory use to grow significantly more quickly than before, until the configured max-cache-size limit was reached. This has been fixed. * Using rndc flush inadvertently caused cache cleaning to become less effective. This could ultimately lead to the configured max-cache-size limit being exceeded and has now been fixed. * The logic for cleaning up expired cached DNS records was tweaked to be more aggressive. This change helps with enforcing max-cache-ttl and max-ncache-ttl in a timely manner. * It was possible to trigger a use-after-free assertion when the overmem cache cleaning was initiated. This has been fixed. New Features: * Added RESOLVER.ARPA to the built in empty zones. - Security Fixes: * It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing. This has been addressed by adding a configurable limit to the number of records that can be stored per name and type in a cache or zone database. The default is 100, which can be tuned with the new max-types-per-name option. (CVE-2024-1737, bsc#1228256) * Validating DNS messages signed using the SIG(0) protocol (RFC 2931) could cause excessive CPU load, leading to a denial-of-service condition. Support for SIG(0) message validation was removed from this version of named. (CVE-2024-1975, bsc#1228257) * When looking up the NS records of parent zones as part of looking up DS records, it was possible for named to trigger an assertion failure if serve-stale was enabled. This has been fixed. (CVE-2024-4076, bsc#1228258) Important SUSE bug 1228256 SUSE bug 1228257 SUSE bug 1228258 CVE-2024-1737 at SUSE CVE-2024-1737 at NVD CVE-2024-1975 at SUSE CVE-2024-1975 at NVD CVE-2024-4076 at SUSE CVE-2024-4076 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ca-certificates-mozilla (Important) SUSE Linux Enterprise Micro 5.5 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 Important SUSE bug 1220356 SUSE bug 1227525 cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138) Other fixes: - Build with no-afalgeng (bsc#1226463) Moderate SUSE bug 1226463 SUSE bug 1227138 CVE-2024-5535 at SUSE CVE-2024-5535 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952). - CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010). - CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702). - CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504). - CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505). - CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568). - CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565). - CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570). - CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551). - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574). - CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571) - CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len (bsc#1226555). - CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919). - CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927) - CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936). - CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071) - CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003). - CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138). - CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869) - CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876). - CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489). - CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088). - CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564). - CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581). - CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586). - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). - CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942). - CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647). - CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656). - CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659). - CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654). - CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in (bsc#1222323) - CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326). - CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328). - CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799). - CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021). - CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652). - CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806). - CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813) - CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815) - CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778) - CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836). - CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414). - CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625). - CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743). - CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683). - CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500). - CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604). - CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517). - CVE-2024-35890: gro: fix ownership transfer (bsc#1224516). - CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512) - CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499) - CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641) - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700) - CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register devlink flow (bsc#1224585). - CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572). - CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers (bsc#1224557). - CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548). - CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545) - CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711) - CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719). - CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744). - CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717). - CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745). - CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752). - CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753). - CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757). - CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). - CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815). - CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838). - CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851). - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519). - CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). - CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783). - CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775). - CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750). - CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757). - CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (bsc#1226911). - CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993). - CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990). - CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090). - CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432). - CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447). - CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573) - CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626). - CVE-2024-39493: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620). - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716). - CVE-2024-39497: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722) - CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755). - CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729). - CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730). - CVE-2024-39508: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (bsc#1227732). - CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762). - CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763). - CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783). - CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798). - CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779). - CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786). - CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780). - CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797). - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836). - CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800). - CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849). - CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806). - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) - CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812). - CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884). - CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813). - CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814). - CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886). - CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891). - CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899). - CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910). - CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950). - CVE-2024-40982: ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865). - CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823). - CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829). - CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866). - CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913). - CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862). - CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage (bsc#1228020). - CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247). - CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405). - CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408). - CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409). - CVE-2024-41016: ocfs2: add bounds checking to ocfs2_xattr_find_entry() (bsc#1228410). - CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403). - CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518) - CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520) - CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530). - CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565) - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462). - CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459). - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561). - CVE-2024-41063: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580) - CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599). - CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640). - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644). - CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581). - CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625). - CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655). - CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617) - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328). - CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327). - CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470) - CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672). - CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680). - CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633). - CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591) - CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705) - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743) - CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756). - CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723) - CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869). The following non-security bugs were fixed: - ACPI: EC: Abort address space access upon error (stable-fixes). - ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes). - ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes). - ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-fixes). - ACPI: x86: Force StorageD3Enable on more products (stable-fixes). - ACPI: x86: utils: Add Picasso to the list for forcing StorageD3Enable (stable-fixes). - ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes). - ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes). - ALSA: emux: improve patch ioctl data validation (stable-fixes). - ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes). - ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes). - ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes). - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes). - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes). - ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes). - ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes). - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes). - ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes). - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes). - ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes). - ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes). - ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes). - ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes). - ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes). - arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes) - arm64: dts: hi3798cv200: fix the size of GICR (git-fixes) - arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes) - arm64: dts: microchip: sparx5: fix mdio reg (git-fixes) - arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes) - arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes) - arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes) - arm64/io: add constant-argument check (bsc#1226502 git-fixes) - arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502) - arm64: tegra: Correct Tegra132 I2C alias (git-fixes) - ASoC: amd: Adjust error handling in case of absent codec device (git-fixes). - ASoC: max98088: Check for clk_prepare_enable() error (git-fixes). - ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes). - ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes). - batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes). - blk-cgroup: dropping parent refcount after pd_free_fn() is done (bsc#1224573). - block: do not add partitions if GD_SUPPRESS_PART_SCAN is set (bsc#1227162). - block, loop: support partitions without scanning (bsc#1227162). - Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes). - Bluetooth: btqca: use le32_to_cpu for ver.soc_id (stable-fixes). - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes). - Bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes). - Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes). - Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes). - bnxt_re: Fix imm_data endianness (git-fixes) - bpf: aggressively forget precise markings during state checkpointing (bsc#1225903). - bpf: allow precision tracking for programs with subprogs (bsc#1225903). - bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903). - bpf: clean up visit_insn()'s instruction processing (bsc#1225903). - bpf: correct loop detection for iterators convergence (bsc#1225903). - bpf: encapsulate precision backtracking bookkeeping (bsc#1225903). - bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903). - bpf: exact states comparison for iterator convergence checks (bsc#1225903). - bpf: extract __check_reg_arg() utility function (bsc#1225903). - bpf: extract same_callsites() as utility function (bsc#1225903). - bpf: extract setup_func_entry() utility function (bsc#1225903). - bpf: fix calculation of subseq_idx during precision backtracking (bsc#1225903). - bpf: fix mark_all_scalars_precise use in mark_chain_precision (bsc#1225903). - bpf: Fix memory leaks in __check_func_call (bsc#1225903). - bpf: fix propagate_precision() logic for inner frames (bsc#1225903). - bpf: fix regs_exact() logic in regsafe() to remap IDs correctly (bsc#1225903). - bpf: Fix to preserve reg parent/live fields when copying range info (bsc#1225903). - bpf: generalize MAYBE_NULL vs non-MAYBE_NULL rule (bsc#1225903). - bpf: improve precision backtrack logging (bsc#1225903). - bpf: Improve verifier u32 scalar equality checking (bsc#1225903). - bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903). - bpf: maintain bitmasks across all active frames in __mark_chain_precision (bsc#1225903). - bpf: mark relevant stack slots scratched for register read instructions (bsc#1225903). - bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903). - bpf: perform byte-by-byte comparison only when necessary in regsafe() (bsc#1225903). - bpf: print full verifier states on infinite loop detection (bsc#1225903). - bpf: regsafe() must not skip check_ids() (bsc#1225903). - bpf: reject non-exact register type matches in regsafe() (bsc#1225903). - bpf: Remove unused insn_cnt argument from visit_[func_call_]insn() (bsc#1225903). - bpf: reorganize struct bpf_reg_state fields (bsc#1225903). - bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903). - bpf: states_equal() must build idmap for all function frames (bsc#1225903). - bpf: stop setting precise in current state (bsc#1225903). - bpf: support precision propagation in the presence of subprogs (bsc#1225903). - bpf: take into account liveness when propagating precision (bsc#1225903). - bpf: teach refsafe() to take into account ID remapping (bsc#1225903). - bpf: unconditionally reset backtrack_state masks on global func exit (bsc#1225903). - bpf: use check_ids() for active_lock comparison (bsc#1225903). - bpf: Use scalar ids in mark_chain_precision() (bsc#1225903). - bpf: verify callbacks as if they are called unknown number of times (bsc#1225903). - bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903). - bpf: widening for callback iterators (bsc#1225903). - btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162). - btrfs: harden identification of a stale device (bsc#1227162). - btrfs: match stale devices by dev_t (bsc#1227162). - btrfs: remove the cross file system checks from remap (bsc#1227157). - btrfs: use dev_t to match device in device_matched (bsc#1227162). - btrfs: validate device maj:min during open (bsc#1227162). - bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes). - cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes). - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes). - can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes). - ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418). - cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). - checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes). - crypto: aead,cipher - zeroize key buffer after use (stable-fixes). - crypto: ecdh - explicitly zeroize private_key (stable-fixes). - crypto: ecdsa - Fix the public key format description (git-fixes). - crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes). - csky: ftrace: Drop duplicate implementation of arch_check_ftrace_location() (git-fixes). - decompress_bunzip2: fix rare decompression failure (git-fixes). - devres: Fix devm_krealloc() wasting memory (git-fixes). - devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes). - dma: fix call order in dmam_free_coherent (git-fixes). - docs: crypto: async-tx-api: fix broken code example (git-fixes). - docs: Fix formatting of literal sections in fanotify docs (stable-fixes). - drm/amd/amdgpu: Fix style errors in amdgpu_drv.c & amdgpu_device.c (stable-fixes). - drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes). - drm/amd/display: Check for NULL pointer (stable-fixes). - drm/amd/display: Check index msg_id before read or write (stable-fixes). - drm/amd/display: Check pipe offset before setting vblank (stable-fixes). - drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes). - drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes). - drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes). - drm/amdgpu: avoid using null object of framebuffer (stable-fixes). - drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes). - drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes). - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes). - drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes). - drm/amdgpu: Fix uninitialized variable warnings (stable-fixes). - drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes). - drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes). - drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes). - drm/amd/pm: remove logically dead code for renoir (git-fixes). - drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes). - drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes). - drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes). - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes). - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes). - drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes). - drm/lima: fix shared irq handling on driver remove (stable-fixes). - drm/lima: Mark simple_ondemand governor as softdep (git-fixes). - drm/mediatek: Add OVL compatible name for MT8195 (git-fixes). - drm/meson: fix canvas release in bind function (git-fixes). - drm/mgag200: Bind I2C lifetime to DRM device (git-fixes). - drm/mgag200: Set DDC timeout in milliseconds (git-fixes). - drm/mipi-dsi: Fix mipi_dsi_dcs_write_seq() macro definition format (stable-fixes). - drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes). - drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes). - drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes). - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes). - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes). - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes). - drm/nouveau: prime: fix refcount underflow (git-fixes). - drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes). - drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes). - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes). - drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes). - drm/qxl: Add check for drm_cvt_mode (git-fixes). - drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes). - drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes). - drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes). - drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes). - drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes). - eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes). - exfat: check if cluster num is valid (git-fixes). - exfat: simplify is_valid_cluster() (git-fixes). - filelock: add a new locks_inode_context accessor function (git-fixes). - firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes). - firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes). - firmware: cs_dsp: Return error if block header overflows file (git-fixes). - firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes). - firmware: cs_dsp: Validate payload length before processing block (git-fixes). - firmware: dmi: Stop decoding on broken entry (stable-fixes). - firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes). - firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes). - firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes). - fix build warning - fs: allow cross-vfsmount reflink/dedupe (bsc#1227157). - ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes). - fuse: verify {g,u}id mount options correctly (bsc#1228191). - gpio: mc33880: Convert comma to semicolon (git-fixes). - hfsplus: fix to avoid false alarm of circular locking (git-fixes). - hfsplus: fix uninit-value in copy_name (git-fixes). - HID: Add quirk for Logitech Casa touchpad (stable-fixes). - HID: wacom: Modify pen IDs (git-fixes). - hpet: Support 32-bit userspace (git-fixes). - hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes). - hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes). - hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes). - i2c: mark HostNotify target address as used (git-fixes). - i2c: rcar: bring hardware to known state when probing (git-fixes). - i2c: tegra: Fix failure during probe deferral cleanup (git-fixes) - i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661) - i2c: testunit: avoid re-issued work after read message (git-fixes). - i2c: testunit: correct Kconfig description (git-fixes). - Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes). - Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes). - Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes). - Input: qt1050 - handle CHIP_ID reading error (git-fixes). - Input: silead - Always support 10 fingers (stable-fixes). - intel_th: pci: Add Granite Rapids SOC support (stable-fixes). - intel_th: pci: Add Granite Rapids support (stable-fixes). - intel_th: pci: Add Lunar Lake support (stable-fixes). - intel_th: pci: Add Meteor Lake-S support (stable-fixes). - intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes). - iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes). - ionic: clean interrupt before enabling queue to avoid credit race (git-fixes). - jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes). - jfs: Fix array-index-out-of-bounds in diFree (git-fixes). - jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383). - kABI: bpf: bpf_reg_state reorganization kABI workaround (bsc#1225903). - kABI: bpf: callback fixes kABI workaround (bsc#1225903). - kABI: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903). - kABI: bpf: tmp_str_buf kABI workaround (bsc#1225903). - kABI: rtas: Workaround false positive due to lost definition (bsc#1227487). - kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783) - kabi/severities: Ignore tpm_tis_core_init (bsc#1082555). - kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users. - kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502) - kernel-binary: vdso: Own module_dir - kernel/sched: Remove dl_boosted flag comment (git fixes (sched)). - knfsd: LOOKUP can return an illegal error value (git-fixes). - kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes). - kprobes: Make arch_check_ftrace_location static (git-fixes). - KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes). - KVM: PPC: Book3S HV: Fix 'rm_exit' entry in debugfs timings (bsc#1194869). - KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869). - KVM: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting (bsc#1194869). - KVM: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1194869). - KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST (bsc#1194869). - KVM: PPC: Book3S: Suppress warnings when allocating too big memory slots (bsc#1194869). - KVM: s390: fix LPSWEY handling (bsc#1227635 git-fixes). - KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (git-fixes). - KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes). - KVM: x86: Add IBPB_BRTYPE support (bsc#1228079). - KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes). - KVM: x86: Bail from kvm_recalculate_phys_map() if x2APIC ID is out-of-bounds (git-fixes). - KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-fixes). - KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode (git-fixes). - KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes). - KVM: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-fixes). - KVM: x86: Explicitly track all possibilities for APIC map's logical modes (git-fixes). - KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes). - KVM: x86: Fix KVM_GET_MSRS stack info leak (git-fixes). - KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-fixes). - KVM: x86: Purge 'highest ISR' cache when updating APICv state (git-fixes). - KVM: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes). - KVM: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-fixes). - leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes). - leds: triggers: Flush pending brightness before activating trigger (git-fixes). - leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes). - libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228190). - lib: objagg: Fix general protection fault (git-fixes). - lib: objagg: Fix spelling (git-fixes). - lib: test_objagg: Fix spelling (git-fixes). - lockd: set missing fl_flags field when retrieving args (git-fixes). - lockd: use locks_inode_context helper (git-fixes). - Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582) - media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes). - media: dvbdev: Initialize sbuf (stable-fixes). - media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes). - media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes). - media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes). - media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes). - media: dw2102: Do not translate i2c read into write (stable-fixes). - media: dw2102: fix a potential buffer overflow (git-fixes). - media: imon: Fix race getting ictx->lock (git-fixes). - media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes). - media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes). - media: uvcvideo: Override default flags (git-fixes). - media: venus: fix use after free in vdec_close (git-fixes). - media: venus: flush all buffers in output plane streamoff (git-fixes). - mei: demote client disconnect warning on suspend to debug (stable-fixes). - mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes). - mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes). - net/dcb: check for detached device before executing callbacks (bsc#1215587). - netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180). - netfilter: conntrack: prepare tcp_in_window for ternary return value (bsc#1223180). - netfilter: conntrack: remove pr_debug callsites from tcp tracker (bsc#1223180). - netfilter: conntrack: work around exceeded receive window (bsc#1223180). - netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462). - net: mana: Fix possible double free in error handling path (git-fixes). - net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes). - net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes). - net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes). - nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes). - NFSD: Add an nfsd_file_fsync tracepoint (git-fixes). - NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection (git-fixes). - nfsd: Add errno mapping for EREMOTEIO (git-fixes). - NFSD: Add nfsd_file_lru_dispose_list() helper (git-fixes). - nfsd: add some comments to nfsd_file_do_acquire (git-fixes). - nfsd: allow nfsd_file_get to sanely handle a NULL pointer (git-fixes). - nfsd: allow reaping files still under writeback (git-fixes). - NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create() (git-fixes). - NFSD: Clean up nfsd3_proc_create() (git-fixes). - nfsd: Clean up nfsd_file_put() (git-fixes). - NFSD: Clean up nfsd_open_verified() (git-fixes). - NFSD: Clean up unused code after rhashtable conversion (git-fixes). - NFSD: Convert filecache to rhltable (git-fixes). - NFSD: Convert the filecache to use rhashtable (git-fixes). - NFSD: De-duplicate hash bucket indexing (git-fixes). - nfsd: do not free files unconditionally in __nfsd_file_cache_purge (git-fixes). - nfsd: do not fsync nfsd_files on last close (git-fixes). - nfsd: do not hand out delegation on setuid files being opened for write (git-fixes). - nfsd: do not kill nfsd_files because of lease break error (git-fixes). - nfsd: Do not leave work of closing files to a work queue (bsc#1228140). - nfsd: do not take/put an extra reference when putting a file (git-fixes). - NFSD enforce filehandle check for source file in COPY (git-fixes). - NFSD: Ensure nf_inode is never dereferenced (git-fixes). - nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes). - NFSD: Fix licensing header in filecache.c (git-fixes). - nfsd: fix net-namespace logic in __nfsd_file_cache_purge (git-fixes). - nfsd: fix nfsd_file_unhash_and_dispose (git-fixes). - NFSD: Fix potential use-after-free in nfsd_file_put() (git-fixes). - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes). - NFSD: Fix the filecache LRU shrinker (git-fixes). - nfsd: fix up the filecache laundrette scheduling (git-fixes). - nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint (git-fixes). - NFSD: Flesh out a documenting comment for filecache.c (git-fixes). - NFSD: handle errors better in write_ports_addfd() (git-fixes). - NFSD: Instantiate a struct file when creating a regular NFSv4 file (git-fixes). - NFSD: Leave open files out of the filecache LRU (git-fixes). - nfsd: map EBADF (git-fixes). - NFSD: Move nfsd_file_trace_alloc() tracepoint (git-fixes). - NFSD: nfsd_file_hash_remove can compute hashval (git-fixes). - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries (git-fixes). - NFSD: nfsd_file_put() can sleep (git-fixes). - NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode (git-fixes). - NFSD: No longer record nf_hashval in the trace log (git-fixes). - NFSD: Pass the target nfsd_file to nfsd_commit() (git-fixes). - nfsd: put the export reference in nfsd4_verify_deleg_dentry (git-fixes). - NFSD: Record number of flush calls (git-fixes). - NFSD: Refactor nfsd_create_setattr() (git-fixes). - NFSD: Refactor __nfsd_file_close_inode() (git-fixes). - NFSD: Refactor nfsd_file_gc() (git-fixes). - NFSD: Refactor nfsd_file_lru_scan() (git-fixes). - NFSD: Refactor NFSv3 CREATE (git-fixes). - NFSD: Refactor NFSv4 OPEN(CREATE) (git-fixes). - NFSD: Remove do_nfsd_create() (git-fixes). - NFSD: Remove lockdep assertion from unhash_and_release_locked() (git-fixes). - NFSD: Remove nfsd_file::nf_hashval (git-fixes). - nfsd: remove the pages_flushed statistic from filecache (git-fixes). - nfsd: reorganize filecache.c (git-fixes). - NFSD: Replace the 'init once' mechanism (git-fixes). - NFSD: Report average age of filecache items (git-fixes). - NFSD: Report count of calls to nfsd_file_acquire() (git-fixes). - NFSD: Report count of freed filecache items (git-fixes). - NFSD: Report filecache LRU size (git-fixes). - NFSD: Report the number of items evicted by the LRU walk (git-fixes). - nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes). - nfsd: rework hashtable handling in nfsd_do_file_acquire (git-fixes). - nfsd: rework refcounting in filecache (git-fixes). - NFSD: Separate tracepoints for acquire and create (git-fixes). - NFSD: Set up an rhashtable for the filecache (git-fixes). - nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes). - NFSD: simplify per-net file cache management (git-fixes). - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator (git-fixes). - nfsd: simplify the delayed disposal list code (git-fixes). - NFSD: Trace filecache LRU activity (git-fixes). - NFSD: Trace filecache opens (git-fixes). - NFSD: verify the opened dentry after setting a delegation (git-fixes). - NFSD: WARN when freeing an item still linked via nf_lru (git-fixes). - NFSD: Write verifier might go backwards (git-fixes). - NFSD: Zero counters when the filecache is re-initialized (git-fixes). - NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes). - nfs: fix undefined behavior in nfs_block_bits() (git-fixes). - nfs: keep server info for remounts (git-fixes). - nfs: Leave pages in the pagecache if readpage failed (git-fixes). - NFSv4: Fixup smatch warning for ambiguous return (git-fixes). - NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362) - nilfs2: add missing check for inode numbers on directory entries (git-fixes). - nilfs2: add missing check for inode numbers on directory entries (stable-fixes). - nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes). - nilfs2: convert persistent object allocator to use kmap_local (git-fixes). - nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes). - nilfs2: fix inode number range checks (git-fixes). - nilfs2: fix inode number range checks (stable-fixes). - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes). - nvme-auth: alloc nvme_dhchap_key as single buffer (git-fixes). - nvme-auth: allow mixing of secret and hash lengths (git-fixes). - nvme-auth: use transformed key size to create resp (git-fixes). - nvme: avoid double free special payload (git-fixes). - nvme: fixup comment for nvme RDMA Provider Type (git-fixes). - nvme-multipath: find NUMA path only for online numa-node (git-fixes). - nvme-pci: add missing condition check for existence of mapped data (git-fixes). - nvme-pci: Fix the instructions for disabling power management (git-fixes). - nvmet: always initialize cqe.result (git-fixes). - nvmet-auth: fix nvmet_auth hash error handling (git-fixes). - nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes). - nvme: use ctrl state accessor (bsc#1215492). - ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834). - ocfs2: remove redundant assignment to variable free_space (bsc#1228409). - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). - orangefs: fix out-of-bounds fsid access (git-fixes). - PCI: Add PCI_ERROR_RESPONSE and related definitions (stable-fixes). - PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes). - PCI: Extend ACS configurability (bsc#1228090). - PCI: Fix resource double counting on remove & rescan (git-fixes). - PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes). - PCI: Introduce cleanup helpers for device reference counts and locks (git-fixes). - PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes). - PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes). - PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes). - PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes). - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes). - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes). - PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes). - PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes). - pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes). - pinctrl: freescale: mxs: Fix refcount of child (git-fixes). - pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes). - pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes). - platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes). - platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes). - platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes). - platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes). - platform/x86: lg-laptop: Change ACPI device id (stable-fixes). - platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes). - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes). - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes). - platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes). - powerpc/cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state (bsc#1227121 ltc#207129). - powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869). - powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869). - powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869). - powerpc/rtas: clean up includes (bsc#1227487). - powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). - power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes). - pwm: stm32: Always do lazy disabling (git-fixes). - RDMA/cache: Release GID table even if leak is detected (git-fixes) - RDMA/device: Return error earlier if port in not valid (git-fixes) - RDMA/hns: Check atomic wr length (git-fixes) - RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes) - RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes) - RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes) - RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes) - RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes) - RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes) - RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes) - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes) - RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes). - RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes) - RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes) - RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes) - RDMA/restrack: Fix potential invalid address access (git-fixes) - RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes) - regmap-i2c: Subtract reg size from max_write (stable-fixes). - Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783). - Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783). - Revert 'leds: led-core: Fix refcount leak in of_led_get()' (git-fixes). - Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes). - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes). - rpm/guards: fix precedence issue with control flow operator With perl 5.40 it report the following error on rpm/guards script: Possible precedence issue with control flow operator (exit) at scripts/guards line 208. Fix the issue by adding parenthesis around ternary operator. - rtc: cmos: Fix return value of nvmem callbacks (git-fixes). - rtc: interface: Add RTC offset to alarm after fix-up (git-fixes). - rtc: isl1208: Fix return value of nvmem callbacks (git-fixes). - rtlwifi: rtl8192de: Style clean-ups (stable-fixes). - s390: Implement __iowrite32_copy() (bsc#1226502) - s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502) - saa7134: Unchecked i2c_transfer function result fixed (git-fixes). - sched/fair: Do not balance task to its current running CPU (git fixes (sched)). - sched: Fix stop_one_cpu_nowait() vs hotplug (git fixes (sched)). - scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857). - scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857). - scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857). - scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857). - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857). - scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857). - scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857). - scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857). - scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850). - scsi: qla2xxx: Complete command early within lock (bsc#1228850). - scsi: qla2xxx: Convert comma to semicolon (bsc#1228850). - scsi: qla2xxx: Drop driver owner assignment (bsc#1228850). - scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850). - scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850). - scsi: qla2xxx: Fix flash read failure (bsc#1228850). - scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850). - scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850). - scsi: qla2xxx: Indent help text (bsc#1228850). - scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850). - scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850). - scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850). - scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850). - scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850). - scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850). - scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850). - selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903). - selftests/bpf: add pre bpf_prog_test_run_opts() callback for test_loader (bsc#1225903). - selftests/bpf: add precision propagation tests in the presence of subprogs (bsc#1225903). - selftests/bpf: Add pruning test case for bpf_spin_lock (bsc#1225903). - selftests/bpf: Check if mark_chain_precision() follows scalar ids (bsc#1225903). - selftests/bpf: check if max number of bpf_loop iterations is tracked (bsc#1225903). - selftests/bpf: fix __retval() being always ignored (bsc#1225903). - selftests/bpf: fix unpriv_disabled check in test_verifier (bsc#1225903). - selftests/bpf: __imm_insn & __imm_const macro for bpf_misc.h (bsc#1225903). - selftests/bpf: make test_align selftest more robust (bsc#1225903). - selftests/bpf: populate map_array_ro map for verifier_array_access test (bsc#1225903). - selftests/bpf: prog_tests entry point for migrated test_verifier tests (bsc#1225903). - selftests/bpf: Report program name on parse_test_spec error (bsc#1225903). - selftests/bpf: Support custom per-test flags and multiple expected messages (bsc#1225903). - selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903). - selftests/bpf: test case for relaxed prunning of active_lock.id (bsc#1225903). - selftests/bpf: test cases for regsafe() bug skipping check_id() (bsc#1225903). - selftests/bpf: Tests execution support for test_loader.c (bsc#1225903). - selftests/bpf: tests for iterating callbacks (bsc#1225903). - selftests/bpf: test widening for iterating callbacks (bsc#1225903). - selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903). - selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903). - selftests/bpf: Verify copy_register_state() preserves parent/live fields (bsc#1225903). - selftests/bpf: verify states_equal() maintains idmap across all frames (bsc#1225903). - selftests/bpf: Verify that check_ids() is used for scalars in regsafe() (bsc#1225903). - selftests/sigaltstack: Fix ppc64 GCC build (git-fixes). - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes). - spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes). - spi: mux: set ctlr->bits_per_word_mask (stable-fixes). - string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850). - SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272). - SUNRPC: Fix gss_free_in_token_pages() (git-fixes). - SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes). - sunrpc: fix NFSACL RPC retry on soft mount (git-fixes). - SUNRPC: return proper error from gss_wrap_req_priv (git-fixes). - supported.conf: - tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555). - tpm: Prevent hwrng from activating during resume (bsc#1082555). - tpm_tis: Resend command to recover from data transfer errors (bsc#1082555). - tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555). - tpm, tpm: Implement usage counter for locality (bsc#1082555). - tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555). - tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555). - tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555). - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555). - tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555). - tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555). - tpm, tpm_tis: Only handle supported interrupts (bsc#1082555). - tracing: Build event generation tests only as modules (git-fixes). - tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes). - tracing/osnoise: Add osnoise/options file (bsc#1228330) - tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330) - tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330) - tracing/osnoise: Fix notify new tracing_max_latency (bsc#1228330) - tracing/osnoise: Make osnoise_instances static (bsc#1228330) - tracing/osnoise: Split workload start from the tracer start (bsc#1228330) - tracing/osnoise: Support a list of trace_array *tr (bsc#1228330) - tracing/osnoise: Use built-in RCU list checking (bsc#1228330) - tracing/timerlat: Notify new max thread latency (bsc#1228330) - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes). - usb: cdns3: allocate TX FIFO size according to composite EP number (git-fixes). - usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config (git-fixes). - usb: cdns3: fix iso transfer error when mult is not zero (git-fixes). - usb: cdns3: improve handling of unaligned address case (git-fixes). - usb: cdns3: optimize OUT transfer by copying only actual received data (git-fixes). - usb: cdns3: skip set TRB_IOC when usb_request: no_interrupt is true (git-fixes). - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes). - usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes). - usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-fixes). - usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-fixes). - usb: gadget: call usb_gadget_check_config() to verify UDC capability (git-fixes). - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes). - usb: gadget: printer: SS+ support (stable-fixes). - usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes). - USB: serial: mos7840: fix crash on resume (git-fixes). - USB: serial: option: add Fibocom FM350-GL (stable-fixes). - USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes). - USB: serial: option: add Rolling RW350-GL variants (stable-fixes). - USB: serial: option: add support for Foxconn T99W651 (stable-fixes). - USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes). - USB: serial: option: add Telit generic core-dump composition (stable-fixes). - usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes). - usb: xhci-plat: Do not include xhci.h (git-fixes). - USB: xhci-plat: fix legacy PHY double init (git-fixes). - wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes). - wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes). - wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes). - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes). - wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes). - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes). - wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes). - wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes). - wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes). - wifi: mac80211: disable softirqs for queued frame handling (git-fixes). - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes). - wifi: mac80211: handle tasklet frames before stopping (stable-fixes). - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes). - wifi: mt76: replace skb_put with skb_put_zero (stable-fixes). - wifi: mwifiex: Fix interface type change (git-fixes). - wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes). - wifi: wilc1000: fix ies_len type in connect path (git-fixes). - workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454). - workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454). - x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes). - x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes). - x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes). - x86/bugs: Remove default case for fully switched enums (bsc#1227900). - x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes). - x86/ibt,ftrace: Search for __fentry__ location (git-fixes). - x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes). - x86/mm: Allow guest.enc_status_change_prepare() to fail (git-fixes). - x86/mm: Fix enc_status_change_finish_noop() (git-fixes). - x86/purgatory: Switch to the position-independent small code model (git-fixes). - x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (bsc#1227900). - x86/srso: Remove 'pred_cmd' label (bsc#1227900). - x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502) - x86/tdx: Fix race between set_memory_encrypted() and load_unaligned_zeropad() (git-fixes). - xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228226). - xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes). - xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes). - xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes). Important SUSE bug 1082555 SUSE bug 1193454 SUSE bug 1193554 SUSE bug 1193787 SUSE bug 1194324 SUSE bug 1194869 SUSE bug 1195357 SUSE bug 1195668 SUSE bug 1195927 SUSE bug 1195957 SUSE bug 1196018 SUSE bug 1196823 SUSE bug 1197146 SUSE bug 1197246 SUSE bug 1197762 SUSE bug 1202346 SUSE bug 1202686 SUSE bug 1208783 SUSE bug 1209636 SUSE bug 1213123 SUSE bug 1215492 SUSE bug 1215587 SUSE bug 1216834 SUSE bug 1219832 SUSE bug 1220138 SUSE bug 1220185 SUSE bug 1220186 SUSE bug 1220187 SUSE bug 1220869 SUSE bug 1220876 SUSE bug 1220942 SUSE bug 1220952 SUSE bug 1221010 SUSE bug 1221044 SUSE bug 1221647 SUSE bug 1221654 SUSE bug 1221656 SUSE bug 1221659 SUSE bug 1221777 SUSE bug 1222011 SUSE bug 1222323 SUSE bug 1222326 SUSE bug 1222328 SUSE bug 1222625 SUSE bug 1222702 SUSE bug 1222728 SUSE bug 1222799 SUSE bug 1222809 SUSE bug 1222810 SUSE bug 1223021 SUSE bug 1223180 SUSE bug 1223635 SUSE bug 1223652 SUSE bug 1223675 SUSE bug 1223778 SUSE bug 1223806 SUSE bug 1223813 SUSE bug 1223815 SUSE bug 1223836 SUSE bug 1223863 SUSE bug 1224414 SUSE bug 1224499 SUSE bug 1224500 SUSE bug 1224512 SUSE bug 1224516 SUSE bug 1224517 SUSE bug 1224545 SUSE bug 1224548 SUSE bug 1224557 SUSE bug 1224572 SUSE bug 1224573 SUSE bug 1224585 SUSE bug 1224604 SUSE bug 1224636 SUSE bug 1224641 SUSE bug 1224683 SUSE bug 1224694 SUSE bug 1224700 SUSE bug 1224743 SUSE bug 1225088 SUSE bug 1225272 SUSE bug 1225301 SUSE bug 1225475 SUSE bug 1225489 SUSE bug 1225504 SUSE bug 1225505 SUSE bug 1225564 SUSE bug 1225573 SUSE bug 1225581 SUSE bug 1225586 SUSE bug 1225711 SUSE bug 1225717 SUSE bug 1225719 SUSE bug 1225744 SUSE bug 1225745 SUSE bug 1225746 SUSE bug 1225752 SUSE bug 1225753 SUSE bug 1225757 SUSE bug 1225767 SUSE bug 1225810 SUSE bug 1225815 SUSE bug 1225820 SUSE bug 1225829 SUSE bug 1225835 SUSE bug 1225838 SUSE bug 1225839 SUSE bug 1225843 SUSE bug 1225847 SUSE bug 1225851 SUSE bug 1225856 SUSE bug 1225895 SUSE bug 1225898 SUSE bug 1225903 SUSE bug 1226202 SUSE bug 1226502 SUSE bug 1226519 SUSE bug 1226551 SUSE bug 1226555 SUSE bug 1226565 SUSE bug 1226568 SUSE bug 1226570 SUSE bug 1226571 SUSE bug 1226574 SUSE bug 1226588 SUSE bug 1226607 SUSE bug 1226650 SUSE bug 1226698 SUSE bug 1226713 SUSE bug 1226716 SUSE bug 1226750 SUSE bug 1226757 SUSE bug 1226758 SUSE bug 1226775 SUSE bug 1226783 SUSE bug 1226785 SUSE bug 1226834 SUSE bug 1226837 SUSE bug 1226911 SUSE bug 1226990 SUSE bug 1226993 SUSE bug 1227090 SUSE bug 1227121 SUSE bug 1227157 SUSE bug 1227162 SUSE bug 1227362 SUSE bug 1227383 SUSE bug 1227432 SUSE bug 1227435 SUSE bug 1227447 SUSE bug 1227487 SUSE bug 1227549 SUSE bug 1227573 SUSE bug 1227618 SUSE bug 1227620 SUSE bug 1227626 SUSE bug 1227635 SUSE bug 1227661 SUSE bug 1227716 SUSE bug 1227722 SUSE bug 1227724 SUSE bug 1227725 SUSE bug 1227728 SUSE bug 1227729 SUSE bug 1227730 SUSE bug 1227732 SUSE bug 1227733 SUSE bug 1227750 SUSE bug 1227754 SUSE bug 1227755 SUSE bug 1227760 SUSE bug 1227762 SUSE bug 1227763 SUSE bug 1227764 SUSE bug 1227766 SUSE bug 1227770 SUSE bug 1227771 SUSE bug 1227772 SUSE bug 1227774 SUSE bug 1227779 SUSE bug 1227780 SUSE bug 1227783 SUSE bug 1227786 SUSE bug 1227787 SUSE bug 1227790 SUSE bug 1227792 SUSE bug 1227796 SUSE bug 1227797 SUSE bug 1227798 SUSE bug 1227800 SUSE bug 1227802 SUSE bug 1227806 SUSE bug 1227808 SUSE bug 1227810 SUSE bug 1227812 SUSE bug 1227813 SUSE bug 1227814 SUSE bug 1227816 SUSE bug 1227820 SUSE bug 1227823 SUSE bug 1227824 SUSE bug 1227828 SUSE bug 1227829 SUSE bug 1227836 SUSE bug 1227846 SUSE bug 1227849 SUSE bug 1227851 SUSE bug 1227862 SUSE bug 1227864 SUSE bug 1227865 SUSE bug 1227866 SUSE bug 1227870 SUSE bug 1227884 SUSE bug 1227886 SUSE bug 1227891 SUSE bug 1227893 SUSE bug 1227899 SUSE bug 1227900 SUSE bug 1227910 SUSE bug 1227913 SUSE bug 1227917 SUSE bug 1227919 SUSE bug 1227920 SUSE bug 1227921 SUSE bug 1227922 SUSE bug 1227923 SUSE bug 1227924 SUSE bug 1227925 SUSE bug 1227927 SUSE bug 1227928 SUSE bug 1227931 SUSE bug 1227932 SUSE bug 1227933 SUSE bug 1227935 SUSE bug 1227936 SUSE bug 1227938 SUSE bug 1227941 SUSE bug 1227942 SUSE bug 1227944 SUSE bug 1227945 SUSE bug 1227947 SUSE bug 1227948 SUSE bug 1227949 SUSE bug 1227950 SUSE bug 1227952 SUSE bug 1227953 SUSE bug 1227954 SUSE bug 1227956 SUSE bug 1227957 SUSE bug 1227963 SUSE bug 1227964 SUSE bug 1227965 SUSE bug 1227968 SUSE bug 1227969 SUSE bug 1227970 SUSE bug 1227971 SUSE bug 1227972 SUSE bug 1227975 SUSE bug 1227976 SUSE bug 1227981 SUSE bug 1227982 SUSE bug 1227985 SUSE bug 1227986 SUSE bug 1227987 SUSE bug 1227988 SUSE bug 1227989 SUSE bug 1227990 SUSE bug 1227991 SUSE bug 1227992 SUSE bug 1227993 SUSE bug 1227995 SUSE bug 1227996 SUSE bug 1227997 SUSE bug 1228000 SUSE bug 1228002 SUSE bug 1228003 SUSE bug 1228004 SUSE bug 1228005 SUSE bug 1228006 SUSE bug 1228007 SUSE bug 1228008 SUSE bug 1228009 SUSE bug 1228010 SUSE bug 1228011 SUSE bug 1228013 SUSE bug 1228014 SUSE bug 1228015 SUSE bug 1228019 SUSE bug 1228020 SUSE bug 1228025 SUSE bug 1228028 SUSE bug 1228035 SUSE bug 1228037 SUSE bug 1228038 SUSE bug 1228039 SUSE bug 1228040 SUSE bug 1228045 SUSE bug 1228054 SUSE bug 1228055 SUSE bug 1228056 SUSE bug 1228060 SUSE bug 1228061 SUSE bug 1228062 SUSE bug 1228063 SUSE bug 1228064 SUSE bug 1228066 SUSE bug 1228067 SUSE bug 1228068 SUSE bug 1228071 SUSE bug 1228079 SUSE bug 1228090 SUSE bug 1228114 SUSE bug 1228140 SUSE bug 1228190 SUSE bug 1228191 SUSE bug 1228195 SUSE bug 1228202 SUSE bug 1228226 SUSE bug 1228235 SUSE bug 1228237 SUSE bug 1228247 SUSE bug 1228327 SUSE bug 1228328 SUSE bug 1228330 SUSE bug 1228403 SUSE bug 1228405 SUSE bug 1228408 SUSE bug 1228409 SUSE bug 1228410 SUSE bug 1228418 SUSE bug 1228440 SUSE bug 1228459 SUSE bug 1228462 SUSE bug 1228470 SUSE bug 1228518 SUSE bug 1228520 SUSE bug 1228530 SUSE bug 1228561 SUSE bug 1228565 SUSE bug 1228580 SUSE bug 1228581 SUSE bug 1228591 SUSE bug 1228599 SUSE bug 1228617 SUSE bug 1228625 SUSE bug 1228626 SUSE bug 1228633 SUSE bug 1228640 SUSE bug 1228644 SUSE bug 1228649 SUSE bug 1228655 SUSE bug 1228665 SUSE bug 1228672 SUSE bug 1228680 SUSE bug 1228705 SUSE bug 1228723 SUSE bug 1228743 SUSE bug 1228756 SUSE bug 1228801 SUSE bug 1228850 SUSE bug 1228857 CVE-2021-47086 at SUSE CVE-2021-47086 at NVD CVE-2021-47103 at SUSE CVE-2021-47103 at NVD CVE-2021-47186 at SUSE CVE-2021-47186 at NVD CVE-2021-47402 at SUSE CVE-2021-47402 at NVD CVE-2021-47546 at SUSE CVE-2021-47546 at NVD CVE-2021-47547 at SUSE CVE-2021-47547 at NVD CVE-2021-47588 at SUSE CVE-2021-47588 at NVD CVE-2021-47590 at SUSE CVE-2021-47590 at NVD CVE-2021-47591 at SUSE CVE-2021-47591 at NVD CVE-2021-47593 at SUSE CVE-2021-47593 at NVD CVE-2021-47598 at SUSE CVE-2021-47598 at NVD CVE-2021-47599 at SUSE CVE-2021-47599 at NVD CVE-2021-47606 at SUSE CVE-2021-47606 at NVD CVE-2021-47622 at SUSE CVE-2021-47622 at NVD CVE-2021-47623 at SUSE CVE-2021-47623 at NVD CVE-2021-47624 at SUSE CVE-2021-47624 at NVD CVE-2022-48713 at SUSE CVE-2022-48713 at NVD CVE-2022-48730 at SUSE CVE-2022-48730 at NVD CVE-2022-48732 at SUSE CVE-2022-48732 at NVD CVE-2022-48749 at SUSE CVE-2022-48749 at NVD CVE-2022-48756 at SUSE CVE-2022-48756 at NVD CVE-2022-48773 at SUSE CVE-2022-48773 at NVD CVE-2022-48774 at SUSE CVE-2022-48774 at NVD CVE-2022-48775 at SUSE CVE-2022-48775 at NVD CVE-2022-48776 at SUSE CVE-2022-48776 at NVD CVE-2022-48777 at SUSE CVE-2022-48777 at NVD CVE-2022-48778 at SUSE CVE-2022-48778 at NVD CVE-2022-48780 at SUSE CVE-2022-48780 at NVD CVE-2022-48783 at SUSE CVE-2022-48783 at NVD CVE-2022-48784 at SUSE CVE-2022-48784 at NVD CVE-2022-48785 at SUSE CVE-2022-48785 at NVD CVE-2022-48786 at SUSE CVE-2022-48786 at NVD CVE-2022-48787 at SUSE CVE-2022-48787 at NVD CVE-2022-48788 at SUSE CVE-2022-48788 at NVD CVE-2022-48789 at SUSE CVE-2022-48789 at NVD CVE-2022-48790 at SUSE CVE-2022-48790 at NVD CVE-2022-48791 at SUSE CVE-2022-48791 at NVD CVE-2022-48792 at SUSE CVE-2022-48792 at NVD CVE-2022-48793 at SUSE CVE-2022-48793 at NVD CVE-2022-48794 at SUSE CVE-2022-48794 at NVD CVE-2022-48796 at SUSE CVE-2022-48796 at NVD CVE-2022-48797 at SUSE CVE-2022-48797 at NVD CVE-2022-48798 at SUSE CVE-2022-48798 at NVD CVE-2022-48799 at SUSE CVE-2022-48799 at NVD CVE-2022-48800 at SUSE CVE-2022-48800 at NVD CVE-2022-48801 at SUSE CVE-2022-48801 at NVD CVE-2022-48802 at SUSE CVE-2022-48802 at NVD CVE-2022-48803 at SUSE CVE-2022-48803 at NVD CVE-2022-48804 at SUSE CVE-2022-48804 at NVD CVE-2022-48805 at SUSE CVE-2022-48805 at NVD CVE-2022-48806 at SUSE CVE-2022-48806 at NVD CVE-2022-48807 at SUSE CVE-2022-48807 at NVD CVE-2022-48809 at SUSE CVE-2022-48809 at NVD CVE-2022-48810 at SUSE CVE-2022-48810 at NVD CVE-2022-48811 at SUSE CVE-2022-48811 at NVD CVE-2022-48812 at SUSE CVE-2022-48812 at NVD CVE-2022-48813 at SUSE CVE-2022-48813 at NVD CVE-2022-48814 at SUSE CVE-2022-48814 at NVD CVE-2022-48815 at SUSE CVE-2022-48815 at NVD CVE-2022-48816 at SUSE CVE-2022-48816 at NVD CVE-2022-48817 at SUSE CVE-2022-48817 at NVD CVE-2022-48818 at SUSE CVE-2022-48818 at NVD CVE-2022-48820 at SUSE CVE-2022-48820 at NVD CVE-2022-48821 at SUSE CVE-2022-48821 at NVD CVE-2022-48822 at SUSE CVE-2022-48822 at NVD CVE-2022-48823 at SUSE CVE-2022-48823 at NVD CVE-2022-48824 at SUSE CVE-2022-48824 at NVD CVE-2022-48825 at SUSE CVE-2022-48825 at NVD CVE-2022-48826 at SUSE CVE-2022-48826 at NVD CVE-2022-48827 at SUSE CVE-2022-48827 at NVD CVE-2022-48828 at SUSE CVE-2022-48828 at NVD CVE-2022-48829 at SUSE CVE-2022-48829 at NVD CVE-2022-48830 at SUSE CVE-2022-48830 at NVD CVE-2022-48831 at SUSE CVE-2022-48831 at NVD CVE-2022-48834 at SUSE CVE-2022-48834 at NVD CVE-2022-48835 at SUSE CVE-2022-48835 at NVD CVE-2022-48836 at SUSE CVE-2022-48836 at NVD CVE-2022-48837 at SUSE CVE-2022-48837 at NVD CVE-2022-48838 at SUSE CVE-2022-48838 at NVD CVE-2022-48839 at SUSE CVE-2022-48839 at NVD CVE-2022-48840 at SUSE CVE-2022-48840 at NVD CVE-2022-48841 at SUSE CVE-2022-48841 at NVD CVE-2022-48842 at SUSE CVE-2022-48842 at NVD CVE-2022-48843 at SUSE CVE-2022-48843 at NVD CVE-2022-48844 at SUSE CVE-2022-48844 at NVD CVE-2022-48846 at SUSE CVE-2022-48846 at NVD CVE-2022-48847 at SUSE CVE-2022-48847 at NVD CVE-2022-48849 at SUSE CVE-2022-48849 at NVD CVE-2022-48850 at SUSE CVE-2022-48850 at NVD CVE-2022-48851 at SUSE CVE-2022-48851 at NVD CVE-2022-48852 at SUSE CVE-2022-48852 at NVD CVE-2022-48853 at SUSE CVE-2022-48853 at NVD CVE-2022-48855 at SUSE CVE-2022-48855 at NVD CVE-2022-48856 at SUSE CVE-2022-48856 at NVD CVE-2022-48857 at SUSE CVE-2022-48857 at NVD CVE-2022-48858 at SUSE CVE-2022-48858 at NVD CVE-2022-48859 at SUSE CVE-2022-48859 at NVD CVE-2022-48860 at SUSE CVE-2022-48860 at NVD CVE-2022-48861 at SUSE CVE-2022-48861 at NVD CVE-2022-48862 at SUSE CVE-2022-48862 at NVD CVE-2022-48863 at SUSE CVE-2022-48863 at NVD CVE-2022-48864 at SUSE CVE-2022-48864 at NVD CVE-2022-48866 at SUSE CVE-2022-48866 at NVD CVE-2023-1582 at SUSE CVE-2023-1582 at NVD CVE-2023-37453 at SUSE CVE-2023-37453 at NVD CVE-2023-52435 at SUSE CVE-2023-52435 at NVD CVE-2023-52573 at SUSE CVE-2023-52573 at NVD CVE-2023-52580 at SUSE CVE-2023-52580 at NVD CVE-2023-52591 at SUSE CVE-2023-52591 at NVD CVE-2023-52735 at SUSE CVE-2023-52735 at NVD CVE-2023-52751 at SUSE CVE-2023-52751 at NVD CVE-2023-52762 at SUSE CVE-2023-52762 at NVD CVE-2023-52775 at SUSE CVE-2023-52775 at NVD CVE-2023-52812 at SUSE CVE-2023-52812 at NVD CVE-2023-52857 at SUSE CVE-2023-52857 at NVD CVE-2023-52863 at SUSE CVE-2023-52863 at NVD CVE-2023-52885 at SUSE CVE-2023-52885 at NVD CVE-2023-52886 at SUSE CVE-2023-52886 at NVD CVE-2024-25741 at SUSE CVE-2024-25741 at NVD CVE-2024-26583 at SUSE CVE-2024-26583 at NVD CVE-2024-26584 at SUSE CVE-2024-26584 at NVD CVE-2024-26585 at SUSE CVE-2024-26585 at NVD CVE-2024-26615 at SUSE CVE-2024-26615 at NVD CVE-2024-26633 at SUSE CVE-2024-26633 at NVD CVE-2024-26635 at SUSE CVE-2024-26635 at NVD CVE-2024-26636 at SUSE CVE-2024-26636 at NVD CVE-2024-26641 at SUSE CVE-2024-26641 at NVD CVE-2024-26661 at SUSE CVE-2024-26661 at NVD CVE-2024-26663 at SUSE CVE-2024-26663 at NVD CVE-2024-26665 at SUSE CVE-2024-26665 at NVD CVE-2024-26800 at SUSE CVE-2024-26800 at NVD CVE-2024-26802 at SUSE CVE-2024-26802 at NVD CVE-2024-26813 at SUSE CVE-2024-26813 at NVD CVE-2024-26814 at SUSE CVE-2024-26814 at NVD CVE-2024-26863 at SUSE CVE-2024-26863 at NVD CVE-2024-26889 at SUSE CVE-2024-26889 at NVD CVE-2024-26920 at SUSE CVE-2024-26920 at NVD CVE-2024-26935 at SUSE CVE-2024-26935 at NVD CVE-2024-26961 at SUSE CVE-2024-26961 at NVD CVE-2024-26976 at SUSE CVE-2024-26976 at NVD CVE-2024-27015 at SUSE CVE-2024-27015 at NVD CVE-2024-27019 at SUSE CVE-2024-27019 at NVD CVE-2024-27020 at SUSE CVE-2024-27020 at NVD CVE-2024-27025 at SUSE CVE-2024-27025 at NVD CVE-2024-27065 at SUSE CVE-2024-27065 at NVD CVE-2024-27402 at SUSE CVE-2024-27402 at NVD CVE-2024-27437 at SUSE CVE-2024-27437 at NVD CVE-2024-35805 at SUSE CVE-2024-35805 at NVD CVE-2024-35819 at SUSE CVE-2024-35819 at NVD CVE-2024-35837 at SUSE CVE-2024-35837 at NVD CVE-2024-35853 at SUSE CVE-2024-35853 at NVD CVE-2024-35854 at SUSE CVE-2024-35854 at NVD CVE-2024-35855 at SUSE CVE-2024-35855 at NVD CVE-2024-35889 at SUSE CVE-2024-35889 at NVD CVE-2024-35890 at SUSE CVE-2024-35890 at NVD CVE-2024-35893 at SUSE CVE-2024-35893 at NVD CVE-2024-35899 at SUSE CVE-2024-35899 at NVD CVE-2024-35934 at SUSE CVE-2024-35934 at NVD CVE-2024-35949 at SUSE CVE-2024-35949 at NVD CVE-2024-35961 at SUSE CVE-2024-35961 at NVD CVE-2024-35979 at SUSE CVE-2024-35979 at NVD CVE-2024-35995 at SUSE CVE-2024-35995 at NVD CVE-2024-36000 at SUSE CVE-2024-36000 at NVD CVE-2024-36004 at SUSE CVE-2024-36004 at NVD CVE-2024-36288 at SUSE CVE-2024-36288 at NVD CVE-2024-36889 at SUSE CVE-2024-36889 at NVD CVE-2024-36901 at SUSE CVE-2024-36901 at NVD CVE-2024-36902 at SUSE CVE-2024-36902 at NVD CVE-2024-36909 at SUSE CVE-2024-36909 at NVD CVE-2024-36910 at SUSE CVE-2024-36910 at NVD CVE-2024-36911 at SUSE CVE-2024-36911 at NVD CVE-2024-36912 at SUSE CVE-2024-36912 at NVD CVE-2024-36913 at SUSE CVE-2024-36913 at NVD CVE-2024-36914 at SUSE CVE-2024-36914 at NVD CVE-2024-36919 at SUSE CVE-2024-36919 at NVD CVE-2024-36923 at SUSE CVE-2024-36923 at NVD CVE-2024-36924 at SUSE CVE-2024-36924 at NVD CVE-2024-36926 at SUSE CVE-2024-36926 at NVD CVE-2024-36939 at SUSE CVE-2024-36939 at NVD CVE-2024-36941 at SUSE CVE-2024-36941 at NVD CVE-2024-36942 at SUSE CVE-2024-36942 at NVD CVE-2024-36944 at SUSE CVE-2024-36944 at NVD CVE-2024-36946 at SUSE CVE-2024-36946 at NVD CVE-2024-36947 at SUSE CVE-2024-36947 at NVD CVE-2024-36950 at SUSE CVE-2024-36950 at NVD CVE-2024-36952 at SUSE CVE-2024-36952 at NVD CVE-2024-36955 at SUSE CVE-2024-36955 at NVD CVE-2024-36959 at SUSE CVE-2024-36959 at NVD CVE-2024-36974 at SUSE CVE-2024-36974 at NVD CVE-2024-38548 at SUSE CVE-2024-38548 at NVD CVE-2024-38555 at SUSE CVE-2024-38555 at NVD CVE-2024-38558 at SUSE CVE-2024-38558 at NVD CVE-2024-38559 at SUSE CVE-2024-38559 at NVD CVE-2024-38570 at SUSE CVE-2024-38570 at NVD CVE-2024-38586 at SUSE CVE-2024-38586 at NVD CVE-2024-38588 at SUSE CVE-2024-38588 at NVD CVE-2024-38598 at SUSE CVE-2024-38598 at NVD CVE-2024-38628 at SUSE CVE-2024-38628 at NVD CVE-2024-39276 at SUSE CVE-2024-39276 at NVD CVE-2024-39371 at SUSE CVE-2024-39371 at NVD CVE-2024-39463 at SUSE CVE-2024-39463 at NVD CVE-2024-39472 at SUSE CVE-2024-39472 at NVD CVE-2024-39475 at SUSE CVE-2024-39475 at NVD CVE-2024-39482 at SUSE CVE-2024-39482 at NVD CVE-2024-39487 at SUSE CVE-2024-39487 at NVD CVE-2024-39488 at SUSE CVE-2024-39488 at NVD CVE-2024-39490 at SUSE CVE-2024-39490 at NVD CVE-2024-39493 at SUSE CVE-2024-39493 at NVD CVE-2024-39494 at SUSE CVE-2024-39494 at NVD CVE-2024-39497 at SUSE CVE-2024-39497 at NVD CVE-2024-39499 at SUSE CVE-2024-39499 at NVD CVE-2024-39500 at SUSE CVE-2024-39500 at NVD CVE-2024-39501 at SUSE CVE-2024-39501 at NVD CVE-2024-39502 at SUSE CVE-2024-39502 at NVD CVE-2024-39505 at SUSE CVE-2024-39505 at NVD CVE-2024-39506 at SUSE CVE-2024-39506 at NVD CVE-2024-39507 at SUSE CVE-2024-39507 at NVD CVE-2024-39508 at SUSE CVE-2024-39508 at NVD CVE-2024-39509 at SUSE CVE-2024-39509 at NVD CVE-2024-40900 at SUSE CVE-2024-40900 at NVD CVE-2024-40901 at SUSE CVE-2024-40901 at NVD CVE-2024-40902 at SUSE CVE-2024-40902 at NVD CVE-2024-40903 at SUSE CVE-2024-40903 at NVD CVE-2024-40904 at SUSE CVE-2024-40904 at NVD CVE-2024-40906 at SUSE CVE-2024-40906 at NVD CVE-2024-40908 at SUSE CVE-2024-40908 at NVD CVE-2024-40909 at SUSE CVE-2024-40909 at NVD CVE-2024-40911 at SUSE CVE-2024-40911 at NVD CVE-2024-40912 at SUSE CVE-2024-40912 at NVD CVE-2024-40916 at SUSE CVE-2024-40916 at NVD CVE-2024-40919 at SUSE CVE-2024-40919 at NVD CVE-2024-40923 at SUSE CVE-2024-40923 at NVD CVE-2024-40924 at SUSE CVE-2024-40924 at NVD CVE-2024-40927 at SUSE CVE-2024-40927 at NVD CVE-2024-40929 at SUSE CVE-2024-40929 at NVD CVE-2024-40931 at SUSE CVE-2024-40931 at NVD CVE-2024-40932 at SUSE CVE-2024-40932 at NVD CVE-2024-40934 at SUSE CVE-2024-40934 at NVD CVE-2024-40935 at SUSE CVE-2024-40935 at NVD CVE-2024-40937 at SUSE CVE-2024-40937 at NVD CVE-2024-40940 at SUSE CVE-2024-40940 at NVD CVE-2024-40941 at SUSE CVE-2024-40941 at NVD CVE-2024-40942 at SUSE CVE-2024-40942 at NVD CVE-2024-40943 at SUSE CVE-2024-40943 at NVD CVE-2024-40945 at SUSE CVE-2024-40945 at NVD CVE-2024-40953 at SUSE CVE-2024-40953 at NVD CVE-2024-40954 at SUSE CVE-2024-40954 at NVD CVE-2024-40956 at SUSE CVE-2024-40956 at NVD CVE-2024-40958 at SUSE CVE-2024-40958 at NVD CVE-2024-40959 at SUSE CVE-2024-40959 at NVD CVE-2024-40960 at SUSE CVE-2024-40960 at NVD CVE-2024-40961 at SUSE CVE-2024-40961 at NVD CVE-2024-40966 at SUSE CVE-2024-40966 at NVD CVE-2024-40967 at SUSE CVE-2024-40967 at NVD CVE-2024-40970 at SUSE CVE-2024-40970 at NVD CVE-2024-40972 at SUSE CVE-2024-40972 at NVD CVE-2024-40976 at SUSE CVE-2024-40976 at NVD CVE-2024-40977 at SUSE CVE-2024-40977 at NVD CVE-2024-40981 at SUSE CVE-2024-40981 at NVD CVE-2024-40982 at SUSE CVE-2024-40982 at NVD CVE-2024-40984 at SUSE CVE-2024-40984 at NVD CVE-2024-40987 at SUSE CVE-2024-40987 at NVD CVE-2024-40988 at SUSE CVE-2024-40988 at NVD CVE-2024-40989 at SUSE CVE-2024-40989 at NVD CVE-2024-40990 at SUSE CVE-2024-40990 at NVD CVE-2024-40994 at SUSE CVE-2024-40994 at NVD CVE-2024-40998 at SUSE CVE-2024-40998 at NVD CVE-2024-40999 at SUSE CVE-2024-40999 at NVD CVE-2024-41002 at SUSE CVE-2024-41002 at NVD CVE-2024-41004 at SUSE CVE-2024-41004 at NVD CVE-2024-41006 at SUSE CVE-2024-41006 at NVD CVE-2024-41009 at SUSE CVE-2024-41009 at NVD CVE-2024-41011 at SUSE CVE-2024-41011 at NVD CVE-2024-41012 at SUSE CVE-2024-41012 at NVD CVE-2024-41013 at SUSE CVE-2024-41013 at NVD CVE-2024-41014 at SUSE CVE-2024-41014 at NVD CVE-2024-41015 at SUSE CVE-2024-41015 at NVD CVE-2024-41016 at SUSE CVE-2024-41016 at NVD CVE-2024-41017 at SUSE CVE-2024-41017 at NVD CVE-2024-41040 at SUSE CVE-2024-41040 at NVD CVE-2024-41041 at SUSE CVE-2024-41041 at NVD CVE-2024-41044 at SUSE CVE-2024-41044 at NVD CVE-2024-41048 at SUSE CVE-2024-41048 at NVD CVE-2024-41057 at SUSE CVE-2024-41057 at NVD CVE-2024-41058 at SUSE CVE-2024-41058 at NVD CVE-2024-41059 at SUSE CVE-2024-41059 at NVD CVE-2024-41063 at SUSE CVE-2024-41063 at NVD CVE-2024-41064 at SUSE CVE-2024-41064 at NVD CVE-2024-41066 at SUSE CVE-2024-41066 at NVD CVE-2024-41069 at SUSE CVE-2024-41069 at NVD CVE-2024-41070 at SUSE CVE-2024-41070 at NVD CVE-2024-41071 at SUSE CVE-2024-41071 at NVD CVE-2024-41072 at SUSE CVE-2024-41072 at NVD CVE-2024-41076 at SUSE CVE-2024-41076 at NVD CVE-2024-41078 at SUSE CVE-2024-41078 at NVD CVE-2024-41081 at SUSE CVE-2024-41081 at NVD CVE-2024-41087 at SUSE CVE-2024-41087 at NVD CVE-2024-41090 at SUSE CVE-2024-41090 at NVD CVE-2024-41091 at SUSE CVE-2024-41091 at NVD CVE-2024-42070 at SUSE CVE-2024-42070 at NVD CVE-2024-42079 at SUSE CVE-2024-42079 at NVD CVE-2024-42093 at SUSE CVE-2024-42093 at NVD CVE-2024-42096 at SUSE CVE-2024-42096 at NVD CVE-2024-42105 at SUSE CVE-2024-42105 at NVD CVE-2024-42122 at SUSE CVE-2024-42122 at NVD CVE-2024-42124 at SUSE CVE-2024-42124 at NVD CVE-2024-42145 at SUSE CVE-2024-42145 at NVD CVE-2024-42161 at SUSE CVE-2024-42161 at NVD CVE-2024-42224 at SUSE CVE-2024-42224 at NVD CVE-2024-42230 at SUSE CVE-2024-42230 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952). - CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958). - CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010). - CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702). - CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391). - CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426). - CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448). - CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452). - CVE-2021-47546: ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504). - CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505). - CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). - CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). - CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389). - CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568). - CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565). - CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570). - CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551). - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574). - CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571). - CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len. (bsc#1226555). - CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919). - CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678). - CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927) - CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936). - CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071). - CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003). - CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). - CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138). - CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869). - CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876). - CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). - CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719). - CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603). - CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). - CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). - CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). - CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). - CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). - CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489). - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). - CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573). - CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088). - CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). - CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). - CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564). - CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). - CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). - CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). - CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). - CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). - CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581). - CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586). - CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050). - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). - CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692). - CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942). - CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) - CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647). - CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656). - CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659). - CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654). - CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072). - CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' (bsc#1222323). - CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326). - CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328). - CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). - CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799). - CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809). - CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810). - CVE-2024-26842: scsi: target: core: Add TMF to tmr_list handling (bsc#1223013). - CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). - CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021). - CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). - CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652). - CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641). - CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806). - CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813) - CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815) - CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778) - CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836). - CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414). - CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716). - CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625). - CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). - CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). - CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743). - CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). - CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683). - CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). - CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500). - CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). - CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604). - CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). - CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). - CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). - CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). - CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517). - CVE-2024-35890: gro: fix ownership transfer (bsc#1224516). - CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512) - CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). - CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499) - CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497). - CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). - CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641) - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). - CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) - CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). - CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). - CVE-2024-35961: net/mlx5: Register devlink first under devlink lock (bsc#1224585). - CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572). - CVE-2024-35995: ACPI: CPPC: Use access_width over bit_width for system memory accesses (bsc#1224557). - CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). - CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548). - CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545) - CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). - CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). - CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). - CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698). - CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699). - CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). - CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). - CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714). - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). - CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). - CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711) - CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719). - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). - CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744). - CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717). - CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745). - CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752). - CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753). - CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757). - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). - CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). - CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). - CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). - CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815). - CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). - CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). - CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838). - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). - CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). - CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851). - CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). - CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519). - CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). - CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). - CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). - CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). - CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). - CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). - CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). - CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). - CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783). - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). - CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). - CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). - CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775). - CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). - CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). - CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750). - CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). - CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). - CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757). - CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). - CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). - CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). - CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (bsc#1226911). - CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). - CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). - CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). - CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993). - CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). - CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990). - CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090). - CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103). - CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992). - CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432). - CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435) - CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447). - CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573) - CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626). - CVE-2024-39493: crypto: qat - fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620). - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716). - CVE-2024-39497: drm/shmem-helper: fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722). - CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755). - CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729). - CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730). - CVE-2024-39508: io_uring/io-wq: use set_bit() and test_bit() at worker->flags (bsc#1227732). - CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762). - CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763). - CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783). - CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798). - CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779). - CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786). - CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780). - CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797). - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836). - CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800). - CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849). - CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806). - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810). - CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812). - CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884). - CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813). - CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814). - CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886). - CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891). - CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899). - CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910). - CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950). - CVE-2024-40982: ssb: fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865). - CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823). - CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829). - CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866). - CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913). - CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862). - CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). - CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114). - CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247). - CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405). - CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408). - CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409). - CVE-2024-41016: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). - CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403). - CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518). - CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520). - CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530). - CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565). - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462). - CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459). - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561). - CVE-2024-41063: bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580). - CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599). - CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640). - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644). - CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581). - CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625). - CVE-2024-41072: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (bsc#1228626). - CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649). - CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655). - CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617). - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328). - CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327). - CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470). - CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672). - CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680). - CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633). - CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591). - CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705). - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743) - CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756). - CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723). - CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869). The following non-security bugs were fixed: - acpi: EC: Abort address space access upon error (stable-fixes). - acpi: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes). - acpi: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes). - acpi: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes). - acpi: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-fixes). - acpi: x86: Force StorageD3Enable on more products (stable-fixes). - acpi: x86: utils: Add Picasso to the list for forcing StorageD3Enable (stable-fixes). - acpica: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes). - alsa: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes). - alsa: dmaengine: Synchronize dma channel after drop() (stable-fixes). - alsa: emux: improve patch ioctl data validation (stable-fixes). - alsa: Fix deadlocks with kctl removals at disconnection (stable-fixes). - alsa: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes). - alsa: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes). - alsa: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes). - alsa: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes). - alsa: hda/realtek: Add quirks for Lenovo 13X (stable-fixes). - alsa: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes). - alsa: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes). - alsa: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes). - alsa: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes). - alsa: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes). - alsa: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes). - alsa: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes). - alsa: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes). - alsa: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes). - alsa: hda/realtek: Limit mic boost on N14AP7 (stable-fixes). - alsa: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes). - alsa: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes). - alsa: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes). - alsa: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes). - alsa: timer: Set lower bound of start tick time (stable-fixes). - alsa: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes). - alsa: usb-audio: Correct surround channels in UAC1 channel map (git-fixes). - alsa: usb-audio: Fix microphone sound on HD webcam (stable-fixes). - alsa: usb-audio: Move HD Webcam quirk to the right place (git-fixes). - alsa/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes). - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). - arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes) - arm64: dts: hi3798cv200: fix the size of GICR (git-fixes) - arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes) - arm64: dts: microchip: sparx5: fix mdio reg (git-fixes) - arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes) - arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes) - arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes) - arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690). - arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690). - arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690). - arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690). - arm64: tegra: Correct Tegra132 I2C alias (git-fixes) - arm64/io: add constant-argument check (bsc#1226502 git-fixes) - arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502) - asoc: amd: acp: add a null check for chip_pdev structure (git-fixes). - asoc: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes). - asoc: amd: Adjust error handling in case of absent codec device (git-fixes). - asoc: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes). - asoc: fsl-asoc-card: set priv->pdev before using it (git-fixes). - asoc: max98088: Check for clk_prepare_enable() error (git-fixes). - asoc: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes). - asoc: rt715-sdca: volume step modification (stable-fixes). - asoc: rt715: add vendor clear control register (stable-fixes). - asoc: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes). - asoc: ti: omap-hdmi: Fix too long driver name (stable-fixes). - ata: ahci: Clean up sysfs file on error (git-fixes). - ata: libata-core: Fix double free on error (git-fixes). - ata: libata-core: Fix null pointer dereference on error (git-fixes). - batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes). - batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes). - blk-cgroup: dropping parent refcount after pd_free_fn() is done (bsc#1224573). - block, loop: support partitions without scanning (bsc#1227162). - block: do not add partitions if GD_SUPPRESS_PART_SCAN is set (bsc#1227162). - bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes). - bluetooth: btqca: use le32_to_cpu for ver.soc_id (stable-fixes). - bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes). - bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes). - bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes). - Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes). - bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes). - bnxt_re: Fix imm_data endianness (git-fixes) - bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes). - bpf: aggressively forget precise markings during state checkpointing (bsc#1225903). - bpf: allow precision tracking for programs with subprogs (bsc#1225903). - bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903). - bpf: clean up visit_insn()'s instruction processing (bsc#1225903). - bpf: correct loop detection for iterators convergence (bsc#1225903). - bpf: encapsulate precision backtracking bookkeeping (bsc#1225903). - bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903). - bpf: exact states comparison for iterator convergence checks (bsc#1225903). - bpf: extract __check_reg_arg() utility function (bsc#1225903). - bpf: extract same_callsites() as utility function (bsc#1225903). - bpf: extract setup_func_entry() utility function (bsc#1225903). - bpf: fix calculation of subseq_idx during precision backtracking (bsc#1225903). - bpf: fix mark_all_scalars_precise use in mark_chain_precision (bsc#1225903). - bpf: Fix memory leaks in __check_func_call (bsc#1225903). - bpf: fix propagate_precision() logic for inner frames (bsc#1225903). - bpf: fix regs_exact() logic in regsafe() to remap IDs correctly (bsc#1225903). - bpf: Fix to preserve reg parent/live fields when copying range info (bsc#1225903). - bpf: generalize MAYBE_NULL vs non-MAYBE_NULL rule (bsc#1225903). - bpf: improve precision backtrack logging (bsc#1225903). - bpf: Improve verifier u32 scalar equality checking (bsc#1225903). - bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903). - bpf: maintain bitmasks across all active frames in __mark_chain_precision (bsc#1225903). - bpf: mark relevant stack slots scratched for register read instructions (bsc#1225903). - bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903). - bpf: perform byte-by-byte comparison only when necessary in regsafe() (bsc#1225903). - bpf: print full verifier states on infinite loop detection (bsc#1225903). - bpf: regsafe() must not skip check_ids() (bsc#1225903). - bpf: reject non-exact register type matches in regsafe() (bsc#1225903). - bpf: Remove unused insn_cnt argument from visit_[func_call_]insn() (bsc#1225903). - bpf: reorganize struct bpf_reg_state fields (bsc#1225903). - bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903). - bpf: states_equal() must build idmap for all function frames (bsc#1225903). - bpf: stop setting precise in current state (bsc#1225903). - bpf: support precision propagation in the presence of subprogs (bsc#1225903). - bpf: take into account liveness when propagating precision (bsc#1225903). - bpf: teach refsafe() to take into account ID remapping (bsc#1225903). - bpf: unconditionally reset backtrack_state masks on global func exit (bsc#1225903). - bpf: use check_ids() for active_lock comparison (bsc#1225903). - bpf: Use scalar ids in mark_chain_precision() (bsc#1225903). - bpf: verify callbacks as if they are called unknown number of times (bsc#1225903). - bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903). - bpf: widening for callback iterators (bsc#1225903). - btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162). - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282). - btrfs: harden identification of a stale device (bsc#1227162). - btrfs: match stale devices by dev_t (bsc#1227162). - btrfs: remove the cross file system checks from remap (bsc#1227157). - btrfs: use dev_t to match device in device_matched (bsc#1227162). - btrfs: validate device maj:min during open (bsc#1227162). - bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes). - cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes). - cachefiles: remove requests from xarray during flushing requests (bsc#1226588). - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes). - can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes). - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). - ceph: always check dir caps asynchronously (bsc#1226022). - ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). - ceph: break the check delayed cap loop every 5s (bsc#1226022). - ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418). - ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). - cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). - cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). - cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). - cgroup: preserve KABI of cgroup_root (bsc#1222254). - cgroup: Remove unnecessary list_empty() (bsc#1222254). - cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). - check-for-config-changes: ignore also GCC_ASM_GOTO_OUTPUT_BROKEN . - checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes). - cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368). - cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes). - crypto: aead,cipher - zeroize key buffer after use (stable-fixes). - crypto: ecdh - explicitly zeroize private_key (stable-fixes). - crypto: ecdsa - Fix the public key format description (git-fixes). - crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes). - crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes). - csky: ftrace: Drop duplicate implementation of arch_check_ftrace_location() (git-fixes). - decompress_bunzip2: fix rare decompression failure (git-fixes). - devres: Fix devm_krealloc() wasting memory (git-fixes). - devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes). - dma: fix call order in dmam_free_coherent (git-fixes). - dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes). - dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes). - docs: crypto: async-tx-api: fix broken code example (git-fixes). - docs: Fix formatting of literal sections in fanotify docs (stable-fixes). - drivers: core: synchronize really_probe() and dev_uevent() (git-fixes). - drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes). - drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes). - drm/amd/amdgpu: Fix style errors in amdgpu_drv.c & amdgpu_device.c (stable-fixes). - drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes). - drm/amd/display: Add dtbclk access to dcn315 (stable-fixes). - drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes). - drm/amd/display: Check for NULL pointer (stable-fixes). - drm/amd/display: Check index msg_id before read or write (stable-fixes). - drm/amd/display: Check pipe offset before setting vblank (stable-fixes). - drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes). - drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes). - drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes). - drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes). - drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes). - drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes). - drm/amd/pm: remove logically dead code for renoir (git-fixes). - drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes). - drm/amdgpu: avoid using null object of framebuffer (stable-fixes). - drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes). - drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes). - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes). - drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes). - drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes). - drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes). - drm/amdgpu: Fix uninitialized variable warnings (stable-fixes). - drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes). - drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes). - drm/amdgpu: Update BO eviction priorities (stable-fixes). - drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes). - drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes). - drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes). - drm/amdgpu/mes: fix use-after-free issue (stable-fixes). - drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes). - drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes). - drm/amdkfd: Rework kfd_locked handling (bsc#1225872) - drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes). - drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes). - drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes). - drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes). - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes). - drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes). - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes). - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes). - drm/i915/dpt: Make DPT object unshrinkable (git-fixes). - drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes). - drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes). - drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes). - drm/i915/guc: avoid FIELD_PREP warning (git-fixes). - drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes). - drm/komeda: check for error-valued pointer (git-fixes). - drm/lima: add mask irq callback to gp and pp (stable-fixes). - drm/lima: fix shared irq handling on driver remove (stable-fixes). - drm/lima: Mark simple_ondemand governor as softdep (git-fixes). - drm/lima: mask irqs in timeout path before hard reset (stable-fixes). - drm/mediatek: Add OVL compatible name for MT8195 (git-fixes). - drm/meson: fix canvas release in bind function (git-fixes). - drm/mgag200: Bind I2C lifetime to DRM device (git-fixes). - drm/mgag200: Set DDC timeout in milliseconds (git-fixes). - drm/mipi-dsi: Fix mipi_dsi_dcs_write_seq() macro definition format (stable-fixes). - drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes). - drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes). - drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes). - drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes). - drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes). - drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes). - drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes). - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes). - drm/nouveau: prime: fix refcount underflow (git-fixes). - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes). - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes). - drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes). - drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes). - drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes). - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes). - drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes). - drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes). - drm/qxl: Add check for drm_cvt_mode (git-fixes). - drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes). - drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes). - drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes). - drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes). - drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes). - drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes). - drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes). - drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes). - eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes). - exfat: check if cluster num is valid (git-fixes). - exfat: simplify is_valid_cluster() (git-fixes). - filelock: add a new locks_inode_context accessor function (git-fixes). - firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes). - firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes). - firmware: cs_dsp: Return error if block header overflows file (git-fixes). - firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes). - firmware: cs_dsp: Validate payload length before processing block (git-fixes). - firmware: dmi: Stop decoding on broken entry (stable-fixes). - firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes). - firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes). - firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes). - fs: allow cross-vfsmount reflink/dedupe (bsc#1227157). - ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes). - fuse: verify {g,u}id mount options correctly (bsc#1228191). - gpio: davinci: Validate the obtained number of IRQs (git-fixes). - gpio: mc33880: Convert comma to semicolon (git-fixes). - gpio: tqmx86: fix typo in Kconfig label (git-fixes). - gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes). - gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes). - hfsplus: fix to avoid false alarm of circular locking (git-fixes). - hfsplus: fix uninit-value in copy_name (git-fixes). - hid: Add quirk for Logitech Casa touchpad (stable-fixes). - hid: core: remove unnecessary WARN_ON() in implement() (git-fixes). - hid: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes). - hid: wacom: Modify pen IDs (git-fixes). - hpet: Support 32-bit userspace (git-fixes). - hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes). - hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes). - hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes). - hwmon: (shtc1) Fix property misspelling (git-fixes). - i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes). - i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes). - i2c: mark HostNotify target address as used (git-fixes). - i2c: ocores: set IACK bit after core is enabled (git-fixes). - i2c: rcar: bring hardware to known state when probing (git-fixes). - i2c: tegra: Fix failure during probe deferral cleanup (git-fixes) - i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661) - i2c: testunit: avoid re-issued work after read message (git-fixes). - i2c: testunit: correct Kconfig description (git-fixes). - i2c: testunit: discard write requests while old command is running (git-fixes). - i2c: testunit: do not erase registers after STOP (git-fixes). - iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes). - iio: adc: ad7266: Fix variable checking bug (git-fixes). - iio: adc: ad9467: fix scan type sign (git-fixes). - iio: chemical: bme680: Fix calibration data variable (git-fixes). - iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes). - iio: chemical: bme680: Fix pressure value output (git-fixes). - iio: chemical: bme680: Fix sensor data read operation (git-fixes). - iio: dac: ad5592r: fix temperature channel scaling value (git-fixes). - iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes). - input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes). - input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes). - input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes). - Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes). - input: qt1050 - handle CHIP_ID reading error (git-fixes). - input: silead - Always support 10 fingers (stable-fixes). - intel_th: pci: Add Granite Rapids SOC support (stable-fixes). - intel_th: pci: Add Granite Rapids support (stable-fixes). - intel_th: pci: Add Lunar Lake support (stable-fixes). - intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes). - intel_th: pci: Add Meteor Lake-S support (stable-fixes). - intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes). - iommu: mtk: fix module autoloading (git-fixes). - iommu: Return right value in iommu_sva_bind_device() (git-fixes). - iommu/amd: Fix sysfs leak in iommu init (git-fixes). - iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes). - ionic: clean interrupt before enabling queue to avoid credit race (git-fixes). - ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) - jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes). - jfs: Fix array-index-out-of-bounds in diFree (git-fixes). - jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383). - kabi: bpf: bpf_reg_state reorganization kABI workaround (bsc#1225903). - kabi: bpf: callback fixes kABI workaround (bsc#1225903). - kabi: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903). - kabi: bpf: tmp_str_buf kABI workaround (bsc#1225903). - kabi: rtas: Workaround false positive due to lost definition (bsc#1227487). - kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502) - kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783) - kabi/severities: Ignore tpm_tis_core_init (bsc#1082555). - kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users. - kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274). - kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes). - kconfig: doc: fix a typo in the note about 'imply' (git-fixes). - kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes). - kernel-binary: vdso: Own module_dir - kernel-doc: fix struct_group_tagged() parsing (git-fixes). - kernel/sched: Remove dl_boosted flag comment (git fixes (sched)). - knfsd: LOOKUP can return an illegal error value (git-fixes). - kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes). - kprobes: Make arch_check_ftrace_location static (git-fixes). - kvm: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes). - kvm: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting (bsc#1194869). - kvm: PPC: Book3S HV: Fix 'rm_exit' entry in debugfs timings (bsc#1194869). - kvm: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869). - kvm: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1194869). - kvm: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST (bsc#1194869). - kvm: PPC: Book3S: Suppress warnings when allocating too big memory slots (bsc#1194869). - kvm: s390: fix LPSWEY handling (bsc#1227635 git-fixes). - kvm: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (git-fixes). - kvm: VMX: Report up-to-date exit qualification to userspace (git-fixes). - kvm: x86: Add IBPB_BRTYPE support (bsc#1228079). - kvm: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes). - kvm: x86: Bail from kvm_recalculate_phys_map() if x2APIC ID is out-of-bounds (git-fixes). - kvm: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-fixes). - kvm: x86: Disable APIC logical map if vCPUs are aliased in logical mode (git-fixes). - kvm: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes). - kvm: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-fixes). - kvm: x86: Explicitly track all possibilities for APIC map's logical modes (git-fixes). - kvm: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes). - kvm: x86: Fix KVM_GET_MSRS stack info leak (git-fixes). - kvm: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-fixes). - kvm: x86: Purge 'highest ISR' cache when updating APICv state (git-fixes). - kvm: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes). - kvm: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-fixes). - leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes). - leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes). - leds: triggers: Flush pending brightness before activating trigger (git-fixes). - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes). - lib: objagg: Fix general protection fault (git-fixes). - lib: objagg: Fix spelling (git-fixes). - lib: test_objagg: Fix spelling (git-fixes). - libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228190). - lockd: set missing fl_flags field when retrieving args (git-fixes). - lockd: use locks_inode_context helper (git-fixes). - Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582) - media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes). - media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes). - media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes). - media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes). - media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes). - media: dvbdev: Initialize sbuf (stable-fixes). - media: dw2102: Do not translate i2c read into write (stable-fixes). - media: dw2102: fix a potential buffer overflow (git-fixes). - media: flexcop-usb: clean up endpoint sanity checks (stable-fixes). - media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes). - media: imon: Fix race getting ictx->lock (git-fixes). - media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes). - media: lgdt3306a: Add a check against null-pointer-def (stable-fixes). - media: mxl5xx: Move xpt structures off stack (stable-fixes). - media: radio-shark2: Avoid led_names truncations (git-fixes). - media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes). - media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes). - media: uvcvideo: Override default flags (git-fixes). - media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes). - media: venus: fix use after free in vdec_close (git-fixes). - media: venus: flush all buffers in output plane streamoff (git-fixes). - mei: demote client disconnect warning on suspend to debug (stable-fixes). - mei: me: release irq in mei_me_pci_resume error path (git-fixes). - mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes). - mkspec-dtb: add toplevel symlinks also on arm - mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes). - mmc: core: Do not force a retune before RPMB switch (stable-fixes). - mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes). - mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes). - mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes). - mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes). - mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes). - mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes). - mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes). - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes). - mmc: sdhci: Do not invert write-protect twice (git-fixes). - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes). - mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes). - mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes). - mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes). - mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes). - net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes). - net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes). - net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes). - net: ena: Fix redundant device NUMA node override (jsc#PED-8690). - net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). - net: mana: Fix possible double free in error handling path (git-fixes). - net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes). - net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes). - net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes). - net: usb: ax88179_178a: improve link status logs (git-fixes). - net: usb: ax88179_178a: improve reset check (git-fixes). - net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes). - net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes). - net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes). - net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes). - net/dcb: check for detached device before executing callbacks (bsc#1215587). - net/mlx5e: Fix a race in command alloc flow (git-fixes). - netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180). - netfilter: conntrack: prepare tcp_in_window for ternary return value (bsc#1223180). - netfilter: conntrack: remove pr_debug callsites from tcp tracker (bsc#1223180). - netfilter: conntrack: work around exceeded receive window (bsc#1223180). - netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462). - nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes). - nfs: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). - nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). - nfs: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). - nfs: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes). - nfs: fix undefined behavior in nfs_block_bits() (git-fixes). - nfs: keep server info for remounts (git-fixes). - nfs: Leave pages in the pagecache if readpage failed (git-fixes). - nfsd enforce filehandle check for source file in COPY (git-fixes). - nfsd: Add an nfsd_file_fsync tracepoint (git-fixes). - nfsd: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection (git-fixes). - nfsd: Add errno mapping for EREMOTEIO (git-fixes). - nfsd: Add nfsd_file_lru_dispose_list() helper (git-fixes). - nfsd: add some comments to nfsd_file_do_acquire (git-fixes). - nfsd: allow nfsd_file_get to sanely handle a NULL pointer (git-fixes). - nfsd: allow reaping files still under writeback (git-fixes). - nfsd: Avoid calling fh_drop_write() twice in do_nfsd_create() (git-fixes). - nfsd: Clean up nfsd_file_put() (git-fixes). - nfsd: Clean up nfsd_open_verified() (git-fixes). - nfsd: Clean up nfsd3_proc_create() (git-fixes). - nfsd: Clean up unused code after rhashtable conversion (git-fixes). - nfsd: Convert filecache to rhltable (git-fixes). - nfsd: Convert the filecache to use rhashtable (git-fixes). - nfsd: De-duplicate hash bucket indexing (git-fixes). - nfsd: do not free files unconditionally in __nfsd_file_cache_purge (git-fixes). - nfsd: do not fsync nfsd_files on last close (git-fixes). - nfsd: do not hand out delegation on setuid files being opened for write (git-fixes). - nfsd: do not kill nfsd_files because of lease break error (git-fixes). - nfsd: Do not leave work of closing files to a work queue (bsc#1228140). - nfsd: do not take/put an extra reference when putting a file (git-fixes). - nfsd: Ensure nf_inode is never dereferenced (git-fixes). - nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes). - nfsd: Fix licensing header in filecache.c (git-fixes). - nfsd: fix net-namespace logic in __nfsd_file_cache_purge (git-fixes). - nfsd: fix nfsd_file_unhash_and_dispose (git-fixes). - nfsd: Fix potential use-after-free in nfsd_file_put() (git-fixes). - nfsd: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes). - nfsd: Fix the filecache LRU shrinker (git-fixes). - nfsd: fix up the filecache laundrette scheduling (git-fixes). - nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint (git-fixes). - nfsd: Flesh out a documenting comment for filecache.c (git-fixes). - nfsd: handle errors better in write_ports_addfd() (git-fixes). - nfsd: Instantiate a struct file when creating a regular NFSv4 file (git-fixes). - nfsd: Leave open files out of the filecache LRU (git-fixes). - nfsd: map EBADF (git-fixes). - nfsd: Move nfsd_file_trace_alloc() tracepoint (git-fixes). - nfsd: nfsd_file_hash_remove can compute hashval (git-fixes). - nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries (git-fixes). - nfsd: nfsd_file_put() can sleep (git-fixes). - nfsd: nfsd_file_unhash can compute hashval from nf->nf_inode (git-fixes). - nfsd: No longer record nf_hashval in the trace log (git-fixes). - nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). - nfsd: Pass the target nfsd_file to nfsd_commit() (git-fixes). - nfsd: put the export reference in nfsd4_verify_deleg_dentry (git-fixes). - nfsd: Record number of flush calls (git-fixes). - nfsd: Refactor __nfsd_file_close_inode() (git-fixes). - nfsd: Refactor nfsd_create_setattr() (git-fixes). - nfsd: Refactor nfsd_file_gc() (git-fixes). - nfsd: Refactor nfsd_file_lru_scan() (git-fixes). - nfsd: Refactor NFSv3 CREATE (git-fixes). - nfsd: Refactor NFSv4 OPEN(CREATE) (git-fixes). - nfsd: Remove do_nfsd_create() (git-fixes). - nfsd: Remove lockdep assertion from unhash_and_release_locked() (git-fixes). - nfsd: Remove nfsd_file::nf_hashval (git-fixes). - nfsd: remove the pages_flushed statistic from filecache (git-fixes). - nfsd: reorganize filecache.c (git-fixes). - nfsd: Replace the 'init once' mechanism (git-fixes). - nfsd: Report average age of filecache items (git-fixes). - nfsd: Report count of calls to nfsd_file_acquire() (git-fixes). - nfsd: Report count of freed filecache items (git-fixes). - nfsd: Report filecache LRU size (git-fixes). - nfsd: Report the number of items evicted by the LRU walk (git-fixes). - nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes). - nfsd: rework hashtable handling in nfsd_do_file_acquire (git-fixes). - nfsd: rework refcounting in filecache (git-fixes). - nfsd: Separate tracepoints for acquire and create (git-fixes). - nfsd: Set up an rhashtable for the filecache (git-fixes). - nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes). - nfsd: simplify per-net file cache management (git-fixes). - nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator (git-fixes). - nfsd: simplify the delayed disposal list code (git-fixes). - nfsd: Trace filecache LRU activity (git-fixes). - nfsd: Trace filecache opens (git-fixes). - nfsd: update comment over __nfsd_file_cache_purge (git-fixes). - nfsd: verify the opened dentry after setting a delegation (git-fixes). - nfsd: WARN when freeing an item still linked via nf_lru (git-fixes). - nfsd: Write verifier might go backwards (git-fixes). - nfsd: Zero counters when the filecache is re-initialized (git-fixes). - nfsv4: by default serialize open/close operations (bsc#1223863 bsc#1227362) - nfsv4: Fixup smatch warning for ambiguous return (git-fixes). - nilfs2: add missing check for inode numbers on directory entries (git-fixes). - nilfs2: add missing check for inode numbers on directory entries (stable-fixes). - nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes). - nilfs2: convert persistent object allocator to use kmap_local (git-fixes). - nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes). - nilfs2: fix inode number range checks (git-fixes). - nilfs2: fix inode number range checks (stable-fixes). - nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes). - nvme-auth: alloc nvme_dhchap_key as single buffer (git-fixes). - nvme-auth: allow mixing of secret and hash lengths (git-fixes). - nvme-auth: use transformed key size to create resp (git-fixes). - nvme-multipath: find NUMA path only for online numa-node (git-fixes). - nvme-pci: add missing condition check for existence of mapped data (git-fixes). - nvme-pci: Fix the instructions for disabling power management (git-fixes). - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes). - nvme: avoid double free special payload (git-fixes). - nvme: ensure reset state check ordering (bsc#1215492). - nvme: find numa distance only if controller has valid numa id (git-fixes). - nvme: fixup comment for nvme RDMA Provider Type (git-fixes). - nvme: use ctrl state accessor (bsc#1215492). - nvmet-auth: fix nvmet_auth hash error handling (git-fixes). - nvmet-passthru: propagate status from id override functions (git-fixes). - nvmet: always initialize cqe.result (git-fixes). - nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes). - ocfs2: adjust enabling place for la window (bsc#1219224). - ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834). - ocfs2: fix sparse warnings (bsc#1219224). - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). - ocfs2: remove redundant assignment to variable free_space (bsc#1228409). - ocfs2: speed up chain-list searching (bsc#1219224). - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). - orangefs: fix out-of-bounds fsid access (git-fixes). - pci: Add PCI_ERROR_RESPONSE and related definitions (stable-fixes). - pci: Clear Secondary Status errors after enumeration (bsc#1226928) - pci: Extend ACS configurability (bsc#1228090). - pci: Fix resource double counting on remove & rescan (git-fixes). - pci: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes). - pci: Introduce cleanup helpers for device reference counts and locks (git-fixes). - pci: Introduce cleanup helpers for device reference counts and locks (stable-fixes). - pci: keystone: Do not enable BAR 0 for AM654x (git-fixes). - pci: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes). - pci: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes). - pci: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes). - pci: tegra194: Set EP alignment restriction for inbound ATU (git-fixes). - pci/aspm: Update save_state when configuration changes (bsc#1226915) - pci/dpc: Fix use-after-free on concurrent DPC and hot-removal (git-fixes). - pci/pm: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes). - pci/pm: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes). - pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes). - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes). - pinctrl: freescale: mxs: Fix refcount of child (git-fixes). - pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes). - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes). - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes). - pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes). - pinctrl: rockchip: update rk3308 iomux routes (git-fixes). - pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes). - pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes). - pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes). - platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes). - platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes). - platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes). - platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes). - platform/x86: lg-laptop: Change ACPI device id (stable-fixes). - platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes). - platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes). - platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes). - platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes). - power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes). - powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869). - powerpc/cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state (bsc#1227121 ltc#207129). - powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869). - powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869). - powerpc/rtas: clean up includes (bsc#1227487). - powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). - pwm: stm32: Always do lazy disabling (git-fixes). - random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). - ras/amd/atl: Fix MI300 bank hash (bsc#1225300). - ras/amd/atl: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). - rdma/cache: Release GID table even if leak is detected (git-fixes) - rdma/device: Return error earlier if port in not valid (git-fixes) - rdma/hns: Check atomic wr length (git-fixes) - rdma/hns: Fix incorrect sge nums calculation (git-fixes) - rdma/hns: Fix insufficient extend DB for VFs. (git-fixes) - rdma/hns: Fix mbx timing out before CMD execution is completed (git-fixes) - rdma/hns: Fix missing pagesize and alignment check in FRMR (git-fixes) - rdma/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes) - rdma/hns: Fix soft lockup under heavy CEQE load (git-fixes) - rdma/hns: Fix undifined behavior caused by invalid max_sge (git-fixes) - rdma/hns: Fix unmatch exception handling when init eq table fails (git-fixes) - rdma/irdma: Drop unused kernel push code (git-fixes) - rdma/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes) - rdma/mana_ib: Ignore optional access flags for MRs (git-fixes). - rdma/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes) - rdma/mlx4: Fix truncated output warning in mad.c (git-fixes) - rdma/mlx5: Add check for srq max_sge attribute (git-fixes) - rdma/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes) - rdma/restrack: Fix potential invalid address access (git-fixes) - rdma/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes) - regmap-i2c: Subtract reg size from max_write (stable-fixes). - regulator: bd71815: fix ramp values (git-fixes). - regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes). - regulator: irq_helpers: duplicate IRQ name (stable-fixes). - regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes). - Revert 'Add remote for nfs maintainer' - Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783). - Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783). - Revert 'build initrd without systemd' (bsc#1195775)'. - Revert 'leds: led-core: Fix refcount leak in of_led_get()' (git-fixes). - Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes). - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes). - rpm/guards: fix precedence issue with control flow operator - rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) - rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) - rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. - rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 - rtc: cmos: Fix return value of nvmem callbacks (git-fixes). - rtc: interface: Add RTC offset to alarm after fix-up (git-fixes). - rtc: isl1208: Fix return value of nvmem callbacks (git-fixes). - rtlwifi: rtl8192de: Style clean-ups (stable-fixes). - s390: Implement __iowrite32_copy() (bsc#1226502) - s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502) - saa7134: Unchecked i2c_transfer function result fixed (git-fixes). - sched: Fix stop_one_cpu_nowait() vs hotplug (git fixes (sched)). - sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). - sched/fair: Do not balance task to its current running CPU (git fixes (sched)). - scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857). - scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857). - scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857). - scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857). - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857). - scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857). - scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857). - scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857). - scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850). - scsi: qla2xxx: Complete command early within lock (bsc#1228850). - scsi: qla2xxx: Convert comma to semicolon (bsc#1228850). - scsi: qla2xxx: Drop driver owner assignment (bsc#1228850). - scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850). - scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850). - scsi: qla2xxx: Fix flash read failure (bsc#1228850). - scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850). - scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850). - scsi: qla2xxx: Indent help text (bsc#1228850). - scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850). - scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850). - scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850). - scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850). - scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850). - scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850). - scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850). - scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570). - selftests/bpf: __imm_insn & __imm_const macro for bpf_misc.h (bsc#1225903). - selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903). - selftests/bpf: add pre bpf_prog_test_run_opts() callback for test_loader (bsc#1225903). - selftests/bpf: add precision propagation tests in the presence of subprogs (bsc#1225903). - selftests/bpf: Add pruning test case for bpf_spin_lock (bsc#1225903). - selftests/bpf: Check if mark_chain_precision() follows scalar ids (bsc#1225903). - selftests/bpf: check if max number of bpf_loop iterations is tracked (bsc#1225903). - selftests/bpf: fix __retval() being always ignored (bsc#1225903). - selftests/bpf: fix unpriv_disabled check in test_verifier (bsc#1225903). - selftests/bpf: make test_align selftest more robust (bsc#1225903). - selftests/bpf: populate map_array_ro map for verifier_array_access test (bsc#1225903). - selftests/bpf: prog_tests entry point for migrated test_verifier tests (bsc#1225903). - selftests/bpf: Report program name on parse_test_spec error (bsc#1225903). - selftests/bpf: Support custom per-test flags and multiple expected messages (bsc#1225903). - selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903). - selftests/bpf: test case for relaxed prunning of active_lock.id (bsc#1225903). - selftests/bpf: test cases for regsafe() bug skipping check_id() (bsc#1225903). - selftests/bpf: test widening for iterating callbacks (bsc#1225903). - selftests/bpf: Tests execution support for test_loader.c (bsc#1225903). - selftests/bpf: tests for iterating callbacks (bsc#1225903). - selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903). - selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903). - selftests/bpf: Verify copy_register_state() preserves parent/live fields (bsc#1225903). - selftests/bpf: verify states_equal() maintains idmap across all frames (bsc#1225903). - selftests/bpf: Verify that check_ids() is used for scalars in regsafe() (bsc#1225903). - selftests/sigaltstack: Fix ppc64 GCC build (git-fixes). - smb: client: ensure to try all targets when finding nested links (bsc#1224020). - smb: client: guarantee refcounted children from parent session (bsc#1224679. - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes). - soundwire: cadence: fix invalid PDI offset (stable-fixes). - spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes). - spi: mux: set ctlr->bits_per_word_mask (stable-fixes). - spi: stm32: Do not warn about spurious interrupts (git-fixes). - string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850). - sunrpc: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272). - sunrpc: Fix gss_free_in_token_pages() (git-fixes). - sunrpc: Fix loop termination condition in gss_free_in_token_pages() (git-fixes). - sunrpc: fix NFSACL RPC retry on soft mount (git-fixes). - sunrpc: return proper error from gss_wrap_req_priv (git-fixes). - supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) - supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional. - supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems. - tpm_tis: Resend command to recover from data transfer errors (bsc#1082555). - tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555). - tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555). - tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555). - tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555). - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555). - tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555). - tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555). - tpm, tpm_tis: Only handle supported interrupts (bsc#1082555). - tpm, tpm: Implement usage counter for locality (bsc#1082555). - tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555). - tpm: Prevent hwrng from activating during resume (bsc#1082555). - tracing: Build event generation tests only as modules (git-fixes). - tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes). - tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330) - tracing/osnoise: Add osnoise/options file (bsc#1228330) - tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330) - tracing/osnoise: Fix notify new tracing_max_latency (bsc#1228330) - tracing/osnoise: Make osnoise_instances static (bsc#1228330) - tracing/osnoise: Split workload start from the tracer start (bsc#1228330) - tracing/osnoise: Support a list of trace_array *tr (bsc#1228330) - tracing/osnoise: Use built-in RCU list checking (bsc#1228330) - tracing/timerlat: Notify new max thread latency (bsc#1228330) - tty: mcf: MCF54418 has 10 UARTS (git-fixes). - usb-storage: alauda: Check whether the media is initialized (git-fixes). - usb: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes). - usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes). - usb: cdns3: allocate TX FIFO size according to composite EP number (git-fixes). - usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config (git-fixes). - usb: cdns3: fix iso transfer error when mult is not zero (git-fixes). - usb: cdns3: improve handling of unaligned address case (git-fixes). - usb: cdns3: optimize OUT transfer by copying only actual received data (git-fixes). - usb: cdns3: skip set TRB_IOC when usb_request: no_interrupt is true (git-fixes). - usb: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes). - usb: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes). - usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes). - usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes). - usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-fixes). - usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-fixes). - usb: fotg210-hcd: delete an incorrect bounds test (git-fixes). - usb: gadget: call usb_gadget_check_config() to verify UDC capability (git-fixes). - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes). - usb: gadget: printer: fix races against disable (git-fixes). - usb: gadget: printer: SS+ support (stable-fixes). - usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes). - usb: musb: da8xx: fix a resource leak in probe() (git-fixes). - usb: serial: mos7840: fix crash on resume (git-fixes). - usb: serial: option: add Fibocom FM350-GL (stable-fixes). - usb: serial: option: add Netprisma LCUK54 series modules (stable-fixes). - usb: serial: option: add Rolling RW350-GL variants (stable-fixes). - usb: serial: option: add support for Foxconn T99W651 (stable-fixes). - usb: serial: option: add Telit FN912 rmnet compositions (stable-fixes). - usb: serial: option: add Telit generic core-dump composition (stable-fixes). - usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes). - usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes). - usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes). - usb: typec: ucsi: Ack also failed Get Error commands (git-fixes). - usb: typec: ucsi: Never send a lone connector change ack (git-fixes). - usb: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes). - usb: xhci-plat: Do not include xhci.h (git-fixes). - usb: xhci-plat: fix legacy PHY double init (git-fixes). - usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes). - usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes). - usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes). - watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes). - watchdog: bd9576: Drop 'always-running' property (git-fixes). - wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes). - wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes). - wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes). - wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes). - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes). - wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes). - wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes). - wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes). - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes). - wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes). - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes). - wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes). - wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes). - wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes). - wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes). - wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes). - wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes). - wifi: mac80211: disable softirqs for queued frame handling (git-fixes). - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes). - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes). - wifi: mac80211: handle tasklet frames before stopping (stable-fixes). - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes). - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes). - wifi: mt76: replace skb_put with skb_put_zero (stable-fixes). - wifi: mwifiex: Fix interface type change (git-fixes). - wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes). - wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes). - wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes). - wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes). - wifi: wilc1000: fix ies_len type in connect path (git-fixes). - workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454). - workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454). - x.509: Fix the parser of extended key usage for length (bsc#1218820). - x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502) - x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes). - x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes). - x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes). - x86/bugs: Remove default case for fully switched enums (bsc#1227900). - x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes). - x86/ibt,ftrace: Search for __fentry__ location (git-fixes). - x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes). - x86/mce: Dynamically size space for machine check records (bsc#1222241). - x86/mm: Allow guest.enc_status_change_prepare() to fail (git-fixes). - x86/mm: Fix enc_status_change_finish_noop() (git-fixes). - x86/purgatory: Switch to the position-independent small code model (git-fixes). - x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (bsc#1227900). - x86/srso: Remove 'pred_cmd' label (bsc#1227900). - x86/tdx: Fix race between set_memory_encrypted() and load_unaligned_zeropad() (git-fixes). - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). - xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228226). - xfs: make sure sb_fdblocks is non-negative (bsc#1225419). - xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes). - xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes). - xhci: Fix failure to detect ring expansion need (git-fixes). - xhci: fix matching completion events with TDs (git-fixes). - xhci: Fix transfer ring expansion size calculation (git-fixes). - xhci: Handle TD clearing for multiple streams case (git-fixes). - xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes). - xhci: restre deleted trb fields for tracing (git-fixes). - xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes). - xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes). - xhci: Simplify event ring dequeue pointer update for port change events (git-fixes). - xhci: simplify event ring dequeue tracking for transfer events (git-fixes). - xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes). - xhci: update event ring dequeue pointer position to controller correctly (git-fixes). Important SUSE bug 1082555 SUSE bug 1156395 SUSE bug 1190336 SUSE bug 1191958 SUSE bug 1193454 SUSE bug 1193554 SUSE bug 1193787 SUSE bug 1193883 SUSE bug 1194324 SUSE bug 1194826 SUSE bug 1194869 SUSE bug 1195065 SUSE bug 1195254 SUSE bug 1195341 SUSE bug 1195349 SUSE bug 1195357 SUSE bug 1195668 SUSE bug 1195775 SUSE bug 1195927 SUSE bug 1195957 SUSE bug 1196018 SUSE bug 1196746 SUSE bug 1196823 SUSE bug 1197146 SUSE bug 1197246 SUSE bug 1197762 SUSE bug 1197915 SUSE bug 1198014 SUSE bug 1199295 SUSE bug 1202346 SUSE bug 1202686 SUSE bug 1202767 SUSE bug 1202780 SUSE bug 1205205 SUSE bug 1207361 SUSE bug 1208783 SUSE bug 1209636 SUSE bug 1213123 SUSE bug 1215492 SUSE bug 1215587 SUSE bug 1216834 SUSE bug 1217912 SUSE bug 1218148 SUSE bug 1218570 SUSE bug 1218820 SUSE bug 1219224 SUSE bug 1219633 SUSE bug 1219832 SUSE bug 1219847 SUSE bug 1220138 SUSE bug 1220185 SUSE bug 1220186 SUSE bug 1220368 SUSE bug 1220812 SUSE bug 1220869 SUSE bug 1220876 SUSE bug 1220942 SUSE bug 1220952 SUSE bug 1220958 SUSE bug 1221010 SUSE bug 1221086 SUSE bug 1221282 SUSE bug 1221647 SUSE bug 1221654 SUSE bug 1221656 SUSE bug 1221659 SUSE bug 1221958 SUSE bug 1222015 SUSE bug 1222072 SUSE bug 1222080 SUSE bug 1222241 SUSE bug 1222254 SUSE bug 1222323 SUSE bug 1222326 SUSE bug 1222328 SUSE bug 1222364 SUSE bug 1222625 SUSE bug 1222702 SUSE bug 1222728 SUSE bug 1222799 SUSE bug 1222809 SUSE bug 1222810 SUSE bug 1222893 SUSE bug 1223013 SUSE bug 1223018 SUSE bug 1223021 SUSE bug 1223180 SUSE bug 1223265 SUSE bug 1223384 SUSE bug 1223635 SUSE bug 1223641 SUSE bug 1223652 SUSE bug 1223675 SUSE bug 1223778 SUSE bug 1223806 SUSE bug 1223813 SUSE bug 1223815 SUSE bug 1223836 SUSE bug 1223863 SUSE bug 1224020 SUSE bug 1224331 SUSE bug 1224414 SUSE bug 1224488 SUSE bug 1224497 SUSE bug 1224498 SUSE bug 1224499 SUSE bug 1224500 SUSE bug 1224504 SUSE bug 1224512 SUSE bug 1224516 SUSE bug 1224517 SUSE bug 1224520 SUSE bug 1224539 SUSE bug 1224540 SUSE bug 1224545 SUSE bug 1224548 SUSE bug 1224552 SUSE bug 1224557 SUSE bug 1224572 SUSE bug 1224573 SUSE bug 1224583 SUSE bug 1224585 SUSE bug 1224588 SUSE bug 1224602 SUSE bug 1224603 SUSE bug 1224604 SUSE bug 1224605 SUSE bug 1224612 SUSE bug 1224614 SUSE bug 1224619 SUSE bug 1224636 SUSE bug 1224641 SUSE bug 1224661 SUSE bug 1224662 SUSE bug 1224670 SUSE bug 1224671 SUSE bug 1224674 SUSE bug 1224677 SUSE bug 1224679 SUSE bug 1224683 SUSE bug 1224694 SUSE bug 1224696 SUSE bug 1224700 SUSE bug 1224703 SUSE bug 1224712 SUSE bug 1224716 SUSE bug 1224719 SUSE bug 1224735 SUSE bug 1224743 SUSE bug 1224749 SUSE bug 1224764 SUSE bug 1224765 SUSE bug 1224766 SUSE bug 1224935 SUSE bug 1224946 SUSE bug 1224951 SUSE bug 1225050 SUSE bug 1225088 SUSE bug 1225098 SUSE bug 1225105 SUSE bug 1225272 SUSE bug 1225300 SUSE bug 1225389 SUSE bug 1225391 SUSE bug 1225419 SUSE bug 1225426 SUSE bug 1225448 SUSE bug 1225452 SUSE bug 1225467 SUSE bug 1225475 SUSE bug 1225484 SUSE bug 1225487 SUSE bug 1225489 SUSE bug 1225504 SUSE bug 1225505 SUSE bug 1225514 SUSE bug 1225518 SUSE bug 1225535 SUSE bug 1225564 SUSE bug 1225573 SUSE bug 1225581 SUSE bug 1225585 SUSE bug 1225586 SUSE bug 1225602 SUSE bug 1225611 SUSE bug 1225681 SUSE bug 1225692 SUSE bug 1225698 SUSE bug 1225699 SUSE bug 1225704 SUSE bug 1225711 SUSE bug 1225714 SUSE bug 1225717 SUSE bug 1225719 SUSE bug 1225726 SUSE bug 1225732 SUSE bug 1225737 SUSE bug 1225744 SUSE bug 1225745 SUSE bug 1225746 SUSE bug 1225749 SUSE bug 1225752 SUSE bug 1225753 SUSE bug 1225757 SUSE bug 1225758 SUSE bug 1225759 SUSE bug 1225760 SUSE bug 1225767 SUSE bug 1225770 SUSE bug 1225815 SUSE bug 1225823 SUSE bug 1225834 SUSE bug 1225838 SUSE bug 1225840 SUSE bug 1225851 SUSE bug 1225866 SUSE bug 1225872 SUSE bug 1225894 SUSE bug 1225903 SUSE bug 1226022 SUSE bug 1226131 SUSE bug 1226145 SUSE bug 1226149 SUSE bug 1226155 SUSE bug 1226202 SUSE bug 1226211 SUSE bug 1226212 SUSE bug 1226226 SUSE bug 1226502 SUSE bug 1226514 SUSE bug 1226519 SUSE bug 1226520 SUSE bug 1226537 SUSE bug 1226538 SUSE bug 1226539 SUSE bug 1226550 SUSE bug 1226551 SUSE bug 1226552 SUSE bug 1226553 SUSE bug 1226554 SUSE bug 1226555 SUSE bug 1226556 SUSE bug 1226557 SUSE bug 1226558 SUSE bug 1226559 SUSE bug 1226561 SUSE bug 1226562 SUSE bug 1226563 SUSE bug 1226564 SUSE bug 1226565 SUSE bug 1226566 SUSE bug 1226567 SUSE bug 1226568 SUSE bug 1226569 SUSE bug 1226570 SUSE bug 1226571 SUSE bug 1226572 SUSE bug 1226574 SUSE bug 1226575 SUSE bug 1226576 SUSE bug 1226577 SUSE bug 1226579 SUSE bug 1226580 SUSE bug 1226581 SUSE bug 1226582 SUSE bug 1226583 SUSE bug 1226585 SUSE bug 1226587 SUSE bug 1226588 SUSE bug 1226593 SUSE bug 1226595 SUSE bug 1226597 SUSE bug 1226601 SUSE bug 1226602 SUSE bug 1226603 SUSE bug 1226607 SUSE bug 1226610 SUSE bug 1226614 SUSE bug 1226616 SUSE bug 1226617 SUSE bug 1226618 SUSE bug 1226619 SUSE bug 1226621 SUSE bug 1226622 SUSE bug 1226624 SUSE bug 1226626 SUSE bug 1226628 SUSE bug 1226629 SUSE bug 1226632 SUSE bug 1226633 SUSE bug 1226634 SUSE bug 1226637 SUSE bug 1226643 SUSE bug 1226644 SUSE bug 1226645 SUSE bug 1226647 SUSE bug 1226650 SUSE bug 1226653 SUSE bug 1226657 SUSE bug 1226658 SUSE bug 1226669 SUSE bug 1226670 SUSE bug 1226672 SUSE bug 1226673 SUSE bug 1226674 SUSE bug 1226675 SUSE bug 1226678 SUSE bug 1226679 SUSE bug 1226683 SUSE bug 1226685 SUSE bug 1226686 SUSE bug 1226690 SUSE bug 1226691 SUSE bug 1226692 SUSE bug 1226693 SUSE bug 1226696 SUSE bug 1226697 SUSE bug 1226698 SUSE bug 1226699 SUSE bug 1226701 SUSE bug 1226702 SUSE bug 1226703 SUSE bug 1226704 SUSE bug 1226705 SUSE bug 1226706 SUSE bug 1226708 SUSE bug 1226709 SUSE bug 1226710 SUSE bug 1226711 SUSE bug 1226712 SUSE bug 1226713 SUSE bug 1226715 SUSE bug 1226716 SUSE bug 1226718 SUSE bug 1226719 SUSE bug 1226720 SUSE bug 1226721 SUSE bug 1226730 SUSE bug 1226732 SUSE bug 1226734 SUSE bug 1226735 SUSE bug 1226737 SUSE bug 1226738 SUSE bug 1226739 SUSE bug 1226740 SUSE bug 1226744 SUSE bug 1226746 SUSE bug 1226747 SUSE bug 1226749 SUSE bug 1226750 SUSE bug 1226754 SUSE bug 1226757 SUSE bug 1226762 SUSE bug 1226764 SUSE bug 1226767 SUSE bug 1226768 SUSE bug 1226769 SUSE bug 1226771 SUSE bug 1226774 SUSE bug 1226775 SUSE bug 1226777 SUSE bug 1226780 SUSE bug 1226781 SUSE bug 1226783 SUSE bug 1226785 SUSE bug 1226786 SUSE bug 1226789 SUSE bug 1226791 SUSE bug 1226834 SUSE bug 1226837 SUSE bug 1226839 SUSE bug 1226840 SUSE bug 1226841 SUSE bug 1226842 SUSE bug 1226848 SUSE bug 1226852 SUSE bug 1226857 SUSE bug 1226861 SUSE bug 1226863 SUSE bug 1226864 SUSE bug 1226867 SUSE bug 1226868 SUSE bug 1226876 SUSE bug 1226878 SUSE bug 1226883 SUSE bug 1226886 SUSE bug 1226890 SUSE bug 1226891 SUSE bug 1226895 SUSE bug 1226908 SUSE bug 1226911 SUSE bug 1226915 SUSE bug 1226928 SUSE bug 1226948 SUSE bug 1226949 SUSE bug 1226950 SUSE bug 1226953 SUSE bug 1226962 SUSE bug 1226976 SUSE bug 1226990 SUSE bug 1226992 SUSE bug 1226993 SUSE bug 1226994 SUSE bug 1226996 SUSE bug 1227066 SUSE bug 1227090 SUSE bug 1227096 SUSE bug 1227101 SUSE bug 1227103 SUSE bug 1227121 SUSE bug 1227157 SUSE bug 1227162 SUSE bug 1227274 SUSE bug 1227362 SUSE bug 1227383 SUSE bug 1227432 SUSE bug 1227435 SUSE bug 1227447 SUSE bug 1227487 SUSE bug 1227573 SUSE bug 1227618 SUSE bug 1227620 SUSE bug 1227626 SUSE bug 1227635 SUSE bug 1227661 SUSE bug 1227716 SUSE bug 1227722 SUSE bug 1227724 SUSE bug 1227725 SUSE bug 1227728 SUSE bug 1227729 SUSE bug 1227730 SUSE bug 1227732 SUSE bug 1227733 SUSE bug 1227750 SUSE bug 1227754 SUSE bug 1227755 SUSE bug 1227760 SUSE bug 1227762 SUSE bug 1227763 SUSE bug 1227764 SUSE bug 1227766 SUSE bug 1227770 SUSE bug 1227771 SUSE bug 1227772 SUSE bug 1227774 SUSE bug 1227779 SUSE bug 1227780 SUSE bug 1227783 SUSE bug 1227786 SUSE bug 1227787 SUSE bug 1227790 SUSE bug 1227792 SUSE bug 1227796 SUSE bug 1227797 SUSE bug 1227798 SUSE bug 1227800 SUSE bug 1227802 SUSE bug 1227806 SUSE bug 1227808 SUSE bug 1227810 SUSE bug 1227812 SUSE bug 1227813 SUSE bug 1227814 SUSE bug 1227816 SUSE bug 1227820 SUSE bug 1227823 SUSE bug 1227824 SUSE bug 1227828 SUSE bug 1227829 SUSE bug 1227836 SUSE bug 1227846 SUSE bug 1227849 SUSE bug 1227851 SUSE bug 1227862 SUSE bug 1227864 SUSE bug 1227865 SUSE bug 1227866 SUSE bug 1227870 SUSE bug 1227884 SUSE bug 1227886 SUSE bug 1227891 SUSE bug 1227893 SUSE bug 1227899 SUSE bug 1227900 SUSE bug 1227910 SUSE bug 1227913 SUSE bug 1227917 SUSE bug 1227919 SUSE bug 1227920 SUSE bug 1227921 SUSE bug 1227922 SUSE bug 1227923 SUSE bug 1227924 SUSE bug 1227925 SUSE bug 1227927 SUSE bug 1227928 SUSE bug 1227931 SUSE bug 1227932 SUSE bug 1227933 SUSE bug 1227935 SUSE bug 1227936 SUSE bug 1227938 SUSE bug 1227941 SUSE bug 1227942 SUSE bug 1227944 SUSE bug 1227945 SUSE bug 1227947 SUSE bug 1227948 SUSE bug 1227949 SUSE bug 1227950 SUSE bug 1227952 SUSE bug 1227953 SUSE bug 1227954 SUSE bug 1227956 SUSE bug 1227957 SUSE bug 1227963 SUSE bug 1227964 SUSE bug 1227965 SUSE bug 1227968 SUSE bug 1227969 SUSE bug 1227970 SUSE bug 1227971 SUSE bug 1227972 SUSE bug 1227975 SUSE bug 1227976 SUSE bug 1227981 SUSE bug 1227982 SUSE bug 1227985 SUSE bug 1227986 SUSE bug 1227987 SUSE bug 1227988 SUSE bug 1227989 SUSE bug 1227990 SUSE bug 1227991 SUSE bug 1227992 SUSE bug 1227993 SUSE bug 1227995 SUSE bug 1227996 SUSE bug 1227997 SUSE bug 1228000 SUSE bug 1228002 SUSE bug 1228003 SUSE bug 1228004 SUSE bug 1228005 SUSE bug 1228006 SUSE bug 1228007 SUSE bug 1228008 SUSE bug 1228009 SUSE bug 1228010 SUSE bug 1228011 SUSE bug 1228013 SUSE bug 1228014 SUSE bug 1228015 SUSE bug 1228019 SUSE bug 1228020 SUSE bug 1228025 SUSE bug 1228028 SUSE bug 1228035 SUSE bug 1228037 SUSE bug 1228038 SUSE bug 1228039 SUSE bug 1228040 SUSE bug 1228045 SUSE bug 1228054 SUSE bug 1228055 SUSE bug 1228056 SUSE bug 1228060 SUSE bug 1228061 SUSE bug 1228062 SUSE bug 1228063 SUSE bug 1228064 SUSE bug 1228066 SUSE bug 1228067 SUSE bug 1228068 SUSE bug 1228071 SUSE bug 1228079 SUSE bug 1228090 SUSE bug 1228114 SUSE bug 1228140 SUSE bug 1228190 SUSE bug 1228191 SUSE bug 1228226 SUSE bug 1228235 SUSE bug 1228247 SUSE bug 1228327 SUSE bug 1228328 SUSE bug 1228330 SUSE bug 1228403 SUSE bug 1228405 SUSE bug 1228408 SUSE bug 1228409 SUSE bug 1228410 SUSE bug 1228418 SUSE bug 1228459 SUSE bug 1228462 SUSE bug 1228470 SUSE bug 1228518 SUSE bug 1228520 SUSE bug 1228530 SUSE bug 1228561 SUSE bug 1228565 SUSE bug 1228580 SUSE bug 1228581 SUSE bug 1228591 SUSE bug 1228599 SUSE bug 1228617 SUSE bug 1228625 SUSE bug 1228626 SUSE bug 1228633 SUSE bug 1228640 SUSE bug 1228644 SUSE bug 1228649 SUSE bug 1228655 SUSE bug 1228665 SUSE bug 1228672 SUSE bug 1228680 SUSE bug 1228705 SUSE bug 1228723 SUSE bug 1228743 SUSE bug 1228756 SUSE bug 1228801 SUSE bug 1228850 SUSE bug 1228857 CVE-2021-4439 at SUSE CVE-2021-4439 at NVD CVE-2021-47086 at SUSE CVE-2021-47086 at NVD CVE-2021-47089 at SUSE CVE-2021-47089 at NVD CVE-2021-47103 at SUSE CVE-2021-47103 at NVD CVE-2021-47186 at SUSE CVE-2021-47186 at NVD CVE-2021-47432 at SUSE CVE-2021-47432 at NVD CVE-2021-47515 at SUSE CVE-2021-47515 at NVD CVE-2021-47534 at SUSE CVE-2021-47534 at NVD CVE-2021-47538 at SUSE CVE-2021-47538 at NVD CVE-2021-47539 at SUSE CVE-2021-47539 at NVD CVE-2021-47546 at SUSE CVE-2021-47546 at NVD CVE-2021-47547 at SUSE CVE-2021-47547 at NVD CVE-2021-47555 at SUSE CVE-2021-47555 at NVD CVE-2021-47566 at SUSE CVE-2021-47566 at NVD CVE-2021-47571 at SUSE CVE-2021-47571 at NVD CVE-2021-47572 at SUSE CVE-2021-47572 at NVD CVE-2021-47576 at SUSE CVE-2021-47576 at NVD CVE-2021-47577 at SUSE CVE-2021-47577 at NVD CVE-2021-47578 at SUSE CVE-2021-47578 at NVD CVE-2021-47580 at SUSE CVE-2021-47580 at NVD CVE-2021-47582 at SUSE CVE-2021-47582 at NVD CVE-2021-47583 at SUSE CVE-2021-47583 at NVD CVE-2021-47584 at SUSE CVE-2021-47584 at NVD CVE-2021-47585 at SUSE CVE-2021-47585 at NVD CVE-2021-47586 at SUSE CVE-2021-47586 at NVD CVE-2021-47587 at SUSE CVE-2021-47587 at NVD CVE-2021-47588 at SUSE CVE-2021-47588 at NVD CVE-2021-47589 at SUSE CVE-2021-47589 at NVD CVE-2021-47590 at SUSE CVE-2021-47590 at NVD CVE-2021-47591 at SUSE CVE-2021-47591 at NVD CVE-2021-47592 at SUSE CVE-2021-47592 at NVD CVE-2021-47593 at SUSE CVE-2021-47593 at NVD CVE-2021-47595 at SUSE CVE-2021-47595 at NVD CVE-2021-47596 at SUSE CVE-2021-47596 at NVD CVE-2021-47597 at SUSE CVE-2021-47597 at NVD CVE-2021-47598 at SUSE CVE-2021-47598 at NVD CVE-2021-47599 at SUSE CVE-2021-47599 at NVD CVE-2021-47600 at SUSE CVE-2021-47600 at NVD CVE-2021-47601 at SUSE CVE-2021-47601 at NVD CVE-2021-47602 at SUSE CVE-2021-47602 at NVD CVE-2021-47603 at SUSE CVE-2021-47603 at NVD CVE-2021-47604 at SUSE CVE-2021-47604 at NVD CVE-2021-47605 at SUSE CVE-2021-47605 at NVD CVE-2021-47606 at SUSE CVE-2021-47606 at NVD CVE-2021-47607 at SUSE CVE-2021-47607 at NVD CVE-2021-47608 at SUSE CVE-2021-47608 at NVD CVE-2021-47609 at SUSE CVE-2021-47609 at NVD CVE-2021-47610 at SUSE CVE-2021-47610 at NVD CVE-2021-47611 at SUSE CVE-2021-47611 at NVD CVE-2021-47612 at SUSE CVE-2021-47612 at NVD CVE-2021-47614 at SUSE CVE-2021-47614 at NVD CVE-2021-47615 at SUSE CVE-2021-47615 at NVD CVE-2021-47616 at SUSE CVE-2021-47616 at NVD CVE-2021-47617 at SUSE CVE-2021-47617 at NVD CVE-2021-47618 at SUSE CVE-2021-47618 at NVD CVE-2021-47619 at SUSE CVE-2021-47619 at NVD CVE-2021-47620 at SUSE CVE-2021-47620 at NVD CVE-2021-47622 at SUSE CVE-2021-47622 at NVD CVE-2021-47623 at SUSE CVE-2021-47623 at NVD CVE-2021-47624 at SUSE CVE-2021-47624 at NVD CVE-2022-48711 at SUSE CVE-2022-48711 at NVD CVE-2022-48712 at SUSE CVE-2022-48712 at NVD CVE-2022-48713 at SUSE CVE-2022-48713 at NVD CVE-2022-48714 at SUSE CVE-2022-48714 at NVD CVE-2022-48715 at SUSE CVE-2022-48715 at NVD CVE-2022-48716 at SUSE CVE-2022-48716 at NVD CVE-2022-48717 at SUSE CVE-2022-48717 at NVD CVE-2022-48718 at SUSE CVE-2022-48718 at NVD CVE-2022-48720 at SUSE CVE-2022-48720 at NVD CVE-2022-48721 at SUSE CVE-2022-48721 at NVD CVE-2022-48722 at SUSE CVE-2022-48722 at NVD CVE-2022-48723 at SUSE CVE-2022-48723 at NVD CVE-2022-48724 at SUSE CVE-2022-48724 at NVD CVE-2022-48725 at SUSE CVE-2022-48725 at NVD CVE-2022-48726 at SUSE CVE-2022-48726 at NVD CVE-2022-48727 at SUSE CVE-2022-48727 at NVD CVE-2022-48728 at SUSE CVE-2022-48728 at NVD CVE-2022-48729 at SUSE CVE-2022-48729 at NVD CVE-2022-48730 at SUSE CVE-2022-48730 at NVD CVE-2022-48732 at SUSE CVE-2022-48732 at NVD CVE-2022-48733 at SUSE CVE-2022-48733 at NVD CVE-2022-48734 at SUSE CVE-2022-48734 at NVD CVE-2022-48735 at SUSE CVE-2022-48735 at NVD CVE-2022-48736 at SUSE CVE-2022-48736 at NVD CVE-2022-48737 at SUSE CVE-2022-48737 at NVD CVE-2022-48738 at SUSE CVE-2022-48738 at NVD CVE-2022-48739 at SUSE CVE-2022-48739 at NVD CVE-2022-48740 at SUSE CVE-2022-48740 at NVD CVE-2022-48743 at SUSE CVE-2022-48743 at NVD CVE-2022-48744 at SUSE CVE-2022-48744 at NVD CVE-2022-48745 at SUSE CVE-2022-48745 at NVD CVE-2022-48746 at SUSE CVE-2022-48746 at NVD CVE-2022-48747 at SUSE CVE-2022-48747 at NVD CVE-2022-48748 at SUSE CVE-2022-48748 at NVD CVE-2022-48749 at SUSE CVE-2022-48749 at NVD CVE-2022-48751 at SUSE CVE-2022-48751 at NVD CVE-2022-48752 at SUSE CVE-2022-48752 at NVD CVE-2022-48753 at SUSE CVE-2022-48753 at NVD CVE-2022-48754 at SUSE CVE-2022-48754 at NVD CVE-2022-48755 at SUSE CVE-2022-48755 at NVD CVE-2022-48756 at SUSE CVE-2022-48756 at NVD CVE-2022-48758 at SUSE CVE-2022-48758 at NVD CVE-2022-48759 at SUSE CVE-2022-48759 at NVD CVE-2022-48760 at SUSE CVE-2022-48760 at NVD CVE-2022-48761 at SUSE CVE-2022-48761 at NVD CVE-2022-48763 at SUSE CVE-2022-48763 at NVD CVE-2022-48765 at SUSE CVE-2022-48765 at NVD CVE-2022-48766 at SUSE CVE-2022-48766 at NVD CVE-2022-48767 at SUSE CVE-2022-48767 at NVD CVE-2022-48768 at SUSE CVE-2022-48768 at NVD CVE-2022-48769 at SUSE CVE-2022-48769 at NVD CVE-2022-48770 at SUSE CVE-2022-48770 at NVD CVE-2022-48771 at SUSE CVE-2022-48771 at NVD CVE-2022-48772 at SUSE CVE-2022-48772 at NVD CVE-2022-48773 at SUSE CVE-2022-48773 at NVD CVE-2022-48774 at SUSE CVE-2022-48774 at NVD CVE-2022-48775 at SUSE CVE-2022-48775 at NVD CVE-2022-48776 at SUSE CVE-2022-48776 at NVD CVE-2022-48777 at SUSE CVE-2022-48777 at NVD CVE-2022-48778 at SUSE CVE-2022-48778 at NVD CVE-2022-48780 at SUSE CVE-2022-48780 at NVD CVE-2022-48783 at SUSE CVE-2022-48783 at NVD CVE-2022-48784 at SUSE CVE-2022-48784 at NVD CVE-2022-48785 at SUSE CVE-2022-48785 at NVD CVE-2022-48786 at SUSE CVE-2022-48786 at NVD CVE-2022-48787 at SUSE CVE-2022-48787 at NVD CVE-2022-48788 at SUSE CVE-2022-48788 at NVD CVE-2022-48789 at SUSE CVE-2022-48789 at NVD CVE-2022-48790 at SUSE CVE-2022-48790 at NVD CVE-2022-48791 at SUSE CVE-2022-48791 at NVD CVE-2022-48792 at SUSE CVE-2022-48792 at NVD CVE-2022-48793 at SUSE CVE-2022-48793 at NVD CVE-2022-48794 at SUSE CVE-2022-48794 at NVD CVE-2022-48796 at SUSE CVE-2022-48796 at NVD CVE-2022-48797 at SUSE CVE-2022-48797 at NVD CVE-2022-48798 at SUSE CVE-2022-48798 at NVD CVE-2022-48799 at SUSE CVE-2022-48799 at NVD CVE-2022-48800 at SUSE CVE-2022-48800 at NVD CVE-2022-48801 at SUSE CVE-2022-48801 at NVD CVE-2022-48802 at SUSE CVE-2022-48802 at NVD CVE-2022-48803 at SUSE CVE-2022-48803 at NVD CVE-2022-48804 at SUSE CVE-2022-48804 at NVD CVE-2022-48805 at SUSE CVE-2022-48805 at NVD CVE-2022-48806 at SUSE CVE-2022-48806 at NVD CVE-2022-48807 at SUSE CVE-2022-48807 at NVD CVE-2022-48809 at SUSE CVE-2022-48809 at NVD CVE-2022-48810 at SUSE CVE-2022-48810 at NVD CVE-2022-48811 at SUSE CVE-2022-48811 at NVD CVE-2022-48812 at SUSE CVE-2022-48812 at NVD CVE-2022-48813 at SUSE CVE-2022-48813 at NVD CVE-2022-48814 at SUSE CVE-2022-48814 at NVD CVE-2022-48815 at SUSE CVE-2022-48815 at NVD CVE-2022-48816 at SUSE CVE-2022-48816 at NVD CVE-2022-48817 at SUSE CVE-2022-48817 at NVD CVE-2022-48818 at SUSE CVE-2022-48818 at NVD CVE-2022-48820 at SUSE CVE-2022-48820 at NVD CVE-2022-48821 at SUSE CVE-2022-48821 at NVD CVE-2022-48822 at SUSE CVE-2022-48822 at NVD CVE-2022-48823 at SUSE CVE-2022-48823 at NVD CVE-2022-48824 at SUSE CVE-2022-48824 at NVD CVE-2022-48825 at SUSE CVE-2022-48825 at NVD CVE-2022-48826 at SUSE CVE-2022-48826 at NVD CVE-2022-48827 at SUSE CVE-2022-48827 at NVD CVE-2022-48828 at SUSE CVE-2022-48828 at NVD CVE-2022-48829 at SUSE CVE-2022-48829 at NVD CVE-2022-48830 at SUSE CVE-2022-48830 at NVD CVE-2022-48831 at SUSE CVE-2022-48831 at NVD CVE-2022-48834 at SUSE CVE-2022-48834 at NVD CVE-2022-48835 at SUSE CVE-2022-48835 at NVD CVE-2022-48836 at SUSE CVE-2022-48836 at NVD CVE-2022-48837 at SUSE CVE-2022-48837 at NVD CVE-2022-48838 at SUSE CVE-2022-48838 at NVD CVE-2022-48839 at SUSE CVE-2022-48839 at NVD CVE-2022-48840 at SUSE CVE-2022-48840 at NVD CVE-2022-48841 at SUSE CVE-2022-48841 at NVD CVE-2022-48842 at SUSE CVE-2022-48842 at NVD CVE-2022-48843 at SUSE CVE-2022-48843 at NVD CVE-2022-48844 at SUSE CVE-2022-48844 at NVD CVE-2022-48846 at SUSE CVE-2022-48846 at NVD CVE-2022-48847 at SUSE CVE-2022-48847 at NVD CVE-2022-48849 at SUSE CVE-2022-48849 at NVD CVE-2022-48850 at SUSE CVE-2022-48850 at NVD CVE-2022-48851 at SUSE CVE-2022-48851 at NVD CVE-2022-48852 at SUSE CVE-2022-48852 at NVD CVE-2022-48853 at SUSE CVE-2022-48853 at NVD CVE-2022-48855 at SUSE CVE-2022-48855 at NVD CVE-2022-48856 at SUSE CVE-2022-48856 at NVD CVE-2022-48857 at SUSE CVE-2022-48857 at NVD CVE-2022-48858 at SUSE CVE-2022-48858 at NVD CVE-2022-48859 at SUSE CVE-2022-48859 at NVD CVE-2022-48860 at SUSE CVE-2022-48860 at NVD CVE-2022-48861 at SUSE CVE-2022-48861 at NVD CVE-2022-48862 at SUSE CVE-2022-48862 at NVD CVE-2022-48863 at SUSE CVE-2022-48863 at NVD CVE-2022-48864 at SUSE CVE-2022-48864 at NVD CVE-2022-48866 at SUSE CVE-2022-48866 at NVD CVE-2023-24023 at SUSE CVE-2023-24023 at NVD CVE-2023-52435 at SUSE CVE-2023-52435 at NVD CVE-2023-52573 at SUSE CVE-2023-52573 at NVD CVE-2023-52580 at SUSE CVE-2023-52580 at NVD CVE-2023-52622 at SUSE CVE-2023-52622 at NVD CVE-2023-52658 at SUSE CVE-2023-52658 at NVD CVE-2023-52667 at SUSE CVE-2023-52667 at NVD CVE-2023-52670 at SUSE CVE-2023-52670 at NVD CVE-2023-52672 at SUSE CVE-2023-52672 at NVD CVE-2023-52675 at SUSE CVE-2023-52675 at NVD CVE-2023-52735 at SUSE CVE-2023-52735 at NVD CVE-2023-52737 at SUSE CVE-2023-52737 at NVD CVE-2023-52751 at SUSE CVE-2023-52751 at NVD CVE-2023-52752 at SUSE CVE-2023-52752 at NVD CVE-2023-52762 at SUSE CVE-2023-52762 at NVD CVE-2023-52766 at SUSE CVE-2023-52766 at NVD CVE-2023-52775 at SUSE CVE-2023-52775 at NVD CVE-2023-52784 at SUSE CVE-2023-52784 at NVD CVE-2023-52787 at SUSE CVE-2023-52787 at NVD CVE-2023-52800 at SUSE CVE-2023-52800 at NVD CVE-2023-52812 at SUSE CVE-2023-52812 at NVD CVE-2023-52835 at SUSE CVE-2023-52835 at NVD CVE-2023-52837 at SUSE CVE-2023-52837 at NVD CVE-2023-52843 at SUSE CVE-2023-52843 at NVD CVE-2023-52845 at SUSE CVE-2023-52845 at NVD CVE-2023-52846 at SUSE CVE-2023-52846 at NVD CVE-2023-52857 at SUSE CVE-2023-52857 at NVD CVE-2023-52863 at SUSE CVE-2023-52863 at NVD CVE-2023-52869 at SUSE CVE-2023-52869 at NVD CVE-2023-52881 at SUSE CVE-2023-52881 at NVD CVE-2023-52882 at SUSE CVE-2023-52882 at NVD CVE-2023-52884 at SUSE CVE-2023-52884 at NVD CVE-2023-52885 at SUSE CVE-2023-52885 at NVD CVE-2023-52886 at SUSE CVE-2023-52886 at NVD CVE-2024-25741 at SUSE CVE-2024-25741 at NVD CVE-2024-26583 at SUSE CVE-2024-26583 at NVD CVE-2024-26584 at SUSE CVE-2024-26584 at NVD CVE-2024-26615 at SUSE CVE-2024-26615 at NVD CVE-2024-26625 at SUSE CVE-2024-26625 at NVD CVE-2024-26633 at SUSE CVE-2024-26633 at NVD CVE-2024-26635 at SUSE CVE-2024-26635 at NVD CVE-2024-26636 at SUSE CVE-2024-26636 at NVD CVE-2024-26641 at SUSE CVE-2024-26641 at NVD CVE-2024-26644 at SUSE CVE-2024-26644 at NVD CVE-2024-26661 at SUSE CVE-2024-26661 at NVD CVE-2024-26663 at SUSE CVE-2024-26663 at NVD CVE-2024-26665 at SUSE CVE-2024-26665 at NVD CVE-2024-26720 at SUSE CVE-2024-26720 at NVD CVE-2024-26800 at SUSE CVE-2024-26800 at NVD CVE-2024-26802 at SUSE CVE-2024-26802 at NVD CVE-2024-26813 at SUSE CVE-2024-26813 at NVD CVE-2024-26814 at SUSE CVE-2024-26814 at NVD CVE-2024-26842 at SUSE CVE-2024-26842 at NVD CVE-2024-26845 at SUSE CVE-2024-26845 at NVD CVE-2024-26863 at SUSE CVE-2024-26863 at NVD CVE-2024-26923 at SUSE CVE-2024-26923 at NVD CVE-2024-26935 at SUSE CVE-2024-26935 at NVD CVE-2024-26961 at SUSE CVE-2024-26961 at NVD CVE-2024-26973 at SUSE CVE-2024-26973 at NVD CVE-2024-26976 at SUSE CVE-2024-26976 at NVD CVE-2024-27015 at SUSE CVE-2024-27015 at NVD CVE-2024-27019 at SUSE CVE-2024-27019 at NVD CVE-2024-27020 at SUSE CVE-2024-27020 at NVD CVE-2024-27025 at SUSE CVE-2024-27025 at NVD CVE-2024-27065 at SUSE CVE-2024-27065 at NVD CVE-2024-27402 at SUSE CVE-2024-27402 at NVD CVE-2024-27432 at SUSE CVE-2024-27432 at NVD CVE-2024-27437 at SUSE CVE-2024-27437 at NVD CVE-2024-33619 at SUSE CVE-2024-33619 at NVD CVE-2024-35247 at SUSE CVE-2024-35247 at NVD CVE-2024-35789 at SUSE CVE-2024-35789 at NVD CVE-2024-35790 at SUSE CVE-2024-35790 at NVD CVE-2024-35805 at SUSE CVE-2024-35805 at NVD CVE-2024-35807 at SUSE CVE-2024-35807 at NVD CVE-2024-35814 at SUSE CVE-2024-35814 at NVD CVE-2024-35819 at SUSE CVE-2024-35819 at NVD CVE-2024-35835 at SUSE CVE-2024-35835 at NVD CVE-2024-35837 at SUSE CVE-2024-35837 at NVD CVE-2024-35848 at SUSE CVE-2024-35848 at NVD CVE-2024-35853 at SUSE CVE-2024-35853 at NVD CVE-2024-35855 at SUSE CVE-2024-35855 at NVD CVE-2024-35857 at SUSE CVE-2024-35857 at NVD CVE-2024-35861 at SUSE CVE-2024-35861 at NVD CVE-2024-35862 at SUSE CVE-2024-35862 at NVD CVE-2024-35864 at SUSE CVE-2024-35864 at NVD CVE-2024-35869 at SUSE CVE-2024-35869 at NVD CVE-2024-35878 at SUSE CVE-2024-35878 at NVD CVE-2024-35884 at SUSE CVE-2024-35884 at NVD CVE-2024-35886 at SUSE CVE-2024-35886 at NVD CVE-2024-35889 at SUSE CVE-2024-35889 at NVD CVE-2024-35890 at SUSE CVE-2024-35890 at NVD CVE-2024-35893 at SUSE CVE-2024-35893 at NVD CVE-2024-35896 at SUSE CVE-2024-35896 at NVD CVE-2024-35898 at SUSE CVE-2024-35898 at NVD CVE-2024-35899 at SUSE CVE-2024-35899 at NVD CVE-2024-35900 at SUSE CVE-2024-35900 at NVD CVE-2024-35905 at SUSE CVE-2024-35905 at NVD CVE-2024-35925 at SUSE CVE-2024-35925 at NVD CVE-2024-35934 at SUSE CVE-2024-35934 at NVD CVE-2024-35949 at SUSE CVE-2024-35949 at NVD CVE-2024-35950 at SUSE CVE-2024-35950 at NVD CVE-2024-35956 at SUSE CVE-2024-35956 at NVD CVE-2024-35958 at SUSE CVE-2024-35958 at NVD CVE-2024-35960 at SUSE CVE-2024-35960 at NVD CVE-2024-35961 at SUSE CVE-2024-35961 at NVD CVE-2024-35962 at SUSE CVE-2024-35962 at NVD CVE-2024-35979 at SUSE CVE-2024-35979 at NVD CVE-2024-35995 at SUSE CVE-2024-35995 at NVD CVE-2024-35997 at SUSE CVE-2024-35997 at NVD CVE-2024-36000 at SUSE CVE-2024-36000 at NVD CVE-2024-36004 at SUSE CVE-2024-36004 at NVD CVE-2024-36005 at SUSE CVE-2024-36005 at NVD CVE-2024-36008 at SUSE CVE-2024-36008 at NVD CVE-2024-36017 at SUSE CVE-2024-36017 at NVD CVE-2024-36020 at SUSE CVE-2024-36020 at NVD CVE-2024-36021 at SUSE CVE-2024-36021 at NVD CVE-2024-36025 at SUSE CVE-2024-36025 at NVD CVE-2024-36288 at SUSE CVE-2024-36288 at NVD CVE-2024-36477 at SUSE CVE-2024-36477 at NVD CVE-2024-36478 at SUSE CVE-2024-36478 at NVD CVE-2024-36479 at SUSE CVE-2024-36479 at NVD CVE-2024-36889 at SUSE CVE-2024-36889 at NVD CVE-2024-36890 at SUSE CVE-2024-36890 at NVD CVE-2024-36894 at SUSE CVE-2024-36894 at NVD CVE-2024-36899 at SUSE CVE-2024-36899 at NVD CVE-2024-36900 at SUSE CVE-2024-36900 at NVD CVE-2024-36901 at SUSE CVE-2024-36901 at NVD CVE-2024-36902 at SUSE CVE-2024-36902 at NVD CVE-2024-36904 at SUSE CVE-2024-36904 at NVD CVE-2024-36909 at SUSE CVE-2024-36909 at NVD CVE-2024-36910 at SUSE CVE-2024-36910 at NVD CVE-2024-36911 at SUSE CVE-2024-36911 at NVD CVE-2024-36912 at SUSE CVE-2024-36912 at NVD CVE-2024-36913 at SUSE CVE-2024-36913 at NVD CVE-2024-36914 at SUSE CVE-2024-36914 at NVD CVE-2024-36915 at SUSE CVE-2024-36915 at NVD CVE-2024-36916 at SUSE CVE-2024-36916 at NVD CVE-2024-36917 at SUSE CVE-2024-36917 at NVD CVE-2024-36919 at SUSE CVE-2024-36919 at NVD CVE-2024-36923 at SUSE CVE-2024-36923 at NVD CVE-2024-36934 at SUSE CVE-2024-36934 at NVD CVE-2024-36937 at SUSE CVE-2024-36937 at NVD CVE-2024-36939 at SUSE CVE-2024-36939 at NVD CVE-2024-36940 at SUSE CVE-2024-36940 at NVD CVE-2024-36945 at SUSE CVE-2024-36945 at NVD CVE-2024-36946 at SUSE CVE-2024-36946 at NVD CVE-2024-36949 at SUSE CVE-2024-36949 at NVD CVE-2024-36960 at SUSE CVE-2024-36960 at NVD CVE-2024-36964 at SUSE CVE-2024-36964 at NVD CVE-2024-36965 at SUSE CVE-2024-36965 at NVD CVE-2024-36967 at SUSE CVE-2024-36967 at NVD CVE-2024-36969 at SUSE CVE-2024-36969 at NVD CVE-2024-36971 at SUSE CVE-2024-36971 at NVD CVE-2024-36974 at SUSE CVE-2024-36974 at NVD CVE-2024-36975 at SUSE CVE-2024-36975 at NVD CVE-2024-36978 at SUSE CVE-2024-36978 at NVD CVE-2024-37021 at SUSE CVE-2024-37021 at NVD CVE-2024-37078 at SUSE CVE-2024-37078 at NVD CVE-2024-37354 at SUSE CVE-2024-37354 at NVD CVE-2024-38381 at SUSE CVE-2024-38381 at NVD CVE-2024-38388 at SUSE CVE-2024-38388 at NVD CVE-2024-38390 at SUSE CVE-2024-38390 at NVD CVE-2024-38540 at SUSE CVE-2024-38540 at NVD CVE-2024-38541 at SUSE CVE-2024-38541 at NVD CVE-2024-38544 at SUSE CVE-2024-38544 at NVD CVE-2024-38545 at SUSE CVE-2024-38545 at NVD CVE-2024-38546 at SUSE CVE-2024-38546 at NVD CVE-2024-38547 at SUSE CVE-2024-38547 at NVD CVE-2024-38548 at SUSE CVE-2024-38548 at NVD CVE-2024-38549 at SUSE CVE-2024-38549 at NVD CVE-2024-38550 at SUSE CVE-2024-38550 at NVD CVE-2024-38552 at SUSE CVE-2024-38552 at NVD CVE-2024-38553 at SUSE CVE-2024-38553 at NVD CVE-2024-38555 at SUSE CVE-2024-38555 at NVD CVE-2024-38556 at SUSE CVE-2024-38556 at NVD CVE-2024-38557 at SUSE CVE-2024-38557 at NVD CVE-2024-38558 at SUSE CVE-2024-38558 at NVD CVE-2024-38559 at SUSE CVE-2024-38559 at NVD CVE-2024-38560 at SUSE CVE-2024-38560 at NVD CVE-2024-38564 at SUSE CVE-2024-38564 at NVD CVE-2024-38565 at SUSE CVE-2024-38565 at NVD CVE-2024-38567 at SUSE CVE-2024-38567 at NVD CVE-2024-38568 at SUSE CVE-2024-38568 at NVD CVE-2024-38570 at SUSE CVE-2024-38570 at NVD CVE-2024-38571 at SUSE CVE-2024-38571 at NVD CVE-2024-38573 at SUSE CVE-2024-38573 at NVD CVE-2024-38578 at SUSE CVE-2024-38578 at NVD CVE-2024-38579 at SUSE CVE-2024-38579 at NVD CVE-2024-38580 at SUSE CVE-2024-38580 at NVD CVE-2024-38581 at SUSE CVE-2024-38581 at NVD CVE-2024-38582 at SUSE CVE-2024-38582 at NVD CVE-2024-38583 at SUSE CVE-2024-38583 at NVD CVE-2024-38586 at SUSE CVE-2024-38586 at NVD CVE-2024-38587 at SUSE CVE-2024-38587 at NVD CVE-2024-38588 at SUSE CVE-2024-38588 at NVD CVE-2024-38590 at SUSE CVE-2024-38590 at NVD CVE-2024-38591 at SUSE CVE-2024-38591 at NVD CVE-2024-38594 at SUSE CVE-2024-38594 at NVD CVE-2024-38597 at SUSE CVE-2024-38597 at NVD CVE-2024-38598 at SUSE CVE-2024-38598 at NVD CVE-2024-38599 at SUSE CVE-2024-38599 at NVD CVE-2024-38600 at SUSE CVE-2024-38600 at NVD CVE-2024-38601 at SUSE CVE-2024-38601 at NVD CVE-2024-38603 at SUSE CVE-2024-38603 at NVD CVE-2024-38605 at SUSE CVE-2024-38605 at NVD CVE-2024-38608 at SUSE CVE-2024-38608 at NVD CVE-2024-38616 at SUSE CVE-2024-38616 at NVD CVE-2024-38618 at SUSE CVE-2024-38618 at NVD CVE-2024-38619 at SUSE CVE-2024-38619 at NVD CVE-2024-38621 at SUSE CVE-2024-38621 at NVD CVE-2024-38627 at SUSE CVE-2024-38627 at NVD CVE-2024-38628 at SUSE CVE-2024-38628 at NVD CVE-2024-38630 at SUSE CVE-2024-38630 at NVD CVE-2024-38633 at SUSE CVE-2024-38633 at NVD CVE-2024-38634 at SUSE CVE-2024-38634 at NVD CVE-2024-38635 at SUSE CVE-2024-38635 at NVD CVE-2024-38659 at SUSE CVE-2024-38659 at NVD CVE-2024-38661 at SUSE CVE-2024-38661 at NVD CVE-2024-38780 at SUSE CVE-2024-38780 at NVD CVE-2024-39276 at SUSE CVE-2024-39276 at NVD CVE-2024-39301 at SUSE CVE-2024-39301 at NVD CVE-2024-39371 at SUSE CVE-2024-39371 at NVD CVE-2024-39463 at SUSE CVE-2024-39463 at NVD CVE-2024-39468 at SUSE CVE-2024-39468 at NVD CVE-2024-39469 at SUSE CVE-2024-39469 at NVD CVE-2024-39471 at SUSE CVE-2024-39471 at NVD CVE-2024-39472 at SUSE CVE-2024-39472 at NVD CVE-2024-39475 at SUSE CVE-2024-39475 at NVD CVE-2024-39482 at SUSE CVE-2024-39482 at NVD CVE-2024-39487 at SUSE CVE-2024-39487 at NVD CVE-2024-39488 at SUSE CVE-2024-39488 at NVD CVE-2024-39490 at SUSE CVE-2024-39490 at NVD CVE-2024-39493 at SUSE CVE-2024-39493 at NVD CVE-2024-39494 at SUSE CVE-2024-39494 at NVD CVE-2024-39497 at SUSE CVE-2024-39497 at NVD CVE-2024-39499 at SUSE CVE-2024-39499 at NVD CVE-2024-39500 at SUSE CVE-2024-39500 at NVD CVE-2024-39501 at SUSE CVE-2024-39501 at NVD CVE-2024-39502 at SUSE CVE-2024-39502 at NVD CVE-2024-39505 at SUSE CVE-2024-39505 at NVD CVE-2024-39506 at SUSE CVE-2024-39506 at NVD CVE-2024-39507 at SUSE CVE-2024-39507 at NVD CVE-2024-39508 at SUSE CVE-2024-39508 at NVD CVE-2024-39509 at SUSE CVE-2024-39509 at NVD CVE-2024-40900 at SUSE CVE-2024-40900 at NVD CVE-2024-40901 at SUSE CVE-2024-40901 at NVD CVE-2024-40902 at SUSE CVE-2024-40902 at NVD CVE-2024-40903 at SUSE CVE-2024-40903 at NVD CVE-2024-40904 at SUSE CVE-2024-40904 at NVD CVE-2024-40906 at SUSE CVE-2024-40906 at NVD CVE-2024-40908 at SUSE CVE-2024-40908 at NVD CVE-2024-40909 at SUSE CVE-2024-40909 at NVD CVE-2024-40911 at SUSE CVE-2024-40911 at NVD CVE-2024-40912 at SUSE CVE-2024-40912 at NVD CVE-2024-40916 at SUSE CVE-2024-40916 at NVD CVE-2024-40919 at SUSE CVE-2024-40919 at NVD CVE-2024-40923 at SUSE CVE-2024-40923 at NVD CVE-2024-40924 at SUSE CVE-2024-40924 at NVD CVE-2024-40927 at SUSE CVE-2024-40927 at NVD CVE-2024-40929 at SUSE CVE-2024-40929 at NVD CVE-2024-40931 at SUSE CVE-2024-40931 at NVD CVE-2024-40932 at SUSE CVE-2024-40932 at NVD CVE-2024-40934 at SUSE CVE-2024-40934 at NVD CVE-2024-40935 at SUSE CVE-2024-40935 at NVD CVE-2024-40937 at SUSE CVE-2024-40937 at NVD CVE-2024-40940 at SUSE CVE-2024-40940 at NVD CVE-2024-40941 at SUSE CVE-2024-40941 at NVD CVE-2024-40942 at SUSE CVE-2024-40942 at NVD CVE-2024-40943 at SUSE CVE-2024-40943 at NVD CVE-2024-40945 at SUSE CVE-2024-40945 at NVD CVE-2024-40953 at SUSE CVE-2024-40953 at NVD CVE-2024-40954 at SUSE CVE-2024-40954 at NVD CVE-2024-40956 at SUSE CVE-2024-40956 at NVD CVE-2024-40958 at SUSE CVE-2024-40958 at NVD CVE-2024-40959 at SUSE CVE-2024-40959 at NVD CVE-2024-40960 at SUSE CVE-2024-40960 at NVD CVE-2024-40961 at SUSE CVE-2024-40961 at NVD CVE-2024-40966 at SUSE CVE-2024-40966 at NVD CVE-2024-40967 at SUSE CVE-2024-40967 at NVD CVE-2024-40970 at SUSE CVE-2024-40970 at NVD CVE-2024-40972 at SUSE CVE-2024-40972 at NVD CVE-2024-40976 at SUSE CVE-2024-40976 at NVD CVE-2024-40977 at SUSE CVE-2024-40977 at NVD CVE-2024-40981 at SUSE CVE-2024-40981 at NVD CVE-2024-40982 at SUSE CVE-2024-40982 at NVD CVE-2024-40984 at SUSE CVE-2024-40984 at NVD CVE-2024-40987 at SUSE CVE-2024-40987 at NVD CVE-2024-40988 at SUSE CVE-2024-40988 at NVD CVE-2024-40989 at SUSE CVE-2024-40989 at NVD CVE-2024-40990 at SUSE CVE-2024-40990 at NVD CVE-2024-40994 at SUSE CVE-2024-40994 at NVD CVE-2024-40998 at SUSE CVE-2024-40998 at NVD CVE-2024-40999 at SUSE CVE-2024-40999 at NVD CVE-2024-41002 at SUSE CVE-2024-41002 at NVD CVE-2024-41004 at SUSE CVE-2024-41004 at NVD CVE-2024-41006 at SUSE CVE-2024-41006 at NVD CVE-2024-41009 at SUSE CVE-2024-41009 at NVD CVE-2024-41011 at SUSE CVE-2024-41011 at NVD CVE-2024-41012 at SUSE CVE-2024-41012 at NVD CVE-2024-41013 at SUSE CVE-2024-41013 at NVD CVE-2024-41014 at SUSE CVE-2024-41014 at NVD CVE-2024-41015 at SUSE CVE-2024-41015 at NVD CVE-2024-41016 at SUSE CVE-2024-41016 at NVD CVE-2024-41017 at SUSE CVE-2024-41017 at NVD CVE-2024-41040 at SUSE CVE-2024-41040 at NVD CVE-2024-41041 at SUSE CVE-2024-41041 at NVD CVE-2024-41044 at SUSE CVE-2024-41044 at NVD CVE-2024-41048 at SUSE CVE-2024-41048 at NVD CVE-2024-41057 at SUSE CVE-2024-41057 at NVD CVE-2024-41058 at SUSE CVE-2024-41058 at NVD CVE-2024-41059 at SUSE CVE-2024-41059 at NVD CVE-2024-41063 at SUSE CVE-2024-41063 at NVD CVE-2024-41064 at SUSE CVE-2024-41064 at NVD CVE-2024-41066 at SUSE CVE-2024-41066 at NVD CVE-2024-41069 at SUSE CVE-2024-41069 at NVD CVE-2024-41070 at SUSE CVE-2024-41070 at NVD CVE-2024-41071 at SUSE CVE-2024-41071 at NVD CVE-2024-41072 at SUSE CVE-2024-41072 at NVD CVE-2024-41076 at SUSE CVE-2024-41076 at NVD CVE-2024-41078 at SUSE CVE-2024-41078 at NVD CVE-2024-41081 at SUSE CVE-2024-41081 at NVD CVE-2024-41087 at SUSE CVE-2024-41087 at NVD CVE-2024-41090 at SUSE CVE-2024-41090 at NVD CVE-2024-41091 at SUSE CVE-2024-41091 at NVD CVE-2024-42070 at SUSE CVE-2024-42070 at NVD CVE-2024-42079 at SUSE CVE-2024-42079 at NVD CVE-2024-42093 at SUSE CVE-2024-42093 at NVD CVE-2024-42096 at SUSE CVE-2024-42096 at NVD CVE-2024-42105 at SUSE CVE-2024-42105 at NVD CVE-2024-42122 at SUSE CVE-2024-42122 at NVD CVE-2024-42124 at SUSE CVE-2024-42124 at NVD CVE-2024-42145 at SUSE CVE-2024-42145 at NVD CVE-2024-42161 at SUSE CVE-2024-42161 at NVD CVE-2024-42224 at SUSE CVE-2024-42224 at NVD CVE-2024-42230 at SUSE CVE-2024-42230 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Important) SUSE Linux Enterprise Micro 5.5 This update for runc fixes the following issues: Update to runc v1.1.11: - CVE-2024-21626: Fixed container breakout. (bsc#1218894) Important SUSE bug 1218894 CVE-2024-21626 at SUSE CVE-2024-21626 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cpio (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cpio fixes the following issues: - Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238) Moderate SUSE bug 1218571 SUSE bug 1219238 CVE-2023-7207 at SUSE CVE-2023-7207 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3-setuptools (Important) SUSE Linux Enterprise Micro 5.5 This update for python3-setuptools fixes the following issues: - CVE-2024-6345: Fixed code execution via download functions in the package_index module (bsc#1228105) Important SUSE bug 1228105 CVE-2024-6345 at SUSE CVE-2024-6345 at NVD cpe:/o:suse:sle-micro:5.5 Security update for unbound (Low) SUSE Linux Enterprise Micro 5.5 This update for unbound fixes the following issues: - CVE-2024-43167: Fix null pointer dereference issue in function ub_ctx_set_fwd (bsc#1229068) Low SUSE bug 1229068 CVE-2024-43167 at SUSE CVE-2024-43167 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460, bsc#1228574) - CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461, bsc#1228575) Other fixes: - Update to Xen 4.17.5 security bug fix release (bsc#1027519) Important SUSE bug 1027519 SUSE bug 1228574 SUSE bug 1228575 CVE-2024-31145 at SUSE CVE-2024-31145 at NVD CVE-2024-31146 at SUSE CVE-2024-31146 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command (bsc#1227322) Important SUSE bug 1227322 CVE-2024-4467 at SUSE CVE-2024-4467 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) Moderate SUSE bug 1228535 CVE-2024-7264 at SUSE CVE-2024-7264 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kernel-firmware (Important) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware fixes the following issues: - CVE-2023-31315: Fixed validation in a model specific register (MSR) that lead to modification of SMM configuration by malicious program with ring0 access (bsc#1229069) Important SUSE bug 1229069 CVE-2023-31315 at SUSE CVE-2023-31315 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Low) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044). Low SUSE bug 1224044 CVE-2024-34397 at SUSE CVE-2024-34397 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20240813 release (bsc#1229129) - CVE-2024-24853: Security updates for [INTEL-SA-01083](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html) - CVE-2024-25939: Security updates for [INTEL-SA-01118](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html) - CVE-2024-24980: Security updates for [INTEL-SA-01100](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html) - CVE-2023-42667: Security updates for [INTEL-SA-01038](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html) - CVE-2023-49141: Security updates for [INTEL-SA-01046](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html) Other issues fixed: - Update for functional issues. Refer to [Intel Core Ultra Processor](https://cdrdv2.intel.com/v1/dl/getContent/792254) for details. - Update for functional issues. Refer to [3rd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780) for details. - Update for functional issues. Refer to [3rd Generation Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634897) for details. - Update for functional issues. Refer to [2nd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details - Update for functional issues. Refer to [Intel Xeon D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details. - Update for functional issues. Refer to [Intel Xeon E-2300 Processor Specification Update ](https://cdrdv2.intel.com/v1/dl/getContent/709192) for details. - Update for functional issues. Refer to [13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details. - Update for functional issues. Refer to [12th Generation Intel Core Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details. - Update for functional issues. Refer to [11th Gen Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details. - Update for functional issues. Refer to [10th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/615213) for details. - Update for functional issues. Refer to [8th and 9th Generation Intel Core Processor Family Spec Update](https://cdrdv2.intel.com/v1/dl/getContent/337346) for details. - Update for functional issues. Refer to [8th Generation Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338025) for details. - Update for functional issues. Refer to [7th and 8th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/334663) for details. - Update for functional issues. Refer to [Intel Processors and Intel Core i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details. - Update for functional issues. Refer to [Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications](https://cdrdv2.intel.com/v1/dl/getContent/636674) for details. Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | AML-Y22 | H0 | 06-8e-09/10 | 000000f4 | 000000f6 | Core Gen8 Mobile | AML-Y42 | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen10 Mobile | CFL-H | R0 | 06-9e-0d/22 | 000000fc | 00000100 | Core Gen9 Mobile | CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9 | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000f6 | 000000f8 | Core Gen8 Desktop, Mobile, Xeon E | CFL-S | B0 | 06-9e-0b/02 | 000000f4 | 000000f6 | Core Gen8 | CFL-S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9 Desktop | CFL-U43e | D0 | 06-8e-0a/c0 | 000000f4 | 000000f6 | Core Gen8 Mobile | CLX-SP | B1 | 06-55-07/bf | 05003605 | 05003707 | Xeon Scalable Gen2 | CML-H | R1 | 06-a5-02/20 | 000000fa | 000000fc | Core Gen10 Mobile | CML-S102 | Q0 | 06-a5-05/22 | 000000fa | 000000fc | Core Gen10 | CML-S62 | G1 | 06-a5-03/22 | 000000fa | 000000fc | Core Gen10 | CML-U42 | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen10 Mobile | CML-U62 V1 | A0 | 06-a6-00/80 | 000000fa | 000000fe | Core Gen10 Mobile | CML-U62 V2 | K1 | 06-a6-01/80 | 000000fa | 000000fc | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen10 Mobile | CPX-SP | A1 | 06-55-0b/bf | 07002802 | 07002904 | Xeon Scalable Gen3 | EHL | B1 | 06-96-01/01 | 00000019 | 0000001a | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E | ICL-D | B0 | 06-6c-01/10 | 01000290 | 010002b0 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000c4 | 000000c6 | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003d1 | 0d0003e7 | Xeon Scalable Gen3 | KBL-R U | Y0 | 06-8e-0a/c0 | 000000f4 | 000000f6 | Core Gen8 Mobile | KBL-U23e | J1 | 06-8e-09/c0 | 000000f4 | 000000f6 | Core Gen7 Mobile | KBL-U/Y | H0 | 06-8e-09/c0 | 000000f4 | 000000f6 | Core Gen7 Mobile | MTL | C-0 | 06-aa-04/e6 | 0000001c | 0000001e | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 0000005e | 00000062 | Core Gen11 | TGL | B0/B1 | 06-8c-01/80 | 000000b6 | 000000b8 | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000050 | 00000052 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 00000036 | 00000038 | Core Gen11 Mobile | WHL-U | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen8 Mobile | WHL-U | W0 | 06-8e-0b/d0 | 000000f4 | 000000f6 | Core Gen8 Mobile - update to 20240531: * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | GLK | B0 | 06-7a-01/01 | 00000040 | 00000042 | Pentium Silver N/J5xxx, Celeron N/J4xxx Important SUSE bug 1229129 CVE-2023-42667 at SUSE CVE-2023-42667 at NVD CVE-2023-49141 at SUSE CVE-2023-49141 at NVD CVE-2024-24853 at SUSE CVE-2024-24853 at NVD CVE-2024-24980 at SUSE CVE-2024-24980 at NVD CVE-2024-25939 at SUSE CVE-2024-25939 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2024-7006: Fixed null pointer dereference in tif_dirinfo.c (bsc#1228924) Moderate SUSE bug 1228924 CVE-2024-7006 at SUSE CVE-2024-7006 at NVD cpe:/o:suse:sle-micro:5.5 Security update for buildah, docker (Critical) SUSE Linux Enterprise Micro 5.5 This update for buildah, docker fixes the following issues: Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267) - CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268) - CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438) - CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324) Other fixes: - Update to Docker 25.0.6-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/25.0/#2506> - Update to Docker 25.0.5-ce (bsc#1223409) - Fix BuildKit's symlink resolution logic to correctly handle non-lexical symlinks. (bsc#1221916) - Write volume options atomically so sudden system crashes won't result in future Docker starts failing due to empty files. (bsc#1214855) Changes in buildah: - Update to version 1.35.4: * [release-1.35] Bump to Buildah v1.35.4 * [release-1.35] CVE-2024-3727 updates (bsc#1224117) * integration test: handle new labels in 'bud and test --unsetlabel' * [release-1.35] Bump go-jose CVE-2024-28180 * [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180 - Update to version 1.35.3: * [release-1.35] Bump to Buildah v1.35.3 * [release-1.35] correctly configure /etc/hosts and resolv.conf * [release-1.35] buildah: refactor resolv/hosts setup. * [release-1.35] rename the hostFile var to reflect * [release-1.35] Bump c/common to v0.58.1 * [release-1.35] Bump Buildah to v1.35.2 * [release-1.35] CVE-2024-24786 protobuf to 1.33 * [release-1.35] Bump to v1.35.2-dev - Update to version 1.35.1: * [release-1.35] Bump to v1.35.1 * [release-1.35] CVE-2024-1753 container escape fix (bsc#1221677) - Buildah dropped cni support, require netavark instead (bsc#1221243) - Remove obsolete requires libcontainers-image & libcontainers-storage - Require passt for rootless networking (poo#156955) Buildah moved to passt/pasta for rootless networking from slirp4netns (https://github.com/containers/common/pull/1846) - Update to version 1.35.0: * Bump v1.35.0 * Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0 * conformance tests: don't break on trailing zeroes in layer blobs * Add a conformance test for copying to a mounted prior stage * fix(deps): update module github.com/stretchr/testify to v1.9.0 * cgroups: reuse version check from c/common * Update vendor of containers/(common,image) * fix(deps): update github.com/containers/storage digest to eadc620 * fix(deps): update github.com/containers/luksy digest to ceb12d4 * fix(deps): update github.com/containers/image/v5 digest to cdc6802 * manifest add: complain if we get artifact flags without --artifact * Use retry logic from containers/common * Vendor in containers/(storage,image,common) * Update module golang.org/x/crypto to v0.20.0 * Add comment re: Total Success task name * tests: skip_if_no_unshare(): check for --setuid * Properly handle build --pull=false * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1 * Update module go.etcd.io/bbolt to v1.3.9 * Revert 'Reduce official image size' * Update module github.com/opencontainers/image-spec to v1.1.0 * Reduce official image size * Build with CNI support on FreeBSD * build --all-platforms: skip some base 'image' platforms * Bump main to v1.35.0-dev * Vendor in latest containers/(storage,image,common) * Split up error messages for missing --sbom related flags * `buildah manifest`: add artifact-related options * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing * cmd/buildah/manifest.go: don't make struct declarations aliases * Use golang.org/x/exp/slices.Contains * Disable loong64 again * Fix a couple of typos in one-line comments * egrep is obsolescent; use grep -E * Try Cirrus with a newer VM version * Set CONTAINERS_CONF in the chroot-mount-flags integration test * Update to match dependency API update * Update github.com/openshift/imagebuilder and containers/common * docs: correct default authfile path * fix(deps): update module github.com/containerd/containerd to v1.7.13 * tests: retrofit test for heredoc summary * build, heredoc: show heredoc summary in build output * manifest, push: add support for --retry and --retry-delay * fix(deps): update github.com/openshift/imagebuilder digest to b767bc3 * imagebuildah: fix crash with empty RUN * fix(deps): update github.com/containers/luksy digest to b62d551 * fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security] * fix(deps): update module github.com/moby/buildkit to v0.12.5 [security] * Make buildah match podman for handling of ulimits * docs: move footnotes to where they're applicable * Allow users to specify no-dereference * Run codespell on code * Fix FreeBSD version parsing * Fix a build break on FreeBSD * Remove a bad FROM line * fix(deps): update module github.com/onsi/gomega to v1.31.1 * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6 * docs: use reversed logo for dark theme in README * build,commit: add --sbom to scan and produce SBOMs when committing * commit: force omitHistory if the parent has layers but no history * docs: fix a couple of typos * internal/mkcw.Archive(): handle extra image content * stage_executor,heredoc: honor interpreter in heredoc * stage_executor,layers: burst cache if heredoc content is changed * fix(deps): update module golang.org/x/crypto to v0.18.0 * Replace map[K]bool with map[K]struct{} where it makes sense * fix(deps): update module golang.org/x/sync to v0.6.0 * fix(deps): update module golang.org/x/term to v0.16.0 * Bump CI VMs * Replace strings.SplitN with strings.Cut * fix(deps): update github.com/containers/storage digest to ef81e9b * fix(deps): update github.com/containers/image/v5 digest to 1b221d4 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1 * Document use of containers-transports values in buildah * fix(deps): update module golang.org/x/crypto to v0.17.0 [security] * chore(deps): update dependency containers/automation_images to v20231208 * manifest: addCompression use default from containers.conf * commit: add a --add-file flag * mkcw: populate the rootfs using an overlay * chore(deps): update dependency containers/automation_images to v20230517 * [skip-ci] Update actions/stale action to v9 * fix(deps): update module github.com/containernetworking/plugins to v1.4.0 * fix(deps): update github.com/containers/image/v5 digest to 7a40fee * Bump to v1.34.1-dev * Ignore errors if label.Relabel returns ENOSUP Critical SUSE bug 1214855 SUSE bug 1219267 SUSE bug 1219268 SUSE bug 1219438 SUSE bug 1221243 SUSE bug 1221677 SUSE bug 1221916 SUSE bug 1223409 SUSE bug 1224117 SUSE bug 1228324 CVE-2024-1753 at SUSE CVE-2024-1753 at NVD CVE-2024-23651 at SUSE CVE-2024-23651 at NVD CVE-2024-23652 at SUSE CVE-2024-23652 at NVD CVE-2024-23653 at SUSE CVE-2024-23653 at NVD CVE-2024-24786 at SUSE CVE-2024-24786 at NVD CVE-2024-28180 at SUSE CVE-2024-28180 at NVD CVE-2024-3727 at SUSE CVE-2024-3727 at NVD CVE-2024-41110 at SUSE CVE-2024-41110 at NVD cpe:/o:suse:sle-micro:5.5 Security update for systemd (Moderate) SUSE Linux Enterprise Micro 5.5 This update for systemd fixes the following issues: - CVE-2023-7008: Fixed man-in-the-middle due to unsigned name response in signed zone not refused when DNSSEC=yes (bsc#1218297) Other fixes: - Unit: drop ProtectClock=yes from systemd-udevd.service (bsc#1226414) - Don't mention any rpm macros inside comments, even if escaped (bsc#1228091) - Skip redundant dependencies specified the LSB description that references the file name of the service itself for early boot scripts (bsc#1221479). Moderate SUSE bug 1218297 SUSE bug 1221479 SUSE bug 1226414 SUSE bug 1228091 CVE-2023-7008 at SUSE CVE-2023-7008 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). - CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773). - CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524). - CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). - CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). - CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). - CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). - CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820). - CVE-2024-41087: Fix double free on error (bsc#1228466). - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). - CVE-2024-43902: Add null checker before passing variables (bsc#1229767). - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768) - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739) - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). - CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). - CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527). - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). - CVE-2024-26812: struct virqfd kABI workaround (bsc#1222808). - CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). - CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605) - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). - CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569). - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). - CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488) - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) - CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962) - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428). - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742). - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). - CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290). - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). - CVE-2024-27016: Validate pppoe header (bsc#1223807). - CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639). - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). - CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727). - CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number') (bsc#1222387) - CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542) - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). - CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) - CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). - CVE-2024-26669: Fix chain template offload (bsc#1222350). - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287). - CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508). - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). - CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350). - CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319). - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). - CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307). - CVE-2024-43841: Do not use strlen() in const context (bsc#1229304). - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). - CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469). - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). - CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). - CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). - CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269). - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). - CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958). - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). - CVE-2024-42139: Fix improper extts handling (bsc#1228503). - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). - CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). - CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). - CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (bsc#1226613). - CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742). - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: - ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes). - ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes). - ACPI: bus: Rework system-level device notification handling (git-fixes). - ACPI: thermal: Drop nocrt parameter (git-fixes). - ACPI: x86: s2idle: Post-increment variables when getting constraints (git-fixes). - afs: Do not cross .backup mountpoint from backup volume (git-fixes). - ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes). - ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). - ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). - ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes). - ALSA: line6: Fix racy access to midibuf (stable-fixes). - ALSA: timer: Relax start tick time check for slave timer elements (git-fixes). - ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes). - ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). - ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). - ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). - arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes) - arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes) - arm64: Add Neoverse-V2 part (git-fixes) - arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes) - arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes) - arm64: barrier: Restore spec_bar() macro (git-fixes) - arm64: cpufeature: Add missing .field_width for GIC system registers (git-fixes) - arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes) - arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git-fixes) - arm64: cputype: Add Cortex-A720 definitions (git-fixes) - arm64: cputype: Add Cortex-A725 definitions (git-fixes) - arm64: cputype: Add Cortex-X1C definitions (git-fixes) - arm64: cputype: Add Cortex-X3 definitions (git-fixes) - arm64: cputype: Add Cortex-X4 definitions (git-fixes) - arm64: cputype: Add Cortex-X925 definitions (git-fixes) - arm64: cputype: Add Neoverse-V3 definitions (git-fixes) - arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes) - arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes) - arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) - arm64: errata: Expand speculative SSBS workaround (git-fixes) - arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration. - arm64: Fix KASAN random tag seed initialization (git-fixes) - arm64: Fix KASAN random tag seed initialization (git-fixes) - ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). - ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). - async: Introduce async_schedule_dev_nocall() (bsc#1221269). - async: Split async_schedule_node_domain() (bsc#1221269). - Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). - Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). - Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes). - Bluetooth: L2CAP: Fix deadlock (git-fixes). - bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). - bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). - btrfs: fix leak of qgroup extent records after transaction abort (git-fixes). - btrfs: make btrfs_destroy_delayed_refs() return void (git-fixes). - btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes). - btrfs: sysfs: update fs features directory asynchronously (bsc#1226168). - cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418). - ceph: issue a cap release immediately if no cap exists (bsc#1225162). - ceph: periodically flush the cap releases (bsc#1225162). - cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). - cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes). - docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). - drm: add missing MODULE_DESCRIPTION() macros (stable-fixes). - drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes). - drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes). - drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes). - drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). - drm/amd/display: avoid using null object of framebuffer (git-fixes). - drm/amd/display: Fix && vs || typos (git-fixes). - drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes). - drm/amd/display: Validate hw_points_num before using it (stable-fixes). - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes). - drm/amdgpu: Actually check flags for all context ops (stable-fixes). - drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). - drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). - drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). - drm/amdgpu: Validate TA binary size (stable-fixes). - drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). - drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). - drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). - drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). - drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). - drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes). - drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes). - drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). - drm/lima: set gp bus_stop bit before hard reset (stable-fixes). - drm/msm/dp: reset the link phy params before link training (git-fixes). - drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). - drm/msm/dpu: do not play tricks with debug macros (git-fixes). - drm/tegra: Zero-initialize iosys_map (stable-fixes). - exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes). - exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes). - exfat: redefine DIR_DELETED as the bad cluster number (git-fixes). - exfat: support dynamic allocate bh for exfat_entry_set_cache (git-fixes). - fs/netfs/fscache_cookie: add missing 'n_accesses' check (bsc#1229453). - fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). - genirq: Add might_sleep() to disable_irq() (git-fixes). - genirq: Always limit the affinity to online CPUs (git-fixes). - genirq: Do not return error on missing optional irq_request_resources() (git-fixes). - genirq: Take the proposed affinity at face value if force==true (git-fixes). - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes). - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes). - genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes). - genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes). - genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git-fixes). - gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes). - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). - i2c: smbus: Improve handling of stuck alerts (git-fixes). - i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). - iommu/amd: Convert comma to semicolon (git-fixes). - ip6_tunnel: Fix broken GRO (bsc#1229444). - ipv6: sr: fix incorrect unregister order (git-fixes). - irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). - irqdomain: Fix association race (git-fixes). - irqdomain: Fix disassociation race (git-fixes). - irqdomain: Fix domain registration race (git-fixes). - irqdomain: Fix mapping-creation race (git-fixes). - irqdomain: Fixed unbalanced fwnode get and put (git-fixes). - irqdomain: Look for existing mapping only once (git-fixes). - irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). - irqdomain: Report irq number for NOMAP domains (git-fixes). - kprobes: Fix to check symbol prefixes correctly (git-fixes). - lockd: move from strlcpy with unused retval to strscpy (git-fixes). - memcg: protect concurrent access to mem_cgroup_idr (git-fixes). - mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). - mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). - mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). - mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). - net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes). - net: ks8851: Fix deadlock with the SPI chip variant (git-fixes). - net: ks8851: Fix potential TX stall after interface reopen (git-fixes). - net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes). - net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). - net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). - net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes). - net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). - net: remove two BUG() from skb_checksum_help() (bsc#1229312). - net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). - net/rds: fix possible cp null dereference (git-fixes). - net/sched: initialize noop_qdisc owner (git-fixes). - nfc: pn533: Add poll mod list filling check (git-fixes). - nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). - nfs: make the rpc_stat per net namespace (git-fixes). - NFSD: add posix ACLs to struct nfsd_attrs (git-fixes). - NFSD: add security label to struct nfsd_attrs (git-fixes). - NFSD: fix regression with setting ACLs (git-fixes). - NFSD: Fix strncpy() fortify warning (git-fixes). - NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes). - NFSD: introduce struct nfsd_attrs (git-fixes). - NFSD: move from strlcpy with unused retval to strscpy (git-fixes). - NFSD: Optimize DRC bucket pruning (git-fixes). - nfsd: return error if nfs4_setacl fails (git-fixes). - NFSD: set attributes when creating symlinks (git-fixes). - nfsd: use locks_inode_context helper (git-fixes). - nilfs2: Remove check for PageError (git-fixes). - nvme_core: scan namespaces asynchronously (bsc#1224105). - ocfs2: use coarse time for new created files (git-fixes). - padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). - perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes). - platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). - platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). - platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). - platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). - platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). - platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). - platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). - platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). - platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). - platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). - platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). - platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). - platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). - power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes). - power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). - powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869). - powerpc: Mark .opd section read-only (bsc#1194869). - powerpc: use generic version of arch_is_kernel_initmem_freed() (bsc#1194869). - powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). - powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). - powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). - powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). - powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). - powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). - powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). - powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). - powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). - powerpc/xmon: Check cpu id in commands 'c#', 'dp#' and 'dx#' (bsc#1194869). - RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). - RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes) - RDMA/rxe: Fix rxe_modify_srq (git-fixes) - RDMA/rxe: Handle zero length rdma (git-fixes) - RDMA/rxe: Move work queue code to subroutines (git-fixes) - s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187). - s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079). - s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187). - s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190). - s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573). - s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572). - s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188). - spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). - sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). - SUNRPC: Fix a race to wake a sync task (git-fixes). - swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). - syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). - tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). - ubifs: add check for crypto_shash_tfm_digest (git-fixes). - ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes). - ubifs: Fix adding orphan entry twice for the same inode (git-fixes). - ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes). - vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). - wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). - wifi: mwifiex: duplicate static structs used in driver instances (git-fixes). - x86/APM: drop the duplicate APM_MINOR_DEV macro (git-fixes). - x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes). - x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). - x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). - x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes). - xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). - xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). - xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). - xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes). Important SUSE bug 1193629 SUSE bug 1194111 SUSE bug 1194765 SUSE bug 1194869 SUSE bug 1196261 SUSE bug 1196516 SUSE bug 1196894 SUSE bug 1198017 SUSE bug 1203329 SUSE bug 1203330 SUSE bug 1203360 SUSE bug 1205462 SUSE bug 1206006 SUSE bug 1206258 SUSE bug 1206843 SUSE bug 1207158 SUSE bug 1208783 SUSE bug 1210644 SUSE bug 1213580 SUSE bug 1213632 SUSE bug 1214285 SUSE bug 1216834 SUSE bug 1220428 SUSE bug 1220877 SUSE bug 1220962 SUSE bug 1221269 SUSE bug 1221326 SUSE bug 1221630 SUSE bug 1221645 SUSE bug 1222335 SUSE bug 1222350 SUSE bug 1222372 SUSE bug 1222387 SUSE bug 1222634 SUSE bug 1222808 SUSE bug 1222967 SUSE bug 1223074 SUSE bug 1223191 SUSE bug 1223508 SUSE bug 1223720 SUSE bug 1223742 SUSE bug 1223777 SUSE bug 1223803 SUSE bug 1223807 SUSE bug 1224105 SUSE bug 1224415 SUSE bug 1224496 SUSE bug 1224510 SUSE bug 1224542 SUSE bug 1224578 SUSE bug 1224639 SUSE bug 1225162 SUSE bug 1225352 SUSE bug 1225428 SUSE bug 1225524 SUSE bug 1225578 SUSE bug 1225582 SUSE bug 1225773 SUSE bug 1225814 SUSE bug 1225827 SUSE bug 1225832 SUSE bug 1225903 SUSE bug 1226168 SUSE bug 1226530 SUSE bug 1226613 SUSE bug 1226742 SUSE bug 1226765 SUSE bug 1226798 SUSE bug 1226801 SUSE bug 1226874 SUSE bug 1226885 SUSE bug 1227079 SUSE bug 1227623 SUSE bug 1227761 SUSE bug 1227830 SUSE bug 1227863 SUSE bug 1227867 SUSE bug 1227929 SUSE bug 1227937 SUSE bug 1227958 SUSE bug 1228020 SUSE bug 1228065 SUSE bug 1228114 SUSE bug 1228410 SUSE bug 1228426 SUSE bug 1228427 SUSE bug 1228429 SUSE bug 1228446 SUSE bug 1228447 SUSE bug 1228449 SUSE bug 1228450 SUSE bug 1228452 SUSE bug 1228456 SUSE bug 1228463 SUSE bug 1228466 SUSE bug 1228467 SUSE bug 1228469 SUSE bug 1228480 SUSE bug 1228481 SUSE bug 1228482 SUSE bug 1228483 SUSE bug 1228484 SUSE bug 1228485 SUSE bug 1228487 SUSE bug 1228489 SUSE bug 1228491 SUSE bug 1228493 SUSE bug 1228494 SUSE bug 1228495 SUSE bug 1228496 SUSE bug 1228501 SUSE bug 1228503 SUSE bug 1228509 SUSE bug 1228513 SUSE bug 1228515 SUSE bug 1228516 SUSE bug 1228526 SUSE bug 1228531 SUSE bug 1228563 SUSE bug 1228564 SUSE bug 1228567 SUSE bug 1228576 SUSE bug 1228579 SUSE bug 1228584 SUSE bug 1228588 SUSE bug 1228590 SUSE bug 1228615 SUSE bug 1228616 SUSE bug 1228635 SUSE bug 1228636 SUSE bug 1228654 SUSE bug 1228656 SUSE bug 1228658 SUSE bug 1228660 SUSE bug 1228662 SUSE bug 1228667 SUSE bug 1228673 SUSE bug 1228677 SUSE bug 1228687 SUSE bug 1228706 SUSE bug 1228708 SUSE bug 1228710 SUSE bug 1228718 SUSE bug 1228720 SUSE bug 1228721 SUSE bug 1228722 SUSE bug 1228724 SUSE bug 1228726 SUSE bug 1228727 SUSE bug 1228733 SUSE bug 1228748 SUSE bug 1228766 SUSE bug 1228779 SUSE bug 1228801 SUSE bug 1228850 SUSE bug 1228857 SUSE bug 1228959 SUSE bug 1228964 SUSE bug 1228966 SUSE bug 1228967 SUSE bug 1228979 SUSE bug 1228988 SUSE bug 1228989 SUSE bug 1228991 SUSE bug 1228992 SUSE bug 1229042 SUSE bug 1229054 SUSE bug 1229086 SUSE bug 1229136 SUSE bug 1229154 SUSE bug 1229187 SUSE bug 1229188 SUSE bug 1229190 SUSE bug 1229287 SUSE bug 1229290 SUSE bug 1229292 SUSE bug 1229296 SUSE bug 1229297 SUSE bug 1229301 SUSE bug 1229303 SUSE bug 1229304 SUSE bug 1229305 SUSE bug 1229307 SUSE bug 1229309 SUSE bug 1229312 SUSE bug 1229314 SUSE bug 1229315 SUSE bug 1229317 SUSE bug 1229318 SUSE bug 1229319 SUSE bug 1229327 SUSE bug 1229341 SUSE bug 1229345 SUSE bug 1229346 SUSE bug 1229347 SUSE bug 1229349 SUSE bug 1229350 SUSE bug 1229351 SUSE bug 1229354 SUSE bug 1229356 SUSE bug 1229357 SUSE bug 1229358 SUSE bug 1229359 SUSE bug 1229360 SUSE bug 1229366 SUSE bug 1229370 SUSE bug 1229373 SUSE bug 1229374 SUSE bug 1229381 SUSE bug 1229382 SUSE bug 1229383 SUSE bug 1229386 SUSE bug 1229388 SUSE bug 1229391 SUSE bug 1229392 SUSE bug 1229395 SUSE bug 1229398 SUSE bug 1229399 SUSE bug 1229400 SUSE bug 1229407 SUSE bug 1229409 SUSE bug 1229410 SUSE bug 1229411 SUSE bug 1229413 SUSE bug 1229414 SUSE bug 1229417 SUSE bug 1229418 SUSE bug 1229444 SUSE bug 1229453 SUSE bug 1229454 SUSE bug 1229481 SUSE bug 1229482 SUSE bug 1229488 SUSE bug 1229489 SUSE bug 1229490 SUSE bug 1229493 SUSE bug 1229495 SUSE bug 1229497 SUSE bug 1229500 SUSE bug 1229503 SUSE bug 1229506 SUSE bug 1229507 SUSE bug 1229508 SUSE bug 1229509 SUSE bug 1229510 SUSE bug 1229512 SUSE bug 1229516 SUSE bug 1229521 SUSE bug 1229522 SUSE bug 1229523 SUSE bug 1229524 SUSE bug 1229525 SUSE bug 1229526 SUSE bug 1229527 SUSE bug 1229528 SUSE bug 1229529 SUSE bug 1229531 SUSE bug 1229533 SUSE bug 1229535 SUSE bug 1229536 SUSE bug 1229537 SUSE bug 1229540 SUSE bug 1229544 SUSE bug 1229545 SUSE bug 1229546 SUSE bug 1229547 SUSE bug 1229548 SUSE bug 1229554 SUSE bug 1229557 SUSE bug 1229558 SUSE bug 1229559 SUSE bug 1229560 SUSE bug 1229562 SUSE bug 1229564 SUSE bug 1229565 SUSE bug 1229566 SUSE bug 1229568 SUSE bug 1229569 SUSE bug 1229572 SUSE bug 1229573 SUSE bug 1229576 SUSE bug 1229581 SUSE bug 1229588 SUSE bug 1229598 SUSE bug 1229603 SUSE bug 1229604 SUSE bug 1229605 SUSE bug 1229608 SUSE bug 1229611 SUSE bug 1229612 SUSE bug 1229613 SUSE bug 1229614 SUSE bug 1229615 SUSE bug 1229616 SUSE bug 1229617 SUSE bug 1229620 SUSE bug 1229622 SUSE bug 1229623 SUSE bug 1229624 SUSE bug 1229625 SUSE bug 1229626 SUSE bug 1229628 SUSE bug 1229629 SUSE bug 1229630 SUSE bug 1229631 SUSE bug 1229632 SUSE bug 1229635 SUSE bug 1229636 SUSE bug 1229637 SUSE bug 1229638 SUSE bug 1229639 SUSE bug 1229641 SUSE bug 1229642 SUSE bug 1229643 SUSE bug 1229645 SUSE bug 1229657 SUSE bug 1229658 SUSE bug 1229662 SUSE bug 1229664 SUSE bug 1229707 SUSE bug 1229739 SUSE bug 1229743 SUSE bug 1229746 SUSE bug 1229754 SUSE bug 1229755 SUSE bug 1229756 SUSE bug 1229759 SUSE bug 1229761 SUSE bug 1229767 SUSE bug 1229768 SUSE bug 1229781 SUSE bug 1229784 SUSE bug 1229787 SUSE bug 1229788 SUSE bug 1229789 SUSE bug 1229792 SUSE bug 1229820 CVE-2021-4441 at SUSE CVE-2021-4441 at NVD CVE-2021-47106 at SUSE CVE-2021-47106 at NVD CVE-2021-47517 at SUSE CVE-2021-47517 at NVD CVE-2021-47546 at SUSE CVE-2021-47546 at NVD CVE-2022-38457 at SUSE CVE-2022-38457 at NVD CVE-2022-40133 at SUSE CVE-2022-40133 at NVD CVE-2022-48645 at SUSE CVE-2022-48645 at NVD CVE-2022-48706 at SUSE CVE-2022-48706 at NVD CVE-2022-48808 at SUSE CVE-2022-48808 at NVD CVE-2022-48865 at SUSE CVE-2022-48865 at NVD CVE-2022-48868 at SUSE CVE-2022-48868 at NVD CVE-2022-48869 at SUSE CVE-2022-48869 at NVD CVE-2022-48870 at SUSE CVE-2022-48870 at NVD CVE-2022-48871 at SUSE CVE-2022-48871 at NVD CVE-2022-48872 at SUSE CVE-2022-48872 at NVD CVE-2022-48873 at SUSE CVE-2022-48873 at NVD CVE-2022-48875 at SUSE CVE-2022-48875 at NVD CVE-2022-48878 at SUSE CVE-2022-48878 at NVD CVE-2022-48880 at SUSE CVE-2022-48880 at NVD CVE-2022-48881 at SUSE CVE-2022-48881 at NVD CVE-2022-48882 at SUSE CVE-2022-48882 at NVD CVE-2022-48883 at SUSE CVE-2022-48883 at NVD CVE-2022-48884 at SUSE CVE-2022-48884 at NVD CVE-2022-48885 at SUSE CVE-2022-48885 at NVD CVE-2022-48886 at SUSE CVE-2022-48886 at NVD CVE-2022-48887 at SUSE CVE-2022-48887 at NVD CVE-2022-48888 at SUSE CVE-2022-48888 at NVD CVE-2022-48889 at SUSE CVE-2022-48889 at NVD CVE-2022-48890 at SUSE CVE-2022-48890 at NVD CVE-2022-48891 at SUSE CVE-2022-48891 at NVD CVE-2022-48893 at SUSE CVE-2022-48893 at NVD CVE-2022-48896 at SUSE CVE-2022-48896 at NVD CVE-2022-48898 at SUSE CVE-2022-48898 at NVD CVE-2022-48899 at SUSE CVE-2022-48899 at NVD CVE-2022-48903 at SUSE CVE-2022-48903 at NVD CVE-2022-48904 at SUSE CVE-2022-48904 at NVD CVE-2022-48905 at SUSE CVE-2022-48905 at NVD CVE-2022-48906 at SUSE CVE-2022-48906 at NVD CVE-2022-48907 at SUSE CVE-2022-48907 at NVD CVE-2022-48909 at SUSE CVE-2022-48909 at NVD CVE-2022-48910 at SUSE CVE-2022-48910 at NVD CVE-2022-48912 at SUSE CVE-2022-48912 at NVD CVE-2022-48913 at SUSE CVE-2022-48913 at NVD CVE-2022-48914 at SUSE CVE-2022-48914 at NVD CVE-2022-48915 at SUSE CVE-2022-48915 at NVD CVE-2022-48916 at SUSE CVE-2022-48916 at NVD CVE-2022-48917 at SUSE CVE-2022-48917 at NVD CVE-2022-48918 at SUSE CVE-2022-48918 at NVD CVE-2022-48919 at SUSE CVE-2022-48919 at NVD CVE-2022-48920 at SUSE CVE-2022-48920 at NVD CVE-2022-48921 at SUSE CVE-2022-48921 at NVD CVE-2022-48923 at SUSE CVE-2022-48923 at NVD CVE-2022-48924 at SUSE CVE-2022-48924 at NVD CVE-2022-48925 at SUSE CVE-2022-48925 at NVD CVE-2022-48926 at SUSE CVE-2022-48926 at NVD CVE-2022-48927 at SUSE CVE-2022-48927 at NVD CVE-2022-48928 at SUSE CVE-2022-48928 at NVD CVE-2022-48929 at SUSE CVE-2022-48929 at NVD CVE-2022-48930 at SUSE CVE-2022-48930 at NVD CVE-2022-48931 at SUSE CVE-2022-48931 at NVD CVE-2022-48932 at SUSE CVE-2022-48932 at NVD CVE-2022-48934 at SUSE CVE-2022-48934 at NVD CVE-2022-48937 at SUSE CVE-2022-48937 at NVD CVE-2022-48938 at SUSE CVE-2022-48938 at NVD CVE-2022-48939 at SUSE CVE-2022-48939 at NVD CVE-2022-48940 at SUSE CVE-2022-48940 at NVD CVE-2022-48941 at SUSE CVE-2022-48941 at NVD CVE-2022-48942 at SUSE CVE-2022-48942 at NVD CVE-2022-48943 at SUSE CVE-2022-48943 at NVD CVE-2023-3610 at SUSE CVE-2023-3610 at NVD CVE-2023-52458 at SUSE CVE-2023-52458 at NVD CVE-2023-52489 at SUSE CVE-2023-52489 at NVD CVE-2023-52498 at SUSE CVE-2023-52498 at NVD CVE-2023-52581 at SUSE CVE-2023-52581 at NVD CVE-2023-52859 at SUSE CVE-2023-52859 at NVD CVE-2023-52887 at SUSE CVE-2023-52887 at NVD CVE-2023-52889 at SUSE CVE-2023-52889 at NVD CVE-2023-52893 at SUSE CVE-2023-52893 at NVD CVE-2023-52894 at SUSE CVE-2023-52894 at NVD CVE-2023-52896 at SUSE CVE-2023-52896 at NVD CVE-2023-52898 at SUSE CVE-2023-52898 at NVD CVE-2023-52899 at SUSE CVE-2023-52899 at NVD CVE-2023-52900 at SUSE CVE-2023-52900 at NVD CVE-2023-52901 at SUSE CVE-2023-52901 at NVD CVE-2023-52904 at SUSE CVE-2023-52904 at NVD CVE-2023-52905 at SUSE CVE-2023-52905 at NVD CVE-2023-52906 at SUSE CVE-2023-52906 at NVD CVE-2023-52907 at SUSE CVE-2023-52907 at NVD CVE-2023-52908 at SUSE CVE-2023-52908 at NVD CVE-2023-52909 at SUSE CVE-2023-52909 at NVD CVE-2023-52910 at SUSE CVE-2023-52910 at NVD CVE-2023-52911 at SUSE CVE-2023-52911 at NVD CVE-2023-52912 at SUSE CVE-2023-52912 at NVD CVE-2023-52913 at SUSE CVE-2023-52913 at NVD CVE-2024-26631 at SUSE CVE-2024-26631 at NVD CVE-2024-26668 at SUSE CVE-2024-26668 at NVD CVE-2024-26669 at SUSE CVE-2024-26669 at NVD CVE-2024-26677 at SUSE CVE-2024-26677 at NVD CVE-2024-26735 at SUSE CVE-2024-26735 at NVD CVE-2024-26808 at SUSE CVE-2024-26808 at NVD CVE-2024-26812 at SUSE CVE-2024-26812 at NVD CVE-2024-26835 at SUSE CVE-2024-26835 at NVD CVE-2024-26851 at SUSE CVE-2024-26851 at NVD CVE-2024-27010 at SUSE CVE-2024-27010 at NVD CVE-2024-27011 at SUSE CVE-2024-27011 at NVD CVE-2024-27016 at SUSE CVE-2024-27016 at NVD CVE-2024-27024 at SUSE CVE-2024-27024 at NVD CVE-2024-27079 at SUSE CVE-2024-27079 at NVD CVE-2024-27403 at SUSE CVE-2024-27403 at NVD CVE-2024-31076 at SUSE CVE-2024-31076 at NVD CVE-2024-35897 at SUSE CVE-2024-35897 at NVD CVE-2024-35902 at SUSE CVE-2024-35902 at NVD CVE-2024-35945 at SUSE CVE-2024-35945 at NVD CVE-2024-35971 at SUSE CVE-2024-35971 at NVD CVE-2024-36009 at SUSE CVE-2024-36009 at NVD CVE-2024-36013 at SUSE CVE-2024-36013 at NVD CVE-2024-36270 at SUSE CVE-2024-36270 at NVD CVE-2024-36286 at SUSE CVE-2024-36286 at NVD CVE-2024-36489 at SUSE CVE-2024-36489 at NVD CVE-2024-36929 at SUSE CVE-2024-36929 at NVD CVE-2024-36933 at SUSE CVE-2024-36933 at NVD CVE-2024-36936 at SUSE CVE-2024-36936 at NVD CVE-2024-36962 at SUSE CVE-2024-36962 at NVD CVE-2024-38554 at SUSE CVE-2024-38554 at NVD CVE-2024-38602 at SUSE CVE-2024-38602 at NVD CVE-2024-38662 at SUSE CVE-2024-38662 at NVD CVE-2024-39489 at SUSE CVE-2024-39489 at NVD CVE-2024-40905 at SUSE CVE-2024-40905 at NVD CVE-2024-40978 at SUSE CVE-2024-40978 at NVD CVE-2024-40980 at SUSE CVE-2024-40980 at NVD CVE-2024-40995 at SUSE CVE-2024-40995 at NVD CVE-2024-41000 at SUSE CVE-2024-41000 at NVD CVE-2024-41007 at SUSE CVE-2024-41007 at NVD CVE-2024-41009 at SUSE CVE-2024-41009 at NVD CVE-2024-41011 at SUSE CVE-2024-41011 at NVD CVE-2024-41016 at SUSE CVE-2024-41016 at NVD CVE-2024-41020 at SUSE CVE-2024-41020 at NVD CVE-2024-41022 at SUSE CVE-2024-41022 at NVD CVE-2024-41035 at SUSE CVE-2024-41035 at NVD CVE-2024-41036 at SUSE CVE-2024-41036 at NVD CVE-2024-41038 at SUSE CVE-2024-41038 at NVD CVE-2024-41039 at SUSE CVE-2024-41039 at NVD CVE-2024-41042 at SUSE CVE-2024-41042 at NVD CVE-2024-41045 at SUSE CVE-2024-41045 at NVD CVE-2024-41056 at SUSE CVE-2024-41056 at NVD CVE-2024-41060 at SUSE CVE-2024-41060 at NVD CVE-2024-41062 at SUSE CVE-2024-41062 at NVD CVE-2024-41065 at SUSE CVE-2024-41065 at NVD CVE-2024-41068 at SUSE CVE-2024-41068 at NVD CVE-2024-41073 at SUSE CVE-2024-41073 at NVD CVE-2024-41079 at SUSE CVE-2024-41079 at NVD CVE-2024-41080 at SUSE CVE-2024-41080 at NVD CVE-2024-41087 at SUSE CVE-2024-41087 at NVD CVE-2024-41088 at SUSE CVE-2024-41088 at NVD CVE-2024-41089 at SUSE CVE-2024-41089 at NVD CVE-2024-41092 at SUSE CVE-2024-41092 at NVD CVE-2024-41093 at SUSE CVE-2024-41093 at NVD CVE-2024-41095 at SUSE CVE-2024-41095 at NVD CVE-2024-41097 at SUSE CVE-2024-41097 at NVD CVE-2024-41098 at SUSE CVE-2024-41098 at NVD CVE-2024-42069 at SUSE CVE-2024-42069 at NVD CVE-2024-42074 at SUSE CVE-2024-42074 at NVD CVE-2024-42076 at SUSE CVE-2024-42076 at NVD CVE-2024-42077 at SUSE CVE-2024-42077 at NVD CVE-2024-42080 at SUSE CVE-2024-42080 at NVD CVE-2024-42082 at SUSE CVE-2024-42082 at NVD CVE-2024-42085 at SUSE CVE-2024-42085 at NVD CVE-2024-42086 at SUSE CVE-2024-42086 at NVD CVE-2024-42087 at SUSE CVE-2024-42087 at NVD CVE-2024-42089 at SUSE CVE-2024-42089 at NVD CVE-2024-42090 at SUSE CVE-2024-42090 at NVD CVE-2024-42092 at SUSE CVE-2024-42092 at NVD CVE-2024-42095 at SUSE CVE-2024-42095 at NVD CVE-2024-42097 at SUSE CVE-2024-42097 at NVD CVE-2024-42098 at SUSE CVE-2024-42098 at NVD CVE-2024-42101 at SUSE CVE-2024-42101 at NVD CVE-2024-42104 at SUSE CVE-2024-42104 at NVD CVE-2024-42106 at SUSE CVE-2024-42106 at NVD CVE-2024-42107 at SUSE CVE-2024-42107 at NVD CVE-2024-42110 at SUSE CVE-2024-42110 at NVD CVE-2024-42114 at SUSE CVE-2024-42114 at NVD CVE-2024-42115 at SUSE CVE-2024-42115 at NVD CVE-2024-42119 at SUSE CVE-2024-42119 at NVD CVE-2024-42120 at SUSE CVE-2024-42120 at NVD CVE-2024-42121 at SUSE CVE-2024-42121 at NVD CVE-2024-42126 at SUSE CVE-2024-42126 at NVD CVE-2024-42127 at SUSE CVE-2024-42127 at NVD CVE-2024-42130 at SUSE CVE-2024-42130 at NVD CVE-2024-42137 at SUSE CVE-2024-42137 at NVD CVE-2024-42139 at SUSE CVE-2024-42139 at NVD CVE-2024-42142 at SUSE CVE-2024-42142 at NVD CVE-2024-42143 at SUSE CVE-2024-42143 at NVD CVE-2024-42148 at SUSE CVE-2024-42148 at NVD CVE-2024-42152 at SUSE CVE-2024-42152 at NVD CVE-2024-42155 at SUSE CVE-2024-42155 at NVD CVE-2024-42156 at SUSE CVE-2024-42156 at NVD CVE-2024-42157 at SUSE CVE-2024-42157 at NVD CVE-2024-42158 at SUSE CVE-2024-42158 at NVD CVE-2024-42162 at SUSE CVE-2024-42162 at NVD CVE-2024-42223 at SUSE CVE-2024-42223 at NVD CVE-2024-42225 at SUSE CVE-2024-42225 at NVD CVE-2024-42228 at SUSE CVE-2024-42228 at NVD CVE-2024-42229 at SUSE CVE-2024-42229 at NVD CVE-2024-42230 at SUSE CVE-2024-42230 at NVD CVE-2024-42232 at SUSE CVE-2024-42232 at NVD CVE-2024-42236 at SUSE CVE-2024-42236 at NVD CVE-2024-42237 at SUSE CVE-2024-42237 at NVD CVE-2024-42238 at SUSE CVE-2024-42238 at NVD CVE-2024-42239 at SUSE CVE-2024-42239 at NVD CVE-2024-42240 at SUSE CVE-2024-42240 at NVD CVE-2024-42244 at SUSE CVE-2024-42244 at NVD CVE-2024-42246 at SUSE CVE-2024-42246 at NVD CVE-2024-42247 at SUSE CVE-2024-42247 at NVD CVE-2024-42268 at SUSE CVE-2024-42268 at NVD CVE-2024-42271 at SUSE CVE-2024-42271 at NVD CVE-2024-42274 at SUSE CVE-2024-42274 at NVD CVE-2024-42276 at SUSE CVE-2024-42276 at NVD CVE-2024-42277 at SUSE CVE-2024-42277 at NVD CVE-2024-42280 at SUSE CVE-2024-42280 at NVD CVE-2024-42281 at SUSE CVE-2024-42281 at NVD CVE-2024-42283 at SUSE CVE-2024-42283 at NVD CVE-2024-42284 at SUSE CVE-2024-42284 at NVD CVE-2024-42285 at SUSE CVE-2024-42285 at NVD CVE-2024-42286 at SUSE CVE-2024-42286 at NVD CVE-2024-42287 at SUSE CVE-2024-42287 at NVD CVE-2024-42288 at SUSE CVE-2024-42288 at NVD CVE-2024-42289 at SUSE CVE-2024-42289 at NVD CVE-2024-42291 at SUSE CVE-2024-42291 at NVD CVE-2024-42292 at SUSE CVE-2024-42292 at NVD CVE-2024-42295 at SUSE CVE-2024-42295 at NVD CVE-2024-42301 at SUSE CVE-2024-42301 at NVD CVE-2024-42302 at SUSE CVE-2024-42302 at NVD CVE-2024-42308 at SUSE CVE-2024-42308 at NVD CVE-2024-42309 at SUSE CVE-2024-42309 at NVD CVE-2024-42310 at SUSE CVE-2024-42310 at NVD CVE-2024-42311 at SUSE CVE-2024-42311 at NVD CVE-2024-42312 at SUSE CVE-2024-42312 at NVD CVE-2024-42313 at SUSE CVE-2024-42313 at NVD CVE-2024-42315 at SUSE CVE-2024-42315 at NVD CVE-2024-42318 at SUSE CVE-2024-42318 at NVD CVE-2024-42319 at SUSE CVE-2024-42319 at NVD CVE-2024-42320 at SUSE CVE-2024-42320 at NVD CVE-2024-42322 at SUSE CVE-2024-42322 at NVD CVE-2024-43816 at SUSE CVE-2024-43816 at NVD CVE-2024-43818 at SUSE CVE-2024-43818 at NVD CVE-2024-43819 at SUSE CVE-2024-43819 at NVD CVE-2024-43821 at SUSE CVE-2024-43821 at NVD CVE-2024-43823 at SUSE CVE-2024-43823 at NVD CVE-2024-43829 at SUSE CVE-2024-43829 at NVD CVE-2024-43830 at SUSE CVE-2024-43830 at NVD CVE-2024-43831 at SUSE CVE-2024-43831 at NVD CVE-2024-43834 at SUSE CVE-2024-43834 at NVD CVE-2024-43837 at SUSE CVE-2024-43837 at NVD CVE-2024-43839 at SUSE CVE-2024-43839 at NVD CVE-2024-43841 at SUSE CVE-2024-43841 at NVD CVE-2024-43842 at SUSE CVE-2024-43842 at NVD CVE-2024-43846 at SUSE CVE-2024-43846 at NVD CVE-2024-43849 at SUSE CVE-2024-43849 at NVD CVE-2024-43853 at SUSE CVE-2024-43853 at NVD CVE-2024-43854 at SUSE CVE-2024-43854 at NVD CVE-2024-43856 at SUSE CVE-2024-43856 at NVD CVE-2024-43858 at SUSE CVE-2024-43858 at NVD CVE-2024-43860 at SUSE CVE-2024-43860 at NVD CVE-2024-43861 at SUSE CVE-2024-43861 at NVD CVE-2024-43863 at SUSE CVE-2024-43863 at NVD CVE-2024-43866 at SUSE CVE-2024-43866 at NVD CVE-2024-43867 at SUSE CVE-2024-43867 at NVD CVE-2024-43871 at SUSE CVE-2024-43871 at NVD CVE-2024-43872 at SUSE CVE-2024-43872 at NVD CVE-2024-43873 at SUSE CVE-2024-43873 at NVD CVE-2024-43879 at SUSE CVE-2024-43879 at NVD CVE-2024-43880 at SUSE CVE-2024-43880 at NVD CVE-2024-43882 at SUSE CVE-2024-43882 at NVD CVE-2024-43883 at SUSE CVE-2024-43883 at NVD CVE-2024-43884 at SUSE CVE-2024-43884 at NVD CVE-2024-43889 at SUSE CVE-2024-43889 at NVD CVE-2024-43892 at SUSE CVE-2024-43892 at NVD CVE-2024-43893 at SUSE CVE-2024-43893 at NVD CVE-2024-43894 at SUSE CVE-2024-43894 at NVD CVE-2024-43895 at SUSE CVE-2024-43895 at NVD CVE-2024-43899 at SUSE CVE-2024-43899 at NVD CVE-2024-43900 at SUSE CVE-2024-43900 at NVD CVE-2024-43902 at SUSE CVE-2024-43902 at NVD CVE-2024-43903 at SUSE CVE-2024-43903 at NVD CVE-2024-43904 at SUSE CVE-2024-43904 at NVD CVE-2024-43905 at SUSE CVE-2024-43905 at NVD CVE-2024-43907 at SUSE CVE-2024-43907 at NVD CVE-2024-43908 at SUSE CVE-2024-43908 at NVD CVE-2024-43909 at SUSE CVE-2024-43909 at NVD CVE-2024-44938 at SUSE CVE-2024-44938 at NVD CVE-2024-44939 at SUSE CVE-2024-44939 at NVD CVE-2024-44947 at SUSE CVE-2024-44947 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libpcap (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libpcap fixes the following issues: - CVE-2024-8006: NULL pointer dereference in function pcap_findalldevs_ex(). (bsc#1230034) - CVE-2023-7256: double free via struct addrinfo in function sock_initaddress(). (bsc#1230020) Moderate SUSE bug 1230020 SUSE bug 1230034 CVE-2023-7256 at SUSE CVE-2023-7256 at NVD CVE-2024-8006 at SUSE CVE-2024-8006 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) Moderate SUSE bug 1230093 CVE-2024-8096 at SUSE CVE-2024-8096 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Moderate) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932) - CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931) - CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930) Moderate SUSE bug 1229930 SUSE bug 1229931 SUSE bug 1229932 CVE-2024-45490 at SUSE CVE-2024-45490 at NVD CVE-2024-45491 at SUSE CVE-2024-45491 at NVD CVE-2024-45492 at SUSE CVE-2024-45492 at NVD cpe:/o:suse:sle-micro:5.5 Security update for containerd (Important) SUSE Linux Enterprise Micro 5.5 This update for containerd fixes the following issues: - Update to containerd v1.7.21 - CVE-2023-47108: Fixed DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics. (bsc#1217070) - CVE-2023-45142: Fixed DoS vulnerability in otelhttp. (bsc#1228553) Important SUSE bug 1200528 SUSE bug 1217070 SUSE bug 1228553 CVE-2022-1996 at SUSE CVE-2022-1996 at NVD CVE-2023-45142 at SUSE CVE-2023-45142 at NVD CVE-2023-47108 at SUSE CVE-2023-47108 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Low) SUSE Linux Enterprise Micro 5.5 This update for runc fixes the following issues: - Update to runc v1.1.14 - CVE-2024-45310: Fixed an issue where runc can be tricked into creating empty files/directories on host. (bsc#1230092) Low SUSE bug 1230092 CVE-2024-45310 at SUSE CVE-2024-45310 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-dnspython (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-dnspython fixes the following issue: - Fix CVE-2023-29483 (bsc#1230353). Moderate SUSE bug 1230353 CVE-2023-29483 at SUSE CVE-2023-29483 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) - CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. - CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. Moderate SUSE bug 1230400 CVE-2024-23984 at SUSE CVE-2024-23984 at NVD CVE-2024-24968 at SUSE CVE-2024-24968 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following non-security bugs were fixed: - Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' (bsc#1230413) - Revert 'mm/sparsemem: fix race in accessing memory_section->usage' (bsc#1230413) - Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' (bsc#1230413) Important SUSE bug 1230413 cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2024-45817: Fixed a deadlock in vlapic_error (XSA-462, bsc#1230366) Moderate SUSE bug 1230366 CVE-2024-45817 at SUSE CVE-2024-45817 at NVD cpe:/o:suse:sle-micro:5.5 Security update for opensc (Low) SUSE Linux Enterprise Micro 5.5 This update for opensc fixes the following issues: - CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076) - CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075) - CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074) - CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073) - CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072) - CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071) - CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364) Low SUSE bug 1217722 SUSE bug 1230071 SUSE bug 1230072 SUSE bug 1230073 SUSE bug 1230074 SUSE bug 1230075 SUSE bug 1230076 SUSE bug 1230364 CVE-2024-45615 at SUSE CVE-2024-45615 at NVD CVE-2024-45616 at SUSE CVE-2024-45616 at NVD CVE-2024-45617 at SUSE CVE-2024-45617 at NVD CVE-2024-45618 at SUSE CVE-2024-45618 at NVD CVE-2024-45619 at SUSE CVE-2024-45619 at NVD CVE-2024-45620 at SUSE CVE-2024-45620 at NVD CVE-2024-8443 at SUSE CVE-2024-8443 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module (bsc#1228780). - CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API (bsc#1227233). - CVE-2024-7592: Fixed Email header injection due to unquoted newlines (bsc#1229596). - CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) Bug fixes: - %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999). - Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378). - Remove %suse_update_desktop_file macro as it is not useful any more. Important SUSE bug 1227233 SUSE bug 1227378 SUSE bug 1227999 SUSE bug 1228780 SUSE bug 1229596 SUSE bug 1230227 CVE-2024-5642 at SUSE CVE-2024-5642 at NVD CVE-2024-6232 at SUSE CVE-2024-6232 at NVD CVE-2024-6923 at SUSE CVE-2024-6923 at NVD CVE-2024-7592 at SUSE CVE-2024-7592 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). - CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773). - CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524). - CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). - CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if-IP-has-been-disabled-on.patch (bsc#1226798) - CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). - CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). - CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). - CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). - CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). - CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820). - CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). - CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). - CVE-2024-43902: Add null checker before passing variables (bsc#1229767). - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768) - CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739) - CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). - CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). - CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527). - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) - CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). - CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). - CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) - CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). - CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605) - CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). - CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). - CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569). - CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). - CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). - CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488) - CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) - CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) - CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962) - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428). - CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) - CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). - CVE-2024-27079: Fix NULL domain on device release (bsc#1223742). - CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). - CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). - CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). - CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes). - CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). - CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). - CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). - CVE-2024-27016: Validate pppoe header (bsc#1223807). - CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639). - CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). - CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). - CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). - CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). - CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). - CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) - CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) - CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) - CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes). - CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number') (bsc#1222387) - CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542) - CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). - CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) - CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) - CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) - CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) - CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) - CVE-2024-42308: Update DRM patch reference (bsc#1229411) - CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). - CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). - CVE-2024-26669: Fix chain template offload (bsc#1222350). - CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,). - CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508). - CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). - CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). - CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). - CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350). - CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319). - CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). - CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307). - CVE-2024-43841: Do not use strlen() in const context (bsc#1229304). - CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). - CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469). - CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). - CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) - CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). - CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). - CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) - CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). - CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). - CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). - CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). - CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). - CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). - CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269). - CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). - CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958). - CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). - CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). - CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). - CVE-2024-42139: Fix improper extts handling (bsc#1228503). - CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). - CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). - CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). - CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). - CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). - CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). - CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). - CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). - CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613). - CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742). - CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). - CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). - CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: - Indicate support for IRQ ResourceSource thru _OSC (git-fixes). - Indicate support for the Generic Event Device thru _OSC (git-fixes). - Rework system-level device notification handling (git-fixes). - Drop nocrt parameter (git-fixes). - x86: s2 Post-increment variables when getting constraints (git-fixes). - Do not cross .backup mountpoint from backup volume (git-fixes). - Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes). - Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). - Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). - Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes). - line6: Fix racy access to midibuf (stable-fixes). - Relax start tick time check for slave timer elements (git-fixes). - Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes). - Re-add ScratchAmp quirk entries (git-fixes). - Support Yamaha P-125 quirk entry (stable-fixes). - Fix UBSAN warning in parse_audio_unit() (stable-fixes). - arm64: initialize all values of acpi_early_node_map to (git-fixes) - arm64: initialize all values of acpi_early_node_map to (git-fixes) - arm64: Add Neoverse-V2 part (git-fixes) - arm64: armv8_ Fix warning in isndep cpuhp starting process (git-fixes) - arm64: armv8_ Fix warning in isndep cpuhp starting process (git-fixes) - arm64: Restore spec_bar() macro (git-fixes) - arm64: Add missing .field_width for GIC system registers (git-fixes) - arm64: Fix the visibility of compat hwcaps (git-fixes) - arm64: Force HWCAP to be based on the sysreg visible to (git-fixes) - arm64: Add Cortex-A720 definitions (git-fixes) - arm64: Add Cortex-A725 definitions (git-fixes) - arm64: Add Cortex-X1C definitions (git-fixes) - arm64: Add Cortex-X3 definitions (git-fixes) - arm64: Add Cortex-X4 definitions (git-fixes) - arm64: Add Cortex-X925 definitions (git-fixes) - arm64: Add Neoverse-V3 definitions (git-fixes) - arm64: Increase VOP clk rate on RK3328 (git-fixes) - arm64: Increase VOP clk rate on RK3328 (git-fixes) - arm64: Expand speculative SSBS workaround (again) (git-fixes) - arm64: Expand speculative SSBS workaround (git-fixes) - arm64: Unify speculative SSBS errata logic (git-fixes) Also update default configuration. - arm64: Fix KASAN random tag seed initialization (git-fixes) - arm64: Fix KASAN random tag seed initialization (git-fixes) - wcd938 Correct Soundwire ports mask (git-fixes). - wsa881 Correct Soundwire ports mask (git-fixes). - fix irq scheduling issue with PREEMPT_RT (git-fixes). - Introduce async_schedule_dev_nocall() (bsc#1221269). - Split async_schedule_node_domain() (bsc#1221269). - Fix usage of __hci_cmd_sync_status (git-fixes). - hci_ Fix not handling hibernation actions (git-fixes). - l2 always unlock channel in l2cap_conless_channel() (git-fixes). - L2 Fix deadlock (git-fixes). - Fix a kernel verifier crash in stacksafe() (bsc#1225903). - remove unused declaring of bpf_kprobe_override (git-fixes). - fix leak of qgroup extent records after transaction abort (git-fixes). - make btrfs_destroy_delayed_refs() return void (git-fixes). - remove unnecessary prototype declarations at disk-io.c (git-fixes). - update fs features directory asynchronously (bsc#1226168). - propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418). - issue a cap release immediately if no cap exists (bsc#1225162). - periodically flush the cap releases (bsc#1225162). - Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). - cpuidle, Evaluate LPI arch_flags for broadcast timer (git-fixes). - Fix register ID of SPSR_FIQ (git-fixes). - add missing MODULE_DESCRIPTION() macros (stable-fixes). - Add labels for both Valve Steam Deck revisions (stable-fixes). - Add quirk for Aya Neo KUN (stable-fixes). - Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes). - Add quirk for Nanote UMPC-01 (stable-fixes). - Add quirk for OrangePi Neo (stable-fixes). - drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes). - Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). - avoid using null object of framebuffer (git-fixes). - Fix && vs || typos (git-fixes). - Skip Recompute DSC Params if no Stream on Link (stable-fixes). - Validate hw_points_num before using it (stable-fixes). - Fix the null pointer dereference for vega10_hwmgr (stable-fixes). - Actually check flags for all context ops (stable-fixes). - Add lock around VF RLCG interface (stable-fixes). - fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). - Fix the null pointer dereference to ras_manager (stable-fixes). - Validate TA binary size (stable-fixes). - drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). - Fix the null pointer dereference for smu7 (stable-fixes). - Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). - Fix the param type of set_power_profile_mode (stable-fixes). - analogix_ properly handle zero sized AUX transactions (stable-fixes). - tc358768: Attempt to fix DSI horizontal timings (stable-fixes). - fix null pointer dereference in drm_client_modeset_probe (git-fixes). - drm/dp_ Skip CSN if topology probing is not done yet (stable-fixes). - set gp bus_stop bit before hard reset (stable-fixes). - reset the link phy params before link training (git-fixes). - cleanup FB if dpu_format_populate_layout fails (git-fixes). - do not play tricks with debug macros (git-fixes). - Zero-initialize iosys_map (stable-fixes). - fix inode->i_blocks for non-512 byte sector size device (git-fixes). - fix potential deadlock on __exfat_get_dentry_set (git-fixes). - redefine DIR_DELETED as the bad cluster number (git-fixes). - support dynamic allocate bh for exfat_entry_set_cache (git-fixes). - fs/netfs/fscache_ add missing 'n_accesses' check (bsc#1229453). - Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). - Add might_sleep() to disable_irq() (git-fixes). - Always limit the affinity to online CPUs (git-fixes). - Do not return error on missing optional irq_request_resources() (git-fixes). - Take the proposed affinity at face value if force==true (git-fixes). - genirq/cpuhotplug, x86 Prevent vector leak during CPU offline (git-fixes). - genirq/generic_ Make irq_remove_generic_chip() irqdomain aware (git-fixes). - Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes). - Do not try to remove non-existing sysfs files (git-fixes). - Exclude managed interrupts in irq_matrix_allocated() (git-fixes). - Shutdown managed interrupts with unsatifiable affinities (git-fixes). - gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes). - fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). - i2 Improve handling of stuck alerts (git-fixes). - i2 Send alert notifications to all devices if source not found (git-fixes). - Convert comma to semicolon (git-fixes). - ip6_ Fix broken GRO (bsc#1229444). - ipv6: fix incorrect unregister order (git-fixes). - Drop bogus fwspec-mapping error handling (git-fixes). - Fix association race (git-fixes). - Fix disassociation race (git-fixes). - Fix domain registration race (git-fixes). - Fix mapping-creation race (git-fixes). - Fixed unbalanced fwnode get and put (git-fixes). - Look for existing mapping only once (git-fixes). - Refactor __irq_domain_alloc_irqs() (git-fixes). - Report irq number for NOMAP domains (git-fixes). - Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' (bsc#1230413). - Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' (bsc#1230413). - Revert 'mm/sparsemem: fix race in accessing memory_section->usage' (bsc#1230413). - kernel/irq/irqdomain. fix memory leak with using debugfs_lookup() (git-fixes). - Fix to check symbol prefixes correctly (git-fixes). - move from strlcpy with unused retval to strscpy (git-fixes). - protect concurrent access to mem_cgroup_idr (git-fixes). - mm, fix infinite recursion due to RCU critical section (git-fixes). - prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). - dw_ allow biu and ciu clocks to defer (git-fixes). - mmc_ Fix NULL dereference on allocation failure (git-fixes). - ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes). - ks8851: Fix deadlock with the SPI chip variant (git-fixes). - ks8851: Fix potential TX stall after interface reopen (git-fixes). - ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes). - Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). - Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). - Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes). - Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). - remove two BUG() from skb_checksum_help() (bsc#1229312). - qmi_ fix memory leak for not ip packets (git-fixes). - fix possible cp null dereference (git-fixes). - initialize noop_qdisc owner (git-fixes). - pn533: Add poll mod list filling check (git-fixes). - expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). - make the rpc_stat per net namespace (git-fixes). - add posix ACLs to struct nfsd_attrs (git-fixes). - add security label to struct nfsd_attrs (git-fixes). - fix regression with setting ACLs (git-fixes). - Fix strncpy() fortify warning (git-fixes). - Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes). - introduce struct nfsd_attrs (git-fixes). - move from strlcpy with unused retval to strscpy (git-fixes). - Optimize DRC bucket pruning (git-fixes). - return error if nfs4_setacl fails (git-fixes). - set attributes when creating symlinks (git-fixes). - use locks_inode_context helper (git-fixes). - nilfs2: Remove check for PageError (git-fixes). - nvme_ scan namespaces asynchronously (bsc#1224105). - ocfs2: use coarse time for new created files (git-fixes). - Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). - perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes). - platform/x86 Add support for ACPI based probing (jsc#PED-8779). - platform/x86 Cache pci_dev in struct hsmp_socket (jsc#PED-8779). - platform/x86 Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). - platform/x86 Check HSMP support on AMD family of processors (jsc#PED-8779). - platform/x86 Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). - platform/x86 Create static func to handle platdev (jsc#PED-8779). - platform/x86 Define a struct to hold mailbox regs (jsc#PED-8779). - platform/x86 Move dev from platdev to hsmp_socket (jsc#PED-8779). - platform/x86 Move hsmp_test to probe (jsc#PED-8779). - platform/x86 Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). - platform/x86 Remove extra parenthesis and add a space (jsc#PED-8779). - platform/x86 Restructure sysfs group creation (jsc#PED-8779). - platform/x86 switch to use device_add_groups() (jsc#PED-8779). - axp288_ Fix constant_charge_voltage writes (git-fixes). - axp288_ Round constant_charge_voltage writes down (git-fixes). - Fail build if using recordmcount with binutils v2.37 (bsc#1194869). - Mark .opd section read-only (bsc#1194869). - use generic version of arch_is_kernel_initmem_freed() (bsc#1194869). - xor_ Add '-mhard-float' to CFLAGS (bsc#1194869). - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). - Avoid clang null pointer arithmetic warnings (bsc#1194869). - powerpc/kexec_ fix cpus node update to FDT (bsc#1194869). - make the update_cpus_node() function public (bsc#1194869). - split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). - Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). - Whitelist dtl slub object for copying to userspace (bsc#1194869). - Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). - Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). - Check cpu id in commands 'c#', 'dp#' and 'dx#' (bsc#1194869). - RDMA/mana_ Use virtual address in dma regions for MRs (git-fixes). - Fix incomplete state save in rxe_requester (git-fixes) - Fix rxe_modify_srq (git-fixes) - Handle zero length rdma (git-fixes) - Move work queue code to subroutines (git-fixes) - s390 get rid of register asm (git-fixes bsc#1227079 bsc#1229187). - s390 Make use of invalid opcode produce a link error (git-fixes bsc#1227079). - s390 Split and rework cpacf query functions (git-fixes bsc#1229187). - s390 fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190). - s390 fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573). - s390 Prevent release of buffer in I/O (git-fixes bsc#1229572). - s390 Panic for set and remove shared access UVC errors (git-fixes bsc#1229188). - Fix scldiv calculation (git-fixes). - add a struct rpc_stats arg to rpc_create_args (git-fixes). - Fix a race to wake a sync task (git-fixes). - fix swiotlb_bounce() to do partial sync's correctly (git-fixes). - fix compat_sys_io_pgetevents_time64 usage (git-fixes). - Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). - add check for crypto_shash_tfm_digest (git-fixes). - dbg_orphan_ Fix missed key type checking (git-fixes). - Fix adding orphan entry twice for the same inode (git-fixes). - Fix unattached xattr inode if powercut happens after deleting (git-fixes). - fix potential memory leak in vfio_intx_enable() (git-fixes). - fix wgds rev 3 exact size (git-fixes). - duplicate static structs used in driver instances (git-fixes). - x86 drop the duplicate APM_MINOR_DEV macro (git-fixes). - x86 Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes). - x86 Fix pti_clone_entry_text() for i386 (git-fixes). - x86 Check if fixed MTRRs exist before saving them (git-fixes). - x86 Work around false positive kmemleak report in msr_build_context() (git-fixes). - Fix missing interval for missing_owner in xfs fsmap (git-fixes). - Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). - use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). - Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). - Fix rpcrdma_reqs_reset() (git-fixes). Important SUSE bug 1193629 SUSE bug 1194111 SUSE bug 1194765 SUSE bug 1194869 SUSE bug 1196261 SUSE bug 1196516 SUSE bug 1196894 SUSE bug 1198017 SUSE bug 1203329 SUSE bug 1203330 SUSE bug 1203360 SUSE bug 1205462 SUSE bug 1206006 SUSE bug 1206258 SUSE bug 1206843 SUSE bug 1207158 SUSE bug 1208783 SUSE bug 1210644 SUSE bug 1213580 SUSE bug 1213632 SUSE bug 1214285 SUSE bug 1216834 SUSE bug 1220428 SUSE bug 1220877 SUSE bug 1220962 SUSE bug 1221269 SUSE bug 1221326 SUSE bug 1221630 SUSE bug 1221645 SUSE bug 1222335 SUSE bug 1222350 SUSE bug 1222372 SUSE bug 1222387 SUSE bug 1222634 SUSE bug 1222808 SUSE bug 1222967 SUSE bug 1223074 SUSE bug 1223191 SUSE bug 1223508 SUSE bug 1223720 SUSE bug 1223742 SUSE bug 1223777 SUSE bug 1223803 SUSE bug 1223807 SUSE bug 1224105 SUSE bug 1224415 SUSE bug 1224496 SUSE bug 1224510 SUSE bug 1224542 SUSE bug 1224578 SUSE bug 1224639 SUSE bug 1225162 SUSE bug 1225352 SUSE bug 1225428 SUSE bug 1225524 SUSE bug 1225578 SUSE bug 1225582 SUSE bug 1225773 SUSE bug 1225814 SUSE bug 1225827 SUSE bug 1225832 SUSE bug 1225903 SUSE bug 1226168 SUSE bug 1226530 SUSE bug 1226613 SUSE bug 1226742 SUSE bug 1226765 SUSE bug 1226798 SUSE bug 1226801 SUSE bug 1226874 SUSE bug 1226885 SUSE bug 1227079 SUSE bug 1227623 SUSE bug 1227761 SUSE bug 1227830 SUSE bug 1227863 SUSE bug 1227867 SUSE bug 1227929 SUSE bug 1227937 SUSE bug 1227958 SUSE bug 1228020 SUSE bug 1228065 SUSE bug 1228114 SUSE bug 1228410 SUSE bug 1228426 SUSE bug 1228427 SUSE bug 1228429 SUSE bug 1228446 SUSE bug 1228447 SUSE bug 1228449 SUSE bug 1228450 SUSE bug 1228452 SUSE bug 1228456 SUSE bug 1228463 SUSE bug 1228466 SUSE bug 1228467 SUSE bug 1228469 SUSE bug 1228480 SUSE bug 1228481 SUSE bug 1228482 SUSE bug 1228483 SUSE bug 1228484 SUSE bug 1228485 SUSE bug 1228487 SUSE bug 1228489 SUSE bug 1228491 SUSE bug 1228493 SUSE bug 1228494 SUSE bug 1228495 SUSE bug 1228496 SUSE bug 1228501 SUSE bug 1228503 SUSE bug 1228509 SUSE bug 1228513 SUSE bug 1228515 SUSE bug 1228516 SUSE bug 1228526 SUSE bug 1228531 SUSE bug 1228563 SUSE bug 1228564 SUSE bug 1228567 SUSE bug 1228576 SUSE bug 1228579 SUSE bug 1228584 SUSE bug 1228588 SUSE bug 1228590 SUSE bug 1228615 SUSE bug 1228616 SUSE bug 1228635 SUSE bug 1228636 SUSE bug 1228654 SUSE bug 1228656 SUSE bug 1228658 SUSE bug 1228660 SUSE bug 1228662 SUSE bug 1228667 SUSE bug 1228673 SUSE bug 1228677 SUSE bug 1228687 SUSE bug 1228706 SUSE bug 1228708 SUSE bug 1228710 SUSE bug 1228718 SUSE bug 1228720 SUSE bug 1228721 SUSE bug 1228722 SUSE bug 1228724 SUSE bug 1228726 SUSE bug 1228727 SUSE bug 1228733 SUSE bug 1228748 SUSE bug 1228766 SUSE bug 1228779 SUSE bug 1228801 SUSE bug 1228850 SUSE bug 1228857 SUSE bug 1228959 SUSE bug 1228964 SUSE bug 1228966 SUSE bug 1228967 SUSE bug 1228979 SUSE bug 1228988 SUSE bug 1228989 SUSE bug 1228991 SUSE bug 1228992 SUSE bug 1229042 SUSE bug 1229054 SUSE bug 1229086 SUSE bug 1229136 SUSE bug 1229154 SUSE bug 1229187 SUSE bug 1229188 SUSE bug 1229190 SUSE bug 1229287 SUSE bug 1229290 SUSE bug 1229292 SUSE bug 1229296 SUSE bug 1229297 SUSE bug 1229301 SUSE bug 1229303 SUSE bug 1229304 SUSE bug 1229305 SUSE bug 1229307 SUSE bug 1229309 SUSE bug 1229312 SUSE bug 1229314 SUSE bug 1229315 SUSE bug 1229317 SUSE bug 1229318 SUSE bug 1229319 SUSE bug 1229327 SUSE bug 1229341 SUSE bug 1229345 SUSE bug 1229346 SUSE bug 1229347 SUSE bug 1229349 SUSE bug 1229350 SUSE bug 1229351 SUSE bug 1229354 SUSE bug 1229356 SUSE bug 1229357 SUSE bug 1229358 SUSE bug 1229359 SUSE bug 1229360 SUSE bug 1229366 SUSE bug 1229370 SUSE bug 1229373 SUSE bug 1229374 SUSE bug 1229381 SUSE bug 1229382 SUSE bug 1229383 SUSE bug 1229386 SUSE bug 1229388 SUSE bug 1229391 SUSE bug 1229392 SUSE bug 1229395 SUSE bug 1229398 SUSE bug 1229399 SUSE bug 1229400 SUSE bug 1229407 SUSE bug 1229409 SUSE bug 1229410 SUSE bug 1229411 SUSE bug 1229413 SUSE bug 1229414 SUSE bug 1229417 SUSE bug 1229418 SUSE bug 1229444 SUSE bug 1229453 SUSE bug 1229454 SUSE bug 1229481 SUSE bug 1229482 SUSE bug 1229488 SUSE bug 1229489 SUSE bug 1229490 SUSE bug 1229493 SUSE bug 1229495 SUSE bug 1229497 SUSE bug 1229500 SUSE bug 1229503 SUSE bug 1229506 SUSE bug 1229507 SUSE bug 1229508 SUSE bug 1229509 SUSE bug 1229510 SUSE bug 1229512 SUSE bug 1229516 SUSE bug 1229521 SUSE bug 1229522 SUSE bug 1229523 SUSE bug 1229524 SUSE bug 1229525 SUSE bug 1229526 SUSE bug 1229527 SUSE bug 1229528 SUSE bug 1229529 SUSE bug 1229531 SUSE bug 1229533 SUSE bug 1229535 SUSE bug 1229536 SUSE bug 1229537 SUSE bug 1229540 SUSE bug 1229544 SUSE bug 1229545 SUSE bug 1229546 SUSE bug 1229547 SUSE bug 1229548 SUSE bug 1229554 SUSE bug 1229557 SUSE bug 1229558 SUSE bug 1229559 SUSE bug 1229560 SUSE bug 1229562 SUSE bug 1229564 SUSE bug 1229565 SUSE bug 1229566 SUSE bug 1229568 SUSE bug 1229569 SUSE bug 1229572 SUSE bug 1229573 SUSE bug 1229576 SUSE bug 1229581 SUSE bug 1229588 SUSE bug 1229598 SUSE bug 1229603 SUSE bug 1229604 SUSE bug 1229605 SUSE bug 1229608 SUSE bug 1229611 SUSE bug 1229612 SUSE bug 1229613 SUSE bug 1229614 SUSE bug 1229615 SUSE bug 1229616 SUSE bug 1229617 SUSE bug 1229620 SUSE bug 1229622 SUSE bug 1229623 SUSE bug 1229624 SUSE bug 1229625 SUSE bug 1229626 SUSE bug 1229628 SUSE bug 1229629 SUSE bug 1229630 SUSE bug 1229631 SUSE bug 1229632 SUSE bug 1229635 SUSE bug 1229636 SUSE bug 1229637 SUSE bug 1229638 SUSE bug 1229639 SUSE bug 1229641 SUSE bug 1229642 SUSE bug 1229643 SUSE bug 1229645 SUSE bug 1229657 SUSE bug 1229658 SUSE bug 1229662 SUSE bug 1229664 SUSE bug 1229707 SUSE bug 1229739 SUSE bug 1229743 SUSE bug 1229746 SUSE bug 1229754 SUSE bug 1229755 SUSE bug 1229756 SUSE bug 1229759 SUSE bug 1229761 SUSE bug 1229767 SUSE bug 1229768 SUSE bug 1229781 SUSE bug 1229784 SUSE bug 1229787 SUSE bug 1229788 SUSE bug 1229789 SUSE bug 1229792 SUSE bug 1229820 SUSE bug 1230413 CVE-2021-4204 at SUSE CVE-2021-4204 at NVD CVE-2021-4441 at SUSE CVE-2021-4441 at NVD CVE-2021-47106 at SUSE CVE-2021-47106 at NVD CVE-2021-47517 at SUSE CVE-2021-47517 at NVD CVE-2021-47546 at SUSE CVE-2021-47546 at NVD CVE-2022-0500 at SUSE CVE-2022-0500 at NVD CVE-2022-23222 at SUSE CVE-2022-23222 at NVD CVE-2022-38457 at SUSE CVE-2022-38457 at NVD CVE-2022-40133 at SUSE CVE-2022-40133 at NVD CVE-2022-4382 at SUSE CVE-2022-4382 at NVD CVE-2022-48645 at SUSE CVE-2022-48645 at NVD CVE-2022-48706 at SUSE CVE-2022-48706 at NVD CVE-2022-48808 at SUSE CVE-2022-48808 at NVD CVE-2022-48865 at SUSE CVE-2022-48865 at NVD CVE-2022-48868 at SUSE CVE-2022-48868 at NVD CVE-2022-48869 at SUSE CVE-2022-48869 at NVD CVE-2022-48870 at SUSE CVE-2022-48870 at NVD CVE-2022-48871 at SUSE CVE-2022-48871 at NVD CVE-2022-48872 at SUSE CVE-2022-48872 at NVD CVE-2022-48873 at SUSE CVE-2022-48873 at NVD CVE-2022-48875 at SUSE CVE-2022-48875 at NVD CVE-2022-48878 at SUSE CVE-2022-48878 at NVD CVE-2022-48880 at SUSE CVE-2022-48880 at NVD CVE-2022-48881 at SUSE CVE-2022-48881 at NVD CVE-2022-48882 at SUSE CVE-2022-48882 at NVD CVE-2022-48883 at SUSE CVE-2022-48883 at NVD CVE-2022-48884 at SUSE CVE-2022-48884 at NVD CVE-2022-48885 at SUSE CVE-2022-48885 at NVD CVE-2022-48886 at SUSE CVE-2022-48886 at NVD CVE-2022-48887 at SUSE CVE-2022-48887 at NVD CVE-2022-48888 at SUSE CVE-2022-48888 at NVD CVE-2022-48889 at SUSE CVE-2022-48889 at NVD CVE-2022-48890 at SUSE CVE-2022-48890 at NVD CVE-2022-48891 at SUSE CVE-2022-48891 at NVD CVE-2022-48893 at SUSE CVE-2022-48893 at NVD CVE-2022-48896 at SUSE CVE-2022-48896 at NVD CVE-2022-48898 at SUSE CVE-2022-48898 at NVD CVE-2022-48899 at SUSE CVE-2022-48899 at NVD CVE-2022-48903 at SUSE CVE-2022-48903 at NVD CVE-2022-48904 at SUSE CVE-2022-48904 at NVD CVE-2022-48905 at SUSE CVE-2022-48905 at NVD CVE-2022-48906 at SUSE CVE-2022-48906 at NVD CVE-2022-48907 at SUSE CVE-2022-48907 at NVD CVE-2022-48909 at SUSE CVE-2022-48909 at NVD CVE-2022-48910 at SUSE CVE-2022-48910 at NVD CVE-2022-48912 at SUSE CVE-2022-48912 at NVD CVE-2022-48913 at SUSE CVE-2022-48913 at NVD CVE-2022-48914 at SUSE CVE-2022-48914 at NVD CVE-2022-48915 at SUSE CVE-2022-48915 at NVD CVE-2022-48916 at SUSE CVE-2022-48916 at NVD CVE-2022-48917 at SUSE CVE-2022-48917 at NVD CVE-2022-48918 at SUSE CVE-2022-48918 at NVD CVE-2022-48919 at SUSE CVE-2022-48919 at NVD CVE-2022-48920 at SUSE CVE-2022-48920 at NVD CVE-2022-48921 at SUSE CVE-2022-48921 at NVD CVE-2022-48923 at SUSE CVE-2022-48923 at NVD CVE-2022-48924 at SUSE CVE-2022-48924 at NVD CVE-2022-48925 at SUSE CVE-2022-48925 at NVD CVE-2022-48926 at SUSE CVE-2022-48926 at NVD CVE-2022-48927 at SUSE CVE-2022-48927 at NVD CVE-2022-48928 at SUSE CVE-2022-48928 at NVD CVE-2022-48929 at SUSE CVE-2022-48929 at NVD CVE-2022-48930 at SUSE CVE-2022-48930 at NVD CVE-2022-48931 at SUSE CVE-2022-48931 at NVD CVE-2022-48932 at SUSE CVE-2022-48932 at NVD CVE-2022-48934 at SUSE CVE-2022-48934 at NVD CVE-2022-48937 at SUSE CVE-2022-48937 at NVD CVE-2022-48938 at SUSE CVE-2022-48938 at NVD CVE-2022-48939 at SUSE CVE-2022-48939 at NVD CVE-2022-48940 at SUSE CVE-2022-48940 at NVD CVE-2022-48941 at SUSE CVE-2022-48941 at NVD CVE-2022-48942 at SUSE CVE-2022-48942 at NVD CVE-2022-48943 at SUSE CVE-2022-48943 at NVD CVE-2023-3610 at SUSE CVE-2023-3610 at NVD CVE-2023-52458 at SUSE CVE-2023-52458 at NVD CVE-2023-52489 at SUSE CVE-2023-52489 at NVD CVE-2023-52498 at SUSE CVE-2023-52498 at NVD CVE-2023-52581 at SUSE CVE-2023-52581 at NVD CVE-2023-52859 at SUSE CVE-2023-52859 at NVD CVE-2023-52887 at SUSE CVE-2023-52887 at NVD CVE-2023-52889 at SUSE CVE-2023-52889 at NVD CVE-2023-52893 at SUSE CVE-2023-52893 at NVD CVE-2023-52894 at SUSE CVE-2023-52894 at NVD CVE-2023-52896 at SUSE CVE-2023-52896 at NVD CVE-2023-52898 at SUSE CVE-2023-52898 at NVD CVE-2023-52899 at SUSE CVE-2023-52899 at NVD CVE-2023-52900 at SUSE CVE-2023-52900 at NVD CVE-2023-52901 at SUSE CVE-2023-52901 at NVD CVE-2023-52904 at SUSE CVE-2023-52904 at NVD CVE-2023-52905 at SUSE CVE-2023-52905 at NVD CVE-2023-52906 at SUSE CVE-2023-52906 at NVD CVE-2023-52907 at SUSE CVE-2023-52907 at NVD CVE-2023-52908 at SUSE CVE-2023-52908 at NVD CVE-2023-52909 at SUSE CVE-2023-52909 at NVD CVE-2023-52910 at SUSE CVE-2023-52910 at NVD CVE-2023-52911 at SUSE CVE-2023-52911 at NVD CVE-2023-52912 at SUSE CVE-2023-52912 at NVD CVE-2023-52913 at SUSE CVE-2023-52913 at NVD CVE-2024-26631 at SUSE CVE-2024-26631 at NVD CVE-2024-26668 at SUSE CVE-2024-26668 at NVD CVE-2024-26669 at SUSE CVE-2024-26669 at NVD CVE-2024-26677 at SUSE CVE-2024-26677 at NVD CVE-2024-26735 at SUSE CVE-2024-26735 at NVD CVE-2024-26808 at SUSE CVE-2024-26808 at NVD CVE-2024-26812 at SUSE CVE-2024-26812 at NVD CVE-2024-26835 at SUSE CVE-2024-26835 at NVD CVE-2024-26851 at SUSE CVE-2024-26851 at NVD CVE-2024-27010 at SUSE CVE-2024-27010 at NVD CVE-2024-27011 at SUSE CVE-2024-27011 at NVD CVE-2024-27016 at SUSE CVE-2024-27016 at NVD CVE-2024-27024 at SUSE CVE-2024-27024 at NVD CVE-2024-27079 at SUSE CVE-2024-27079 at NVD CVE-2024-27403 at SUSE CVE-2024-27403 at NVD CVE-2024-31076 at SUSE CVE-2024-31076 at NVD CVE-2024-35897 at SUSE CVE-2024-35897 at NVD CVE-2024-35902 at SUSE CVE-2024-35902 at NVD CVE-2024-35945 at SUSE CVE-2024-35945 at NVD CVE-2024-35971 at SUSE CVE-2024-35971 at NVD CVE-2024-36009 at SUSE CVE-2024-36009 at NVD CVE-2024-36013 at SUSE CVE-2024-36013 at NVD CVE-2024-36270 at SUSE CVE-2024-36270 at NVD CVE-2024-36286 at SUSE CVE-2024-36286 at NVD CVE-2024-36489 at SUSE CVE-2024-36489 at NVD CVE-2024-36929 at SUSE CVE-2024-36929 at NVD CVE-2024-36933 at SUSE CVE-2024-36933 at NVD CVE-2024-36936 at SUSE CVE-2024-36936 at NVD CVE-2024-36962 at SUSE CVE-2024-36962 at NVD CVE-2024-38554 at SUSE CVE-2024-38554 at NVD CVE-2024-38602 at SUSE CVE-2024-38602 at NVD CVE-2024-38662 at SUSE CVE-2024-38662 at NVD CVE-2024-39489 at SUSE CVE-2024-39489 at NVD CVE-2024-40905 at SUSE CVE-2024-40905 at NVD CVE-2024-40978 at SUSE CVE-2024-40978 at NVD CVE-2024-40980 at SUSE CVE-2024-40980 at NVD CVE-2024-40995 at SUSE CVE-2024-40995 at NVD CVE-2024-41000 at SUSE CVE-2024-41000 at NVD CVE-2024-41007 at SUSE CVE-2024-41007 at NVD CVE-2024-41009 at SUSE CVE-2024-41009 at NVD CVE-2024-41011 at SUSE CVE-2024-41011 at NVD CVE-2024-41016 at SUSE CVE-2024-41016 at NVD CVE-2024-41020 at SUSE CVE-2024-41020 at NVD CVE-2024-41022 at SUSE CVE-2024-41022 at NVD CVE-2024-41035 at SUSE CVE-2024-41035 at NVD CVE-2024-41036 at SUSE CVE-2024-41036 at NVD CVE-2024-41038 at SUSE CVE-2024-41038 at NVD CVE-2024-41039 at SUSE CVE-2024-41039 at NVD CVE-2024-41042 at SUSE CVE-2024-41042 at NVD CVE-2024-41045 at SUSE CVE-2024-41045 at NVD CVE-2024-41056 at SUSE CVE-2024-41056 at NVD CVE-2024-41060 at SUSE CVE-2024-41060 at NVD CVE-2024-41062 at SUSE CVE-2024-41062 at NVD CVE-2024-41065 at SUSE CVE-2024-41065 at NVD CVE-2024-41068 at SUSE CVE-2024-41068 at NVD CVE-2024-41073 at SUSE CVE-2024-41073 at NVD CVE-2024-41079 at SUSE CVE-2024-41079 at NVD CVE-2024-41080 at SUSE CVE-2024-41080 at NVD CVE-2024-41087 at SUSE CVE-2024-41087 at NVD CVE-2024-41088 at SUSE CVE-2024-41088 at NVD CVE-2024-41089 at SUSE CVE-2024-41089 at NVD CVE-2024-41092 at SUSE CVE-2024-41092 at NVD CVE-2024-41093 at SUSE CVE-2024-41093 at NVD CVE-2024-41095 at SUSE CVE-2024-41095 at NVD CVE-2024-41097 at SUSE CVE-2024-41097 at NVD CVE-2024-41098 at SUSE CVE-2024-41098 at NVD CVE-2024-42069 at SUSE CVE-2024-42069 at NVD CVE-2024-42074 at SUSE CVE-2024-42074 at NVD CVE-2024-42076 at SUSE CVE-2024-42076 at NVD CVE-2024-42077 at SUSE CVE-2024-42077 at NVD CVE-2024-42080 at SUSE CVE-2024-42080 at NVD CVE-2024-42082 at SUSE CVE-2024-42082 at NVD CVE-2024-42085 at SUSE CVE-2024-42085 at NVD CVE-2024-42086 at SUSE CVE-2024-42086 at NVD CVE-2024-42087 at SUSE CVE-2024-42087 at NVD CVE-2024-42089 at SUSE CVE-2024-42089 at NVD CVE-2024-42090 at SUSE CVE-2024-42090 at NVD CVE-2024-42092 at SUSE CVE-2024-42092 at NVD CVE-2024-42095 at SUSE CVE-2024-42095 at NVD CVE-2024-42097 at SUSE CVE-2024-42097 at NVD CVE-2024-42098 at SUSE CVE-2024-42098 at NVD CVE-2024-42101 at SUSE CVE-2024-42101 at NVD CVE-2024-42104 at SUSE CVE-2024-42104 at NVD CVE-2024-42106 at SUSE CVE-2024-42106 at NVD CVE-2024-42107 at SUSE CVE-2024-42107 at NVD CVE-2024-42110 at SUSE CVE-2024-42110 at NVD CVE-2024-42114 at SUSE CVE-2024-42114 at NVD CVE-2024-42115 at SUSE CVE-2024-42115 at NVD CVE-2024-42119 at SUSE CVE-2024-42119 at NVD CVE-2024-42120 at SUSE CVE-2024-42120 at NVD CVE-2024-42121 at SUSE CVE-2024-42121 at NVD CVE-2024-42126 at SUSE CVE-2024-42126 at NVD CVE-2024-42127 at SUSE CVE-2024-42127 at NVD CVE-2024-42130 at SUSE CVE-2024-42130 at NVD CVE-2024-42137 at SUSE CVE-2024-42137 at NVD CVE-2024-42139 at SUSE CVE-2024-42139 at NVD CVE-2024-42142 at SUSE CVE-2024-42142 at NVD CVE-2024-42143 at SUSE CVE-2024-42143 at NVD CVE-2024-42148 at SUSE CVE-2024-42148 at NVD CVE-2024-42152 at SUSE CVE-2024-42152 at NVD CVE-2024-42155 at SUSE CVE-2024-42155 at NVD CVE-2024-42156 at SUSE CVE-2024-42156 at NVD CVE-2024-42157 at SUSE CVE-2024-42157 at NVD CVE-2024-42158 at SUSE CVE-2024-42158 at NVD CVE-2024-42162 at SUSE CVE-2024-42162 at NVD CVE-2024-42223 at SUSE CVE-2024-42223 at NVD CVE-2024-42225 at SUSE CVE-2024-42225 at NVD CVE-2024-42228 at SUSE CVE-2024-42228 at NVD CVE-2024-42229 at SUSE CVE-2024-42229 at NVD CVE-2024-42230 at SUSE CVE-2024-42230 at NVD CVE-2024-42232 at SUSE CVE-2024-42232 at NVD CVE-2024-42236 at SUSE CVE-2024-42236 at NVD CVE-2024-42237 at SUSE CVE-2024-42237 at NVD CVE-2024-42238 at SUSE CVE-2024-42238 at NVD CVE-2024-42239 at SUSE CVE-2024-42239 at NVD CVE-2024-42240 at SUSE CVE-2024-42240 at NVD CVE-2024-42244 at SUSE CVE-2024-42244 at NVD CVE-2024-42246 at SUSE CVE-2024-42246 at NVD CVE-2024-42247 at SUSE CVE-2024-42247 at NVD CVE-2024-42268 at SUSE CVE-2024-42268 at NVD CVE-2024-42271 at SUSE CVE-2024-42271 at NVD CVE-2024-42274 at SUSE CVE-2024-42274 at NVD CVE-2024-42276 at SUSE CVE-2024-42276 at NVD CVE-2024-42277 at SUSE CVE-2024-42277 at NVD CVE-2024-42280 at SUSE CVE-2024-42280 at NVD CVE-2024-42281 at SUSE CVE-2024-42281 at NVD CVE-2024-42283 at SUSE CVE-2024-42283 at NVD CVE-2024-42284 at SUSE CVE-2024-42284 at NVD CVE-2024-42285 at SUSE CVE-2024-42285 at NVD CVE-2024-42286 at SUSE CVE-2024-42286 at NVD CVE-2024-42287 at SUSE CVE-2024-42287 at NVD CVE-2024-42288 at SUSE CVE-2024-42288 at NVD CVE-2024-42289 at SUSE CVE-2024-42289 at NVD CVE-2024-42291 at SUSE CVE-2024-42291 at NVD CVE-2024-42292 at SUSE CVE-2024-42292 at NVD CVE-2024-42295 at SUSE CVE-2024-42295 at NVD CVE-2024-42301 at SUSE CVE-2024-42301 at NVD CVE-2024-42302 at SUSE CVE-2024-42302 at NVD CVE-2024-42308 at SUSE CVE-2024-42308 at NVD CVE-2024-42309 at SUSE CVE-2024-42309 at NVD CVE-2024-42310 at SUSE CVE-2024-42310 at NVD CVE-2024-42311 at SUSE CVE-2024-42311 at NVD CVE-2024-42312 at SUSE CVE-2024-42312 at NVD CVE-2024-42313 at SUSE CVE-2024-42313 at NVD CVE-2024-42315 at SUSE CVE-2024-42315 at NVD CVE-2024-42318 at SUSE CVE-2024-42318 at NVD CVE-2024-42319 at SUSE CVE-2024-42319 at NVD CVE-2024-42320 at SUSE CVE-2024-42320 at NVD CVE-2024-42322 at SUSE CVE-2024-42322 at NVD CVE-2024-43816 at SUSE CVE-2024-43816 at NVD CVE-2024-43818 at SUSE CVE-2024-43818 at NVD CVE-2024-43819 at SUSE CVE-2024-43819 at NVD CVE-2024-43821 at SUSE CVE-2024-43821 at NVD CVE-2024-43823 at SUSE CVE-2024-43823 at NVD CVE-2024-43829 at SUSE CVE-2024-43829 at NVD CVE-2024-43830 at SUSE CVE-2024-43830 at NVD CVE-2024-43831 at SUSE CVE-2024-43831 at NVD CVE-2024-43834 at SUSE CVE-2024-43834 at NVD CVE-2024-43837 at SUSE CVE-2024-43837 at NVD CVE-2024-43839 at SUSE CVE-2024-43839 at NVD CVE-2024-43841 at SUSE CVE-2024-43841 at NVD CVE-2024-43842 at SUSE CVE-2024-43842 at NVD CVE-2024-43846 at SUSE CVE-2024-43846 at NVD CVE-2024-43849 at SUSE CVE-2024-43849 at NVD CVE-2024-43853 at SUSE CVE-2024-43853 at NVD CVE-2024-43854 at SUSE CVE-2024-43854 at NVD CVE-2024-43856 at SUSE CVE-2024-43856 at NVD CVE-2024-43858 at SUSE CVE-2024-43858 at NVD CVE-2024-43860 at SUSE CVE-2024-43860 at NVD CVE-2024-43861 at SUSE CVE-2024-43861 at NVD CVE-2024-43863 at SUSE CVE-2024-43863 at NVD CVE-2024-43866 at SUSE CVE-2024-43866 at NVD CVE-2024-43867 at SUSE CVE-2024-43867 at NVD CVE-2024-43871 at SUSE CVE-2024-43871 at NVD CVE-2024-43872 at SUSE CVE-2024-43872 at NVD CVE-2024-43873 at SUSE CVE-2024-43873 at NVD CVE-2024-43879 at SUSE CVE-2024-43879 at NVD CVE-2024-43880 at SUSE CVE-2024-43880 at NVD CVE-2024-43882 at SUSE CVE-2024-43882 at NVD CVE-2024-43883 at SUSE CVE-2024-43883 at NVD CVE-2024-43884 at SUSE CVE-2024-43884 at NVD CVE-2024-43889 at SUSE CVE-2024-43889 at NVD CVE-2024-43892 at SUSE CVE-2024-43892 at NVD CVE-2024-43893 at SUSE CVE-2024-43893 at NVD CVE-2024-43894 at SUSE CVE-2024-43894 at NVD CVE-2024-43895 at SUSE CVE-2024-43895 at NVD CVE-2024-43899 at SUSE CVE-2024-43899 at NVD CVE-2024-43900 at SUSE CVE-2024-43900 at NVD CVE-2024-43902 at SUSE CVE-2024-43902 at NVD CVE-2024-43903 at SUSE CVE-2024-43903 at NVD CVE-2024-43904 at SUSE CVE-2024-43904 at NVD CVE-2024-43905 at SUSE CVE-2024-43905 at NVD CVE-2024-43907 at SUSE CVE-2024-43907 at NVD CVE-2024-43908 at SUSE CVE-2024-43908 at NVD CVE-2024-43909 at SUSE CVE-2024-43909 at NVD CVE-2024-44938 at SUSE CVE-2024-44938 at NVD CVE-2024-44939 at SUSE CVE-2024-44939 at NVD CVE-2024-44947 at SUSE CVE-2024-44947 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) Moderate SUSE bug 1231230 CVE-2024-6104 at SUSE CVE-2024-6104 at NVD CVE-2024-9341 at SUSE CVE-2024-9341 at NVD cpe:/o:suse:sle-micro:5.5 Security update for Mesa (Moderate) SUSE Linux Enterprise Micro 5.5 This update for Mesa fixes the following issues: - CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040) - CVE-2023-45919: Fixed buffer over-read in glXQueryServerString() (bsc#1222041) - CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute() (bsc#1222042) Moderate SUSE bug 1222040 SUSE bug 1222041 SUSE bug 1222042 CVE-2023-45913 at SUSE CVE-2023-45913 at NVD CVE-2023-45919 at SUSE CVE-2023-45919 at NVD CVE-2023-45922 at SUSE CVE-2023-45922 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607). - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662) - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619) - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610). - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269). - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650). - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340). - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339). - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875). - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846). - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890). - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819). - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082). - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507). - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364). - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363). - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362). - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394). - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764). - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753). - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830) - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790). - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810). - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899). - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180). - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178). - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209). - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211). - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230) - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192). - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193). - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194). - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171). - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233). - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175). - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248). - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444) - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431). - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451). - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506). - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507). - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549). - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556). - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515) - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517). - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524) - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589) - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (bsc#1230582). - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700). - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719). - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710) - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703) - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701) - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756). - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786). - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794). - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796). - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772). - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810). - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815). - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825). - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120). - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116). The following non-security bugs were fixed: - ACPI: battery: create alarm sysfs attribute atomically (git-fixes). - ACPI: CPPC: Fix MASK_VAL() usage (git-fixes). - ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes). - ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes). - ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes). - ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes). - ACPI: sysfs: validate return type of _STR method (git-fixes). - af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846). - af_unix: Fix data races around sk->sk_shutdown (bsc#1226846). - af_unix: Fix data-races around sk->sk_shutdown (git-fixes). - ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes). - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes). - ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes). - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes). - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes). - apparmor: fix possible NULL pointer dereference (stable-fixes). - arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes). - arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes). - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes). - arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes). - arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585) - arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585) - arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585) - arm64: tlb: Fix TLBI RANGE operand (bsc#1229585) - arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585) - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes). - ASoC: meson: axg-card: fix 'use-after-free' (git-fixes). - ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes). - ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes). - ASoC: tegra: Fix CBB error during probe() (git-fixes). - ASoC: topology: Properly initialize soc_enum values (stable-fixes). - ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes). - ata: pata_macio: Use WARN instead of BUG (stable-fixes). - blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600). - blk-mq: add number of queue calc helper (bsc#1229034). - blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031). - blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600). - blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034). - blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034). - blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034). - Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes). - Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes). - Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes). - Bluetooth: L2CAP: Fix deadlock (git-fixes). - Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes). - cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181). - cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013). - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes). - can: bcm: Remove proc entry when dev is unregistered (git-fixes). - can: j1939: use correct function name in comment (git-fixes). - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes). - cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes). - ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180). - char: xillybus: Check USB endpoints when probing device (git-fixes). - clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes). - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes). - clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes). - cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes). - crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes). - crypto: virtio - Handle dataq logic with tasklet (git-fixes). - crypto: virtio - Wait for tasklet to complete on device remove (git-fixes). - crypto: xor - fix template benchmarking (git-fixes). - devres: Initialize an uninitialized struct member (stable-fixes). - driver core: Add debug logs when fwnode links are added/deleted (git-fixes). - driver core: Add missing parameter description to __fwnode_link_add() (git-fixes). - driver core: Create __fwnode_link_del() helper function (git-fixes). - driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes). - driver core: fw_devlink: Consolidate device link flag computation (git-fixes). - driver core: Set deferred probe reason when deferred by driver core (git-fixes). - drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes). - Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes). - Drivers: hv: vmbus: Fix the misplaced function description (git-fixes). - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes). - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes). - drm/amd/amdgpu: Check tbo resource pointer (stable-fixes). - drm/amd/amdgpu: Properly tune the size of struct (git-fixes). - drm/amd/display: Add array index check for hdcp ddc access (stable-fixes). - drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes). - drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes). - drm/amd/display: Check denominator pbn_div before used (stable-fixes). - drm/amd/display: Check gpio_id before used as array index (stable-fixes). - drm/amd/display: Check HDCP returned status (stable-fixes). - drm/amd/display: Check msg_id before processing transcation (stable-fixes). - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes). - drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes). - drm/amd/display: Ensure index calculation will not overflow (stable-fixes). - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes). - drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes). - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes). - drm/amd/display: Spinlock before reading event (stable-fixes). - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes). - drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes). - drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes). - drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes). - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes). - drm/amdgpu: fix a possible null pointer dereference (git-fixes). - drm/amdgpu: fix dereference after null check (stable-fixes). - drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes). - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes). - drm/amdgpu: Fix out-of-bounds write warning (stable-fixes). - drm/amdgpu: fix overflowed array index read warning (stable-fixes). - drm/amdgpu: Fix smatch static checker warning (stable-fixes). - drm/amdgpu: fix the waring dereferencing hive (stable-fixes). - drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes). - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes). - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes). - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes). - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes). - drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes). - drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes). - drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes). - drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes). - drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes). - drm/amd/pm: check negtive return for table entries (stable-fixes). - drm/amd/pm: check specific index for aldebaran (stable-fixes). - drm/amd/pm: Fix negative array index read (stable-fixes). - drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes). - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes). - drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes). - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes). - drm/amd/pm: fix uninitialized variable warning (stable-fixes). - drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes). - drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes). - drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes). - drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes). - drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes). - drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes). - drm/meson: plane: Add error handling (stable-fixes). - drm/msm/a5xx: disable preemption in submits by default (git-fixes). - drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes). - drm/msm/a5xx: properly clear preemption records on resume (git-fixes). - drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes). - drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes). - drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444) - drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes). - drm/msm: fix %s null argument error (git-fixes). - drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes). - drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes). - drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes). - drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes). - drm/rockchip: vop: Allow 4096px width scaling (git-fixes). - drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes). - exfat: fix memory leak in exfat_load_bitmap() (git-fixes). - fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes). - filemap: remove use of wait bookmarks (bsc#1224085). - firmware_loader: Block path traversal (git-fixes). - fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592). - fuse: update stats for pages in dropped aux writeback list (bsc#1230130). - fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129). - genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031). - genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031). - genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031). - genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031). - gfs2: setattr_chown: Add missing initialization (git-fixes). - HID: amd_sfh: free driver_data after destroying hid device (stable-fixes). - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes). - hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (max16065) Fix overflows seen when writing limits (git-fixes). - hwmon: (ntc_thermistor) fix module autoloading (git-fixes). - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes). - hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes). - hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes). - hwrng: mtk - Use devm_pm_runtime_enable (git-fixes). - i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes). - i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). - i2c: isch: Add missed 'else' (git-fixes). - i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). - i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes). - i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes). - IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes) - IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock (git-fixes) - iio: adc: ad7124: fix chip ID mismatch (git-fixes). - iio: adc: ad7124: fix config comparison (git-fixes). - iio: adc: ad7606: fix oversampling gpio array (git-fixes). - iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes). - iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes). - iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes). - iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes). - iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes). - Input: ilitek_ts_i2c - add report id message validation (git-fixes). - Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes). - Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - Input: uinput - reject requests with unreasonable number of slots (stable-fixes). - ipmi: docs: do not advertise deprecated sysfs entries (git-fixes). - ipmi:ssif: Improve detecting during probing (bsc#1228771) - ipmi:ssif: Improve detecting during probing (bsc#1228771) - jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes). - kabi: add __nf_queue_get_refs() for kabi compliance. - kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes). - kthread: Fix task state in kthread worker if being frozen (bsc#1231146). - lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031). - lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034). - lib/group_cpus: Export group_cpus_evenly() (bsc#1229031). - lirc: rc_dev_get_from_fd(): fix file leak (git-fixes). - mailbox: bcm2835: Fix timeout during suspend mode (git-fixes). - mailbox: rockchip: fix a typo in module autoloading (git-fixes). - media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269) - media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes). - media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes). - media: Revert 'media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()' (git-fixes). - media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes). - media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes). - media: uvcvideo: Enforce alignment of frame and interval (stable-fixes). - media: venus: fix use after free bug in venus_remove due to race condition (git-fixes). - media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes). - media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes). - media: vivid: fix wrong sizeimage value for mplane (stable-fixes). - mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes). - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes). - mmc: sdhci-of-aspeed: fix module autoloading (git-fixes). - mtd: powernv: Add check devm_kasprintf() returned value (git-fixes). - mtd: slram: insert break after errors in parsing the map (git-fixes). - net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). - net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes). - net: missing check virtio (git-fixes). - net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes). - nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769). - NFSD: Fix frame size warning in svc_export_parse() (git-fixes). - NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662). - NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes). - NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726). - NFS: Reduce use of uncached readdir (bsc#1226662). - NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes). - nilfs2: Constify struct kobj_type (git-fixes). - nilfs2: determine empty node blocks as corrupted (git-fixes). - nilfs2: fix missing cleanup on rollforward recovery error (git-fixes). - nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes). - nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes). - nilfs2: fix state management in error path of log writing function (git-fixes). - nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes). - nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes). - nilfs2: use default_groups in kobj_type (git-fixes). - nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes). - nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes). - nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes). - nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034). - nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). - nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes). - nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes). - nvmet-tcp: do not continue for invalid icreq (git-fixes). - nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes). - nvmet-trace: avoid dereferencing pointer too early (git-fixes). - ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes). - ocfs2: fix null-ptr-deref when journal load failed (git-fixes). - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes). - ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes). - PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes). - PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes). - PCI/ASPM: Move pci_function_0() upward (bsc#1226915) - PCI/ASPM: Remove struct aspm_latency (bsc#1226915) - PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915) - PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915) - PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes). - PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes). - PCI: dwc: Restore MSI Receiver mask during resume (git-fixes). - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes). - PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes). - PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes). - PCI: Support BAR sizes up to 8TB (bsc#1231017) - PCI: Wait for Link before restoring Downstream Buses (git-fixes). - PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes). - PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes). - PCI: xilinx-nwl: Fix register misspelling (git-fixes). - pcmcia: Use resource_size function on resource object (stable-fixes). - pinctrl: single: fix missing error code in pcs_probe() (git-fixes). - pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes). - PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). - platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes). - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes). - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes). - power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes). - power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes). - power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes). - power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes). - RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes) - RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes) - RDMA/efa: Properly handle unexpected AQ completions (git-fixes) - RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes) - RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes) - RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes) - RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes) - RDMA/hns: Optimize hem allocation performance (git-fixes) - RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes) - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes) - RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes) - RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes) - RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes) - Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes). - Revert 'Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE' (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (stable-fixes). - rtc: at91sam9: fix OF node leak in probe() error path (git-fixes). - scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). - scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429). - scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429). - scsi: lpfc: Fix overflow build issue (bsc#1229429). - scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429). - scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429). - scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429). - scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429). - scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429). - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429). - scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034). - scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). - scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848). - scsi: use block layer helpers to calculate num of queues (bsc#1229034). - spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes). - Squashfs: sanity check symbolic link size (git-fixes). - staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes). - thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes). - tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes). - tools/virtio: fix build (git-fixes). - tpm: Clean up TPM space after command failure (git-fixes). - tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes). - tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes). - udp: fix receiving fraglist GSO packets (git-fixes). - uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes). - usb: cdnsp: Fix incorrect usb_request status (git-fixes). - USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes). - usb: dwc2: drd: fix clock gating on USB role switch (git-fixes). - usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes). - usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes). - usb: dwc3: core: Skip setting event buffers for host only controllers (git-fixes). - usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes). - usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes). - usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). - usbip: Do not submit special requests twice (stable-fixes). - usbnet: fix cyclical race on disconnect with work queue (git-fixes). - usbnet: ipheth: race between ipheth_close and error handling (git-fixes). - usbnet: modern method to get random MAC (git-fixes). - USB: serial: kobil_sct: restore initial terminal settings (git-fixes). - USB: serial: option: add MeiG Smart SRM825L (git-fixes). - usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes). - usb: uas: set host status byte on data completion error (git-fixes). - usb: uas: set host status byte on data completion error (stable-fixes). - USB: usbtmc: prevent kernel-usb-infoleak (git-fixes). - usb: xhci: fix loss of data on Cadence xHC (git-fixes). - vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes). - vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). - virito: add APIs for retrieving vq affinity (bsc#1229034). - virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes). - virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034). - virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034). - virtiofs: forbid newlines in tags (bsc#1230591). - virtio_net: checksum offloading handling fix (git-fixes). - virtio_net: Fix ''%d' directive writing between 1 and 11 bytes into a region of size 10' warnings (git-fixes). - virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). - virtio: reenable config if freezing device failed (git-fixes). - virtio/vsock: fix logic which reduces credit update messages (git-fixes). - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes). - vsock/virtio: add support for device suspend/resume (git-fixes). - vsock/virtio: factor our the code to initialize and delete VQs (git-fixes). - vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes). - vsock/virtio: remove socket from connected/bound list on shutdown (git-fixes). - watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes). - wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes). - wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes). - wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes). - wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes). - wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes). - wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes). - wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes). - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes). - wifi: rtw88: 8822c: Fix reported RX band width (git-fixes). - wifi: rtw88: always wait for both firmware loading attempts (git-fixes). - wifi: rtw88: remove CPT execution branch never used (git-fixes). - wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes). - x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes). - x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). - x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). - x86/xen: Convert comma to semicolon (git-fixes). - xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003). - xen: allow mapping ACPI data using a different physical address (bsc#1226003). - xen: introduce generic helper checking for memory map conflicts (bsc#1226003). - xen: move checks for e820 conflicts further up (bsc#1226003). - xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003). - xen/swiotlb: add alignment check for dma buffers (bsc#1229928). - xen/swiotlb: fix allocated size (git-fixes). - xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003). - xen: use correct end address of kernel for conflict checking (bsc#1226003). - xfs: do not include bnobt blocks when reserving free block pool (git-fixes). - xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes). - xz: cleanup CRC32 edits from 2018 (git-fixes). Important SUSE bug 1199769 SUSE bug 1216223 SUSE bug 1220382 SUSE bug 1221610 SUSE bug 1221650 SUSE bug 1222629 SUSE bug 1222973 SUSE bug 1223600 SUSE bug 1223848 SUSE bug 1224085 SUSE bug 1225903 SUSE bug 1226003 SUSE bug 1226606 SUSE bug 1226662 SUSE bug 1226666 SUSE bug 1226846 SUSE bug 1226860 SUSE bug 1226875 SUSE bug 1226915 SUSE bug 1227487 SUSE bug 1227726 SUSE bug 1227819 SUSE bug 1227832 SUSE bug 1227890 SUSE bug 1228507 SUSE bug 1228576 SUSE bug 1228620 SUSE bug 1228771 SUSE bug 1229031 SUSE bug 1229034 SUSE bug 1229086 SUSE bug 1229156 SUSE bug 1229289 SUSE bug 1229334 SUSE bug 1229362 SUSE bug 1229363 SUSE bug 1229364 SUSE bug 1229394 SUSE bug 1229429 SUSE bug 1229453 SUSE bug 1229572 SUSE bug 1229573 SUSE bug 1229585 SUSE bug 1229607 SUSE bug 1229619 SUSE bug 1229633 SUSE bug 1229662 SUSE bug 1229753 SUSE bug 1229764 SUSE bug 1229790 SUSE bug 1229810 SUSE bug 1229830 SUSE bug 1229899 SUSE bug 1229928 SUSE bug 1229947 SUSE bug 1230015 SUSE bug 1230129 SUSE bug 1230130 SUSE bug 1230170 SUSE bug 1230171 SUSE bug 1230174 SUSE bug 1230175 SUSE bug 1230176 SUSE bug 1230178 SUSE bug 1230180 SUSE bug 1230185 SUSE bug 1230192 SUSE bug 1230193 SUSE bug 1230194 SUSE bug 1230200 SUSE bug 1230204 SUSE bug 1230209 SUSE bug 1230211 SUSE bug 1230212 SUSE bug 1230217 SUSE bug 1230224 SUSE bug 1230230 SUSE bug 1230233 SUSE bug 1230244 SUSE bug 1230245 SUSE bug 1230247 SUSE bug 1230248 SUSE bug 1230269 SUSE bug 1230339 SUSE bug 1230340 SUSE bug 1230392 SUSE bug 1230398 SUSE bug 1230431 SUSE bug 1230433 SUSE bug 1230434 SUSE bug 1230440 SUSE bug 1230442 SUSE bug 1230444 SUSE bug 1230450 SUSE bug 1230451 SUSE bug 1230454 SUSE bug 1230506 SUSE bug 1230507 SUSE bug 1230511 SUSE bug 1230515 SUSE bug 1230517 SUSE bug 1230524 SUSE bug 1230533 SUSE bug 1230535 SUSE bug 1230549 SUSE bug 1230556 SUSE bug 1230582 SUSE bug 1230589 SUSE bug 1230591 SUSE bug 1230592 SUSE bug 1230699 SUSE bug 1230700 SUSE bug 1230701 SUSE bug 1230702 SUSE bug 1230703 SUSE bug 1230705 SUSE bug 1230706 SUSE bug 1230707 SUSE bug 1230709 SUSE bug 1230710 SUSE bug 1230711 SUSE bug 1230712 SUSE bug 1230719 SUSE bug 1230724 SUSE bug 1230725 SUSE bug 1230730 SUSE bug 1230731 SUSE bug 1230732 SUSE bug 1230733 SUSE bug 1230747 SUSE bug 1230748 SUSE bug 1230751 SUSE bug 1230752 SUSE bug 1230756 SUSE bug 1230761 SUSE bug 1230766 SUSE bug 1230767 SUSE bug 1230768 SUSE bug 1230771 SUSE bug 1230772 SUSE bug 1230776 SUSE bug 1230783 SUSE bug 1230786 SUSE bug 1230791 SUSE bug 1230794 SUSE bug 1230796 SUSE bug 1230802 SUSE bug 1230806 SUSE bug 1230808 SUSE bug 1230810 SUSE bug 1230812 SUSE bug 1230813 SUSE bug 1230814 SUSE bug 1230815 SUSE bug 1230821 SUSE bug 1230825 SUSE bug 1230830 SUSE bug 1231013 SUSE bug 1231017 SUSE bug 1231116 SUSE bug 1231120 SUSE bug 1231146 SUSE bug 1231180 SUSE bug 1231181 CVE-2022-48901 at SUSE CVE-2022-48901 at NVD CVE-2022-48911 at SUSE CVE-2022-48911 at NVD CVE-2022-48923 at SUSE CVE-2022-48923 at NVD CVE-2022-48935 at SUSE CVE-2022-48935 at NVD CVE-2022-48944 at SUSE CVE-2022-48944 at NVD CVE-2022-48945 at SUSE CVE-2022-48945 at NVD CVE-2023-52610 at SUSE CVE-2023-52610 at NVD CVE-2023-52916 at SUSE CVE-2023-52916 at NVD CVE-2024-26640 at SUSE CVE-2024-26640 at NVD CVE-2024-26759 at SUSE CVE-2024-26759 at NVD CVE-2024-26767 at SUSE CVE-2024-26767 at NVD CVE-2024-26804 at SUSE CVE-2024-26804 at NVD CVE-2024-26837 at SUSE CVE-2024-26837 at NVD CVE-2024-37353 at SUSE CVE-2024-37353 at NVD CVE-2024-38538 at SUSE CVE-2024-38538 at NVD CVE-2024-38596 at SUSE CVE-2024-38596 at NVD CVE-2024-38632 at SUSE CVE-2024-38632 at NVD CVE-2024-40910 at SUSE CVE-2024-40910 at NVD CVE-2024-40973 at SUSE CVE-2024-40973 at NVD CVE-2024-40983 at SUSE CVE-2024-40983 at NVD CVE-2024-41062 at SUSE CVE-2024-41062 at NVD CVE-2024-41082 at SUSE CVE-2024-41082 at NVD CVE-2024-42154 at SUSE CVE-2024-42154 at NVD CVE-2024-42259 at SUSE CVE-2024-42259 at NVD CVE-2024-42265 at SUSE CVE-2024-42265 at NVD CVE-2024-42304 at SUSE CVE-2024-42304 at NVD CVE-2024-42305 at SUSE CVE-2024-42305 at NVD CVE-2024-42306 at SUSE CVE-2024-42306 at NVD CVE-2024-43828 at SUSE CVE-2024-43828 at NVD CVE-2024-43835 at SUSE CVE-2024-43835 at NVD CVE-2024-43890 at SUSE CVE-2024-43890 at NVD CVE-2024-43898 at SUSE CVE-2024-43898 at NVD CVE-2024-43912 at SUSE CVE-2024-43912 at NVD CVE-2024-43914 at SUSE CVE-2024-43914 at NVD CVE-2024-44935 at SUSE CVE-2024-44935 at NVD CVE-2024-44944 at SUSE CVE-2024-44944 at NVD CVE-2024-44946 at SUSE CVE-2024-44946 at NVD CVE-2024-44948 at SUSE CVE-2024-44948 at NVD CVE-2024-44950 at SUSE CVE-2024-44950 at NVD CVE-2024-44952 at SUSE CVE-2024-44952 at NVD CVE-2024-44954 at SUSE CVE-2024-44954 at NVD CVE-2024-44967 at SUSE CVE-2024-44967 at NVD CVE-2024-44969 at SUSE CVE-2024-44969 at NVD CVE-2024-44970 at SUSE CVE-2024-44970 at NVD CVE-2024-44971 at SUSE CVE-2024-44971 at NVD CVE-2024-44972 at SUSE CVE-2024-44972 at NVD CVE-2024-44977 at SUSE CVE-2024-44977 at NVD CVE-2024-44982 at SUSE CVE-2024-44982 at NVD CVE-2024-44986 at SUSE CVE-2024-44986 at NVD CVE-2024-44987 at SUSE CVE-2024-44987 at NVD CVE-2024-44988 at SUSE CVE-2024-44988 at NVD CVE-2024-44989 at SUSE CVE-2024-44989 at NVD CVE-2024-44990 at SUSE CVE-2024-44990 at NVD CVE-2024-44998 at SUSE CVE-2024-44998 at NVD CVE-2024-44999 at SUSE CVE-2024-44999 at NVD CVE-2024-45000 at SUSE CVE-2024-45000 at NVD CVE-2024-45001 at SUSE CVE-2024-45001 at NVD CVE-2024-45003 at SUSE CVE-2024-45003 at NVD CVE-2024-45006 at SUSE CVE-2024-45006 at NVD CVE-2024-45007 at SUSE CVE-2024-45007 at NVD CVE-2024-45008 at SUSE CVE-2024-45008 at NVD CVE-2024-45011 at SUSE CVE-2024-45011 at NVD CVE-2024-45013 at SUSE CVE-2024-45013 at NVD CVE-2024-45015 at SUSE CVE-2024-45015 at NVD CVE-2024-45018 at SUSE CVE-2024-45018 at NVD CVE-2024-45020 at SUSE CVE-2024-45020 at NVD CVE-2024-45021 at SUSE CVE-2024-45021 at NVD CVE-2024-45026 at SUSE CVE-2024-45026 at NVD CVE-2024-45028 at SUSE CVE-2024-45028 at NVD CVE-2024-45029 at SUSE CVE-2024-45029 at NVD CVE-2024-46673 at SUSE CVE-2024-46673 at NVD CVE-2024-46674 at SUSE CVE-2024-46674 at NVD CVE-2024-46675 at SUSE CVE-2024-46675 at NVD CVE-2024-46676 at SUSE CVE-2024-46676 at NVD CVE-2024-46677 at SUSE CVE-2024-46677 at NVD CVE-2024-46679 at SUSE CVE-2024-46679 at NVD CVE-2024-46685 at SUSE CVE-2024-46685 at NVD CVE-2024-46686 at SUSE CVE-2024-46686 at NVD CVE-2024-46689 at SUSE CVE-2024-46689 at NVD CVE-2024-46694 at SUSE CVE-2024-46694 at NVD CVE-2024-46702 at SUSE CVE-2024-46702 at NVD CVE-2024-46707 at SUSE CVE-2024-46707 at NVD CVE-2024-46714 at SUSE CVE-2024-46714 at NVD CVE-2024-46715 at SUSE CVE-2024-46715 at NVD CVE-2024-46717 at SUSE CVE-2024-46717 at NVD CVE-2024-46720 at SUSE CVE-2024-46720 at NVD CVE-2024-46721 at SUSE CVE-2024-46721 at NVD CVE-2024-46722 at SUSE CVE-2024-46722 at NVD CVE-2024-46723 at SUSE CVE-2024-46723 at NVD CVE-2024-46724 at SUSE CVE-2024-46724 at NVD CVE-2024-46725 at SUSE CVE-2024-46725 at NVD CVE-2024-46726 at SUSE CVE-2024-46726 at NVD CVE-2024-46727 at SUSE CVE-2024-46727 at NVD CVE-2024-46728 at SUSE CVE-2024-46728 at NVD CVE-2024-46730 at SUSE CVE-2024-46730 at NVD CVE-2024-46731 at SUSE CVE-2024-46731 at NVD CVE-2024-46732 at SUSE CVE-2024-46732 at NVD CVE-2024-46737 at SUSE CVE-2024-46737 at NVD CVE-2024-46738 at SUSE CVE-2024-46738 at NVD CVE-2024-46739 at SUSE CVE-2024-46739 at NVD CVE-2024-46743 at SUSE CVE-2024-46743 at NVD CVE-2024-46744 at SUSE CVE-2024-46744 at NVD CVE-2024-46745 at SUSE CVE-2024-46745 at NVD CVE-2024-46746 at SUSE CVE-2024-46746 at NVD CVE-2024-46747 at SUSE CVE-2024-46747 at NVD CVE-2024-46750 at SUSE CVE-2024-46750 at NVD CVE-2024-46751 at SUSE CVE-2024-46751 at NVD CVE-2024-46752 at SUSE CVE-2024-46752 at NVD CVE-2024-46753 at SUSE CVE-2024-46753 at NVD CVE-2024-46755 at SUSE CVE-2024-46755 at NVD CVE-2024-46756 at SUSE CVE-2024-46756 at NVD CVE-2024-46758 at SUSE CVE-2024-46758 at NVD CVE-2024-46759 at SUSE CVE-2024-46759 at NVD CVE-2024-46761 at SUSE CVE-2024-46761 at NVD CVE-2024-46771 at SUSE CVE-2024-46771 at NVD CVE-2024-46772 at SUSE CVE-2024-46772 at NVD CVE-2024-46773 at SUSE CVE-2024-46773 at NVD CVE-2024-46774 at SUSE CVE-2024-46774 at NVD CVE-2024-46778 at SUSE CVE-2024-46778 at NVD CVE-2024-46780 at SUSE CVE-2024-46780 at NVD CVE-2024-46781 at SUSE CVE-2024-46781 at NVD CVE-2024-46783 at SUSE CVE-2024-46783 at NVD CVE-2024-46784 at SUSE CVE-2024-46784 at NVD CVE-2024-46786 at SUSE CVE-2024-46786 at NVD CVE-2024-46787 at SUSE CVE-2024-46787 at NVD CVE-2024-46791 at SUSE CVE-2024-46791 at NVD CVE-2024-46794 at SUSE CVE-2024-46794 at NVD CVE-2024-46798 at SUSE CVE-2024-46798 at NVD CVE-2024-46822 at SUSE CVE-2024-46822 at NVD CVE-2024-46830 at SUSE CVE-2024-46830 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607). - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662) - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619) - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610). - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269). - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650). - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340). - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339). - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875). - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846). - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890). - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819). - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082). - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507). - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364). - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363). - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362). - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394). - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764). - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753). - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830) - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790). - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810). - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899). - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180). - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178). - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176). - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209). - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211). - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230) - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192). - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193). - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194). - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171). - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233). - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175). - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248). - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444) - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431). - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451). - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506). - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507). - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549). - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556). - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515) - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517). - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524) - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589) - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (bsc#1230582). - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700). - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719). - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710) - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703) - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701) - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756). - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783). - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786). - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794). - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796). - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772). - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810). - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815). - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825). - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120). - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116). The following non-security bugs were fixed: - ACPI: battery: create alarm sysfs attribute atomically (git-fixes). - ACPI: CPPC: Fix MASK_VAL() usage (git-fixes). - ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes). - ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes). - ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes). - ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes). - ACPI: sysfs: validate return type of _STR method (git-fixes). - af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846). - af_unix: Fix data races around sk->sk_shutdown (bsc#1226846). - af_unix: Fix data-races around sk->sk_shutdown (git-fixes). - ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes). - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes). - ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes). - ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes). - ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes). - apparmor: fix possible NULL pointer dereference (stable-fixes). - arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes). - arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes). - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes). - arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes). - arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585) - arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585) - arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585) - arm64: tlb: Fix TLBI RANGE operand (bsc#1229585) - arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585) - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes). - ASoC: meson: axg-card: fix 'use-after-free' (git-fixes). - ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes). - ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes). - ASoC: tegra: Fix CBB error during probe() (git-fixes). - ASoC: topology: Properly initialize soc_enum values (stable-fixes). - ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes). - ata: pata_macio: Use WARN instead of BUG (stable-fixes). - blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600). - blk-mq: add number of queue calc helper (bsc#1229034). - blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031). - blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600). - blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034). - blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034). - blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034). - Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes). - Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes). - Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes). - Bluetooth: L2CAP: Fix deadlock (git-fixes). - Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes). - cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181). - cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013). - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes). - can: bcm: Remove proc entry when dev is unregistered (git-fixes). - can: j1939: use correct function name in comment (git-fixes). - can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes). - cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes). - ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180). - char: xillybus: Check USB endpoints when probing device (git-fixes). - clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes). - clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes). - clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes). - cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes). - crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes). - crypto: virtio - Handle dataq logic with tasklet (git-fixes). - crypto: virtio - Wait for tasklet to complete on device remove (git-fixes). - crypto: xor - fix template benchmarking (git-fixes). - devres: Initialize an uninitialized struct member (stable-fixes). - driver core: Add debug logs when fwnode links are added/deleted (git-fixes). - driver core: Add missing parameter description to __fwnode_link_add() (git-fixes). - driver core: Create __fwnode_link_del() helper function (git-fixes). - driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes). - driver core: fw_devlink: Consolidate device link flag computation (git-fixes). - driver core: Set deferred probe reason when deferred by driver core (git-fixes). - drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes). - Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes). - Drivers: hv: vmbus: Fix the misplaced function description (git-fixes). - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes). - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes). - drm/amd/amdgpu: Check tbo resource pointer (stable-fixes). - drm/amd/amdgpu: Properly tune the size of struct (git-fixes). - drm/amd/display: Add array index check for hdcp ddc access (stable-fixes). - drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes). - drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes). - drm/amd/display: Check denominator pbn_div before used (stable-fixes). - drm/amd/display: Check gpio_id before used as array index (stable-fixes). - drm/amd/display: Check HDCP returned status (stable-fixes). - drm/amd/display: Check msg_id before processing transcation (stable-fixes). - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes). - drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes). - drm/amd/display: Ensure index calculation will not overflow (stable-fixes). - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes). - drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes). - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes). - drm/amd/display: Spinlock before reading event (stable-fixes). - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes). - drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes). - drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes). - drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes). - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes). - drm/amdgpu: fix a possible null pointer dereference (git-fixes). - drm/amdgpu: fix dereference after null check (stable-fixes). - drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes). - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes). - drm/amdgpu: Fix out-of-bounds write warning (stable-fixes). - drm/amdgpu: fix overflowed array index read warning (stable-fixes). - drm/amdgpu: Fix smatch static checker warning (stable-fixes). - drm/amdgpu: fix the waring dereferencing hive (stable-fixes). - drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes). - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes). - drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes). - drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes). - drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes). - drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes). - drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes). - drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes). - drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes). - drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes). - drm/amd/pm: check negtive return for table entries (stable-fixes). - drm/amd/pm: check specific index for aldebaran (stable-fixes). - drm/amd/pm: Fix negative array index read (stable-fixes). - drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes). - drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes). - drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes). - drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes). - drm/amd/pm: fix uninitialized variable warning (stable-fixes). - drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes). - drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes). - drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes). - drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes). - drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes). - drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes). - drm/meson: plane: Add error handling (stable-fixes). - drm/msm/a5xx: disable preemption in submits by default (git-fixes). - drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes). - drm/msm/a5xx: properly clear preemption records on resume (git-fixes). - drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes). - drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes). - drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444) - drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes). - drm/msm: fix %s null argument error (git-fixes). - drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes). - drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes). - drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes). - drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes). - drm/rockchip: vop: Allow 4096px width scaling (git-fixes). - drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes). - exfat: fix memory leak in exfat_load_bitmap() (git-fixes). - fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes). - filemap: remove use of wait bookmarks (bsc#1224085). - firmware_loader: Block path traversal (git-fixes). - fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592). - fuse: update stats for pages in dropped aux writeback list (bsc#1230130). - fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129). - genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031). - genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031). - genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031). - genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031). - genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031). - gfs2: setattr_chown: Add missing initialization (git-fixes). - HID: amd_sfh: free driver_data after destroying hid device (stable-fixes). - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes). - hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (max16065) Fix overflows seen when writing limits (git-fixes). - hwmon: (ntc_thermistor) fix module autoloading (git-fixes). - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes). - hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes). - hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes). - hwrng: mtk - Use devm_pm_runtime_enable (git-fixes). - i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes). - i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). - i2c: isch: Add missed 'else' (git-fixes). - i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). - i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes). - i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes). - IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes) - IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock (git-fixes) - iio: adc: ad7124: fix chip ID mismatch (git-fixes). - iio: adc: ad7124: fix config comparison (git-fixes). - iio: adc: ad7606: fix oversampling gpio array (git-fixes). - iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes). - iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes). - iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes). - iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes). - iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes). - Input: ilitek_ts_i2c - add report id message validation (git-fixes). - Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes). - Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - Input: uinput - reject requests with unreasonable number of slots (stable-fixes). - ipmi: docs: do not advertise deprecated sysfs entries (git-fixes). - ipmi:ssif: Improve detecting during probing (bsc#1228771) - ipmi:ssif: Improve detecting during probing (bsc#1228771) - jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes). - kabi: add __nf_queue_get_refs() for kabi compliance. - kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes). - kthread: Fix task state in kthread worker if being frozen (bsc#1231146). - lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031). - lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034). - lib/group_cpus: Export group_cpus_evenly() (bsc#1229031). - lirc: rc_dev_get_from_fd(): fix file leak (git-fixes). - mailbox: bcm2835: Fix timeout during suspend mode (git-fixes). - mailbox: rockchip: fix a typo in module autoloading (git-fixes). - media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269) - media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes). - media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes). - media: Revert 'media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()' (git-fixes). - media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes). - media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes). - media: uvcvideo: Enforce alignment of frame and interval (stable-fixes). - media: venus: fix use after free bug in venus_remove due to race condition (git-fixes). - media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes). - media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes). - media: vivid: fix wrong sizeimage value for mplane (stable-fixes). - mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes). - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes). - mmc: sdhci-of-aspeed: fix module autoloading (git-fixes). - mtd: powernv: Add check devm_kasprintf() returned value (git-fixes). - mtd: slram: insert break after errors in parsing the map (git-fixes). - net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). - net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes). - net: missing check virtio (git-fixes). - net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes). - nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769). - NFSD: Fix frame size warning in svc_export_parse() (git-fixes). - NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662). - NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes). - NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726). - NFS: Reduce use of uncached readdir (bsc#1226662). - NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes). - nilfs2: Constify struct kobj_type (git-fixes). - nilfs2: determine empty node blocks as corrupted (git-fixes). - nilfs2: fix missing cleanup on rollforward recovery error (git-fixes). - nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes). - nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes). - nilfs2: fix state management in error path of log writing function (git-fixes). - nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes). - nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes). - nilfs2: use default_groups in kobj_type (git-fixes). - nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes). - nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes). - nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes). - nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034). - nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). - nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes). - nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes). - nvmet-tcp: do not continue for invalid icreq (git-fixes). - nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes). - nvmet-trace: avoid dereferencing pointer too early (git-fixes). - ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes). - ocfs2: fix null-ptr-deref when journal load failed (git-fixes). - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes). - ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes). - PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes). - PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes). - PCI/ASPM: Move pci_function_0() upward (bsc#1226915) - PCI/ASPM: Remove struct aspm_latency (bsc#1226915) - PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915) - PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915) - PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes). - PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes). - PCI: dwc: Restore MSI Receiver mask during resume (git-fixes). - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes). - PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes). - PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes). - PCI: Support BAR sizes up to 8TB (bsc#1231017) - PCI: Wait for Link before restoring Downstream Buses (git-fixes). - PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes). - PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes). - PCI: xilinx-nwl: Fix register misspelling (git-fixes). - pcmcia: Use resource_size function on resource object (stable-fixes). - pinctrl: single: fix missing error code in pcs_probe() (git-fixes). - pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes). - PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). - platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes). - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes). - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes). - power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes). - power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes). - power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes). - power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes). - RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes) - RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes) - RDMA/efa: Properly handle unexpected AQ completions (git-fixes) - RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes) - RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes) - RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes) - RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes) - RDMA/hns: Optimize hem allocation performance (git-fixes) - RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes) - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes) - RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes) - RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes) - RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes) - Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes). - Revert 'Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE' (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (stable-fixes). - rtc: at91sam9: fix OF node leak in probe() error path (git-fixes). - scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). - scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429). - scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429). - scsi: lpfc: Fix overflow build issue (bsc#1229429). - scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429). - scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429). - scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429). - scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429). - scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429). - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429). - scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034). - scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). - scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848). - scsi: use block layer helpers to calculate num of queues (bsc#1229034). - spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes). - Squashfs: sanity check symbolic link size (git-fixes). - staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes). - thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes). - tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes). - tools/virtio: fix build (git-fixes). - tpm: Clean up TPM space after command failure (git-fixes). - tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes). - tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes). - udp: fix receiving fraglist GSO packets (git-fixes). - uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes). - usb: cdnsp: Fix incorrect usb_request status (git-fixes). - USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes). - usb: dwc2: drd: fix clock gating on USB role switch (git-fixes). - usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes). - usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes). - usb: dwc3: core: Skip setting event buffers for host only controllers (git-fixes). - usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes). - usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). - usbip: Do not submit special requests twice (stable-fixes). - usbnet: fix cyclical race on disconnect with work queue (git-fixes). - usbnet: ipheth: race between ipheth_close and error handling (git-fixes). - usbnet: modern method to get random MAC (git-fixes). - USB: serial: kobil_sct: restore initial terminal settings (git-fixes). - USB: serial: option: add MeiG Smart SRM825L (git-fixes). - usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes). - usb: uas: set host status byte on data completion error (git-fixes). - usb: uas: set host status byte on data completion error (stable-fixes). - USB: usbtmc: prevent kernel-usb-infoleak (git-fixes). - usb: xhci: fix loss of data on Cadence xHC (git-fixes). - vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes). - vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). - virito: add APIs for retrieving vq affinity (bsc#1229034). - virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes). - virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034). - virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034). - virtiofs: forbid newlines in tags (bsc#1230591). - virtio_net: checksum offloading handling fix (git-fixes). - virtio_net: Fix ''%d' directive writing between 1 and 11 bytes into a region of size 10' warnings (git-fixes). - virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). - virtio: reenable config if freezing device failed (git-fixes). - virtio/vsock: fix logic which reduces credit update messages (git-fixes). - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes). - vsock/virtio: add support for device suspend/resume (git-fixes). - vsock/virtio: factor our the code to initialize and delete VQs (git-fixes). - vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes). - vsock/virtio: remove socket from connected/bound list on shutdown (git-fixes). - watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes). - wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes). - wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes). - wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes). - wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes). - wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes). - wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes). - wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes). - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes). - wifi: rtw88: 8822c: Fix reported RX band width (git-fixes). - wifi: rtw88: always wait for both firmware loading attempts (git-fixes). - wifi: rtw88: remove CPT execution branch never used (git-fixes). - wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes). - x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes). - x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). - x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). - x86/xen: Convert comma to semicolon (git-fixes). - xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003). - xen: allow mapping ACPI data using a different physical address (bsc#1226003). - xen: introduce generic helper checking for memory map conflicts (bsc#1226003). - xen: move checks for e820 conflicts further up (bsc#1226003). - xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003). - xen/swiotlb: add alignment check for dma buffers (bsc#1229928). - xen/swiotlb: fix allocated size (git-fixes). - xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003). - xen: use correct end address of kernel for conflict checking (bsc#1226003). - xfs: do not include bnobt blocks when reserving free block pool (git-fixes). - xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes). - xz: cleanup CRC32 edits from 2018 (git-fixes). Important SUSE bug 1199769 SUSE bug 1216223 SUSE bug 1220382 SUSE bug 1221610 SUSE bug 1221650 SUSE bug 1222629 SUSE bug 1222973 SUSE bug 1223600 SUSE bug 1223848 SUSE bug 1224085 SUSE bug 1225903 SUSE bug 1226003 SUSE bug 1226606 SUSE bug 1226662 SUSE bug 1226666 SUSE bug 1226846 SUSE bug 1226860 SUSE bug 1226875 SUSE bug 1226915 SUSE bug 1227487 SUSE bug 1227726 SUSE bug 1227819 SUSE bug 1227832 SUSE bug 1227890 SUSE bug 1228507 SUSE bug 1228576 SUSE bug 1228620 SUSE bug 1228771 SUSE bug 1229031 SUSE bug 1229034 SUSE bug 1229086 SUSE bug 1229156 SUSE bug 1229289 SUSE bug 1229334 SUSE bug 1229362 SUSE bug 1229363 SUSE bug 1229364 SUSE bug 1229394 SUSE bug 1229429 SUSE bug 1229453 SUSE bug 1229572 SUSE bug 1229573 SUSE bug 1229585 SUSE bug 1229607 SUSE bug 1229619 SUSE bug 1229633 SUSE bug 1229662 SUSE bug 1229753 SUSE bug 1229764 SUSE bug 1229790 SUSE bug 1229810 SUSE bug 1229830 SUSE bug 1229899 SUSE bug 1229928 SUSE bug 1229947 SUSE bug 1230015 SUSE bug 1230129 SUSE bug 1230130 SUSE bug 1230170 SUSE bug 1230171 SUSE bug 1230174 SUSE bug 1230175 SUSE bug 1230176 SUSE bug 1230178 SUSE bug 1230180 SUSE bug 1230185 SUSE bug 1230192 SUSE bug 1230193 SUSE bug 1230194 SUSE bug 1230200 SUSE bug 1230204 SUSE bug 1230209 SUSE bug 1230211 SUSE bug 1230212 SUSE bug 1230217 SUSE bug 1230224 SUSE bug 1230230 SUSE bug 1230233 SUSE bug 1230244 SUSE bug 1230245 SUSE bug 1230247 SUSE bug 1230248 SUSE bug 1230269 SUSE bug 1230339 SUSE bug 1230340 SUSE bug 1230392 SUSE bug 1230398 SUSE bug 1230431 SUSE bug 1230433 SUSE bug 1230434 SUSE bug 1230440 SUSE bug 1230442 SUSE bug 1230444 SUSE bug 1230450 SUSE bug 1230451 SUSE bug 1230454 SUSE bug 1230506 SUSE bug 1230507 SUSE bug 1230511 SUSE bug 1230515 SUSE bug 1230517 SUSE bug 1230524 SUSE bug 1230533 SUSE bug 1230535 SUSE bug 1230549 SUSE bug 1230556 SUSE bug 1230582 SUSE bug 1230589 SUSE bug 1230591 SUSE bug 1230592 SUSE bug 1230699 SUSE bug 1230700 SUSE bug 1230701 SUSE bug 1230702 SUSE bug 1230703 SUSE bug 1230705 SUSE bug 1230706 SUSE bug 1230707 SUSE bug 1230709 SUSE bug 1230710 SUSE bug 1230711 SUSE bug 1230712 SUSE bug 1230719 SUSE bug 1230724 SUSE bug 1230725 SUSE bug 1230730 SUSE bug 1230731 SUSE bug 1230732 SUSE bug 1230733 SUSE bug 1230747 SUSE bug 1230748 SUSE bug 1230751 SUSE bug 1230752 SUSE bug 1230756 SUSE bug 1230761 SUSE bug 1230766 SUSE bug 1230767 SUSE bug 1230768 SUSE bug 1230771 SUSE bug 1230772 SUSE bug 1230776 SUSE bug 1230783 SUSE bug 1230786 SUSE bug 1230791 SUSE bug 1230794 SUSE bug 1230796 SUSE bug 1230802 SUSE bug 1230806 SUSE bug 1230808 SUSE bug 1230810 SUSE bug 1230812 SUSE bug 1230813 SUSE bug 1230814 SUSE bug 1230815 SUSE bug 1230821 SUSE bug 1230825 SUSE bug 1230830 SUSE bug 1231013 SUSE bug 1231017 SUSE bug 1231116 SUSE bug 1231120 SUSE bug 1231146 SUSE bug 1231180 SUSE bug 1231181 CVE-2022-48901 at SUSE CVE-2022-48901 at NVD CVE-2022-48911 at SUSE CVE-2022-48911 at NVD CVE-2022-48923 at SUSE CVE-2022-48923 at NVD CVE-2022-48935 at SUSE CVE-2022-48935 at NVD CVE-2022-48944 at SUSE CVE-2022-48944 at NVD CVE-2022-48945 at SUSE CVE-2022-48945 at NVD CVE-2023-52610 at SUSE CVE-2023-52610 at NVD CVE-2023-52916 at SUSE CVE-2023-52916 at NVD CVE-2024-26640 at SUSE CVE-2024-26640 at NVD CVE-2024-26759 at SUSE CVE-2024-26759 at NVD CVE-2024-26767 at SUSE CVE-2024-26767 at NVD CVE-2024-26804 at SUSE CVE-2024-26804 at NVD CVE-2024-26837 at SUSE CVE-2024-26837 at NVD CVE-2024-37353 at SUSE CVE-2024-37353 at NVD CVE-2024-38538 at SUSE CVE-2024-38538 at NVD CVE-2024-38596 at SUSE CVE-2024-38596 at NVD CVE-2024-38632 at SUSE CVE-2024-38632 at NVD CVE-2024-40910 at SUSE CVE-2024-40910 at NVD CVE-2024-40973 at SUSE CVE-2024-40973 at NVD CVE-2024-40983 at SUSE CVE-2024-40983 at NVD CVE-2024-41062 at SUSE CVE-2024-41062 at NVD CVE-2024-41082 at SUSE CVE-2024-41082 at NVD CVE-2024-42154 at SUSE CVE-2024-42154 at NVD CVE-2024-42259 at SUSE CVE-2024-42259 at NVD CVE-2024-42265 at SUSE CVE-2024-42265 at NVD CVE-2024-42304 at SUSE CVE-2024-42304 at NVD CVE-2024-42305 at SUSE CVE-2024-42305 at NVD CVE-2024-42306 at SUSE CVE-2024-42306 at NVD CVE-2024-43828 at SUSE CVE-2024-43828 at NVD CVE-2024-43835 at SUSE CVE-2024-43835 at NVD CVE-2024-43890 at SUSE CVE-2024-43890 at NVD CVE-2024-43898 at SUSE CVE-2024-43898 at NVD CVE-2024-43912 at SUSE CVE-2024-43912 at NVD CVE-2024-43914 at SUSE CVE-2024-43914 at NVD CVE-2024-44935 at SUSE CVE-2024-44935 at NVD CVE-2024-44944 at SUSE CVE-2024-44944 at NVD CVE-2024-44946 at SUSE CVE-2024-44946 at NVD CVE-2024-44948 at SUSE CVE-2024-44948 at NVD CVE-2024-44950 at SUSE CVE-2024-44950 at NVD CVE-2024-44952 at SUSE CVE-2024-44952 at NVD CVE-2024-44954 at SUSE CVE-2024-44954 at NVD CVE-2024-44967 at SUSE CVE-2024-44967 at NVD CVE-2024-44969 at SUSE CVE-2024-44969 at NVD CVE-2024-44970 at SUSE CVE-2024-44970 at NVD CVE-2024-44971 at SUSE CVE-2024-44971 at NVD CVE-2024-44972 at SUSE CVE-2024-44972 at NVD CVE-2024-44977 at SUSE CVE-2024-44977 at NVD CVE-2024-44982 at SUSE CVE-2024-44982 at NVD CVE-2024-44986 at SUSE CVE-2024-44986 at NVD CVE-2024-44987 at SUSE CVE-2024-44987 at NVD CVE-2024-44988 at SUSE CVE-2024-44988 at NVD CVE-2024-44989 at SUSE CVE-2024-44989 at NVD CVE-2024-44990 at SUSE CVE-2024-44990 at NVD CVE-2024-44998 at SUSE CVE-2024-44998 at NVD CVE-2024-44999 at SUSE CVE-2024-44999 at NVD CVE-2024-45000 at SUSE CVE-2024-45000 at NVD CVE-2024-45001 at SUSE CVE-2024-45001 at NVD CVE-2024-45003 at SUSE CVE-2024-45003 at NVD CVE-2024-45006 at SUSE CVE-2024-45006 at NVD CVE-2024-45007 at SUSE CVE-2024-45007 at NVD CVE-2024-45008 at SUSE CVE-2024-45008 at NVD CVE-2024-45011 at SUSE CVE-2024-45011 at NVD CVE-2024-45013 at SUSE CVE-2024-45013 at NVD CVE-2024-45015 at SUSE CVE-2024-45015 at NVD CVE-2024-45018 at SUSE CVE-2024-45018 at NVD CVE-2024-45020 at SUSE CVE-2024-45020 at NVD CVE-2024-45021 at SUSE CVE-2024-45021 at NVD CVE-2024-45026 at SUSE CVE-2024-45026 at NVD CVE-2024-45028 at SUSE CVE-2024-45028 at NVD CVE-2024-45029 at SUSE CVE-2024-45029 at NVD CVE-2024-46673 at SUSE CVE-2024-46673 at NVD CVE-2024-46674 at SUSE CVE-2024-46674 at NVD CVE-2024-46675 at SUSE CVE-2024-46675 at NVD CVE-2024-46676 at SUSE CVE-2024-46676 at NVD CVE-2024-46677 at SUSE CVE-2024-46677 at NVD CVE-2024-46679 at SUSE CVE-2024-46679 at NVD CVE-2024-46685 at SUSE CVE-2024-46685 at NVD CVE-2024-46686 at SUSE CVE-2024-46686 at NVD CVE-2024-46689 at SUSE CVE-2024-46689 at NVD CVE-2024-46694 at SUSE CVE-2024-46694 at NVD CVE-2024-46702 at SUSE CVE-2024-46702 at NVD CVE-2024-46707 at SUSE CVE-2024-46707 at NVD CVE-2024-46714 at SUSE CVE-2024-46714 at NVD CVE-2024-46715 at SUSE CVE-2024-46715 at NVD CVE-2024-46717 at SUSE CVE-2024-46717 at NVD CVE-2024-46720 at SUSE CVE-2024-46720 at NVD CVE-2024-46721 at SUSE CVE-2024-46721 at NVD CVE-2024-46722 at SUSE CVE-2024-46722 at NVD CVE-2024-46723 at SUSE CVE-2024-46723 at NVD CVE-2024-46724 at SUSE CVE-2024-46724 at NVD CVE-2024-46725 at SUSE CVE-2024-46725 at NVD CVE-2024-46726 at SUSE CVE-2024-46726 at NVD CVE-2024-46727 at SUSE CVE-2024-46727 at NVD CVE-2024-46728 at SUSE CVE-2024-46728 at NVD CVE-2024-46730 at SUSE CVE-2024-46730 at NVD CVE-2024-46731 at SUSE CVE-2024-46731 at NVD CVE-2024-46732 at SUSE CVE-2024-46732 at NVD CVE-2024-46737 at SUSE CVE-2024-46737 at NVD CVE-2024-46738 at SUSE CVE-2024-46738 at NVD CVE-2024-46739 at SUSE CVE-2024-46739 at NVD CVE-2024-46743 at SUSE CVE-2024-46743 at NVD CVE-2024-46744 at SUSE CVE-2024-46744 at NVD CVE-2024-46745 at SUSE CVE-2024-46745 at NVD CVE-2024-46746 at SUSE CVE-2024-46746 at NVD CVE-2024-46747 at SUSE CVE-2024-46747 at NVD CVE-2024-46750 at SUSE CVE-2024-46750 at NVD CVE-2024-46751 at SUSE CVE-2024-46751 at NVD CVE-2024-46752 at SUSE CVE-2024-46752 at NVD CVE-2024-46753 at SUSE CVE-2024-46753 at NVD CVE-2024-46755 at SUSE CVE-2024-46755 at NVD CVE-2024-46756 at SUSE CVE-2024-46756 at NVD CVE-2024-46758 at SUSE CVE-2024-46758 at NVD CVE-2024-46759 at SUSE CVE-2024-46759 at NVD CVE-2024-46761 at SUSE CVE-2024-46761 at NVD CVE-2024-46771 at SUSE CVE-2024-46771 at NVD CVE-2024-46772 at SUSE CVE-2024-46772 at NVD CVE-2024-46773 at SUSE CVE-2024-46773 at NVD CVE-2024-46774 at SUSE CVE-2024-46774 at NVD CVE-2024-46778 at SUSE CVE-2024-46778 at NVD CVE-2024-46780 at SUSE CVE-2024-46780 at NVD CVE-2024-46781 at SUSE CVE-2024-46781 at NVD CVE-2024-46783 at SUSE CVE-2024-46783 at NVD CVE-2024-46784 at SUSE CVE-2024-46784 at NVD CVE-2024-46786 at SUSE CVE-2024-46786 at NVD CVE-2024-46787 at SUSE CVE-2024-46787 at NVD CVE-2024-46791 at SUSE CVE-2024-46791 at NVD CVE-2024-46794 at SUSE CVE-2024-46794 at NVD CVE-2024-46798 at SUSE CVE-2024-46798 at NVD CVE-2024-46822 at SUSE CVE-2024-46822 at NVD CVE-2024-46830 at SUSE CVE-2024-46830 at NVD cpe:/o:suse:sle-micro:5.5 Security update for keepalived (Moderate) SUSE Linux Enterprise Micro 5.5 This update for keepalived fixes the following issues: - CVE-2024-41184: Fixed integer overflow in vrrp_ipsets_handler (bsc#1228123) Moderate SUSE bug 1228123 CVE-2024-41184 at SUSE CVE-2024-41184 at NVD cpe:/o:suse:sle-micro:5.5 Security update for unbound (Moderate) SUSE Linux Enterprise Micro 5.5 This update for unbound fixes the following issues: - CVE-2024-8508: Fixed unbounded name compression that could lead to denial of service (bsc#1231284) Moderate SUSE bug 1231284 CVE-2024-8508 at SUSE CVE-2024-8508 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-9675: Fixed cache arbitrary directory mount (bsc#1231499). - CVE-2024-9407: Fixed improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208). The following non-security bug was fixed: - rootless ipv6 containers can't be started (bsc#1214612). Moderate SUSE bug 1214612 SUSE bug 1231208 SUSE bug 1231499 CVE-2024-9407 at SUSE CVE-2024-9407 at NVD CVE-2024-9675 at SUSE CVE-2024-9675 at NVD cpe:/o:suse:sle-micro:5.5 Security update for protobuf (Important) SUSE Linux Enterprise Micro 5.5 This update for protobuf fixes the following issues: - CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer (bsc#1230778) Important SUSE bug 1230778 CVE-2024-7254 at SUSE CVE-2024-7254 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-9676: Fixed symlink traversal vulnerability in the containers/storage library that could cause Denial of Service (DoS) (bsc#1231698) Moderate SUSE bug 1231698 CVE-2024-9676 at SUSE CVE-2024-9676 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) Moderate SUSE bug 1220262 CVE-2023-50782 at SUSE CVE-2023-50782 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: Security fixes: - CVE-2024-9287: properly quote path names provided when creating a virtual environment (bsc#1232241) Other fixes: - Drop .pyc files from docdir for reproducible builds (bsc#1230906) Moderate SUSE bug 1230906 SUSE bug 1232241 CVE-2024-9287 at SUSE CVE-2024-9287 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) Moderate SUSE bug 1232528 CVE-2024-9681 at SUSE CVE-2024-9681 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834). - CVE-2024-8612: Fixed nformation leak in virtio devices (bsc#1230915). - CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007). Important SUSE bug 1229007 SUSE bug 1230834 SUSE bug 1230915 CVE-2024-7409 at SUSE CVE-2024-7409 at NVD CVE-2024-8354 at SUSE CVE-2024-8354 at NVD CVE-2024-8612 at SUSE CVE-2024-8612 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: Security issues fixed: - CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling (bsc#1232622) - CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables (bsc#1232624) - CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (bsc#1230366) Non-security issues fixed: - Removed usage of net-tools-deprecated from supportconfig plugin (bsc#1232542) - Upstream bug fixes (bsc#1027519) Moderate SUSE bug 1027519 SUSE bug 1230366 SUSE bug 1232542 SUSE bug 1232622 SUSE bug 1232624 CVE-2024-45817 at SUSE CVE-2024-45817 at NVD CVE-2024-45818 at SUSE CVE-2024-45818 at NVD CVE-2024-45819 at SUSE CVE-2024-45819 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). - CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). - CVE-2022-48957: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (bsc#1231973). - CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889). - CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). - CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). - CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). - CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191). - CVE-2022-48980: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (bsc#1232233). - CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). - CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). - CVE-2022-49017: tipc: re-fetch skb cb after tipc_msg_validate (bsc#1232004). - CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175). - CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797). - CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762). - CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437). - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). - CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). - CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005). - CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837). - CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). - CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). - CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456). - CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550). - CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). - CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801). - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763). - CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774). - CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). - CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148). - CVE-2024-46811: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (bsc#1231179). - CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). - CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). - CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). - CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). - CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). - CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). - CVE-2024-46828: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1231114). - CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). - CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). - CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). - CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072). - CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084). - CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085). - CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087). - CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). - CVE-2024-47661: drm/amd/display: Avoid overflow from uint32_t to uint8_t (bsc#1231496). - CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442). - CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). - CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540). - CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539). - CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). - CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). - CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). - CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857). - CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944). - CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872). - CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). - CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). - CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049). - CVE-2024-47720: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (bsc#1232043). - CVE-2024-47727: x86/tdx: Fix 'in-kernel MMIO' check (bsc#1232116). - CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075). - CVE-2024-47738: wifi: mac80211: do not use rate mask for offchannel TX either (bsc#1232114). - CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124). - CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). - CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). - CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). - CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). - CVE-2024-49866: tracing/timerlat: Fix a race during cpuhp processing (bsc#1232259). - CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). - CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). - CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). - CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (bsc#1232196). - CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). - CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220). - CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354). - CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). - CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355). - CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358). - CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). - CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332). - CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337). - CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366). - CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369). - CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965). - CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967). - CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968). - CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). - CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374). - CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361). - CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253). - CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). - CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368). - CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). - CVE-2024-49939: wifi: rtw89: avoid to add interface to list twice when SER (bsc#1232381). - CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164). - CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). - CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155). - CVE-2024-49955: ACPI: battery: Fix possible crash when unregistering a battery hook (bsc#1232154). - CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). - CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). - CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). - CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (bsc#1232314). - CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). - CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). - CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105). - CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). - CVE-2024-49975: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1232104). - CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). - CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316). - CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). - CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). - CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085). - CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084). - CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083). - CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442). - CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446). - CVE-2024-50019: kthread: unpark only parked kthread (bsc#1231990). - CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). - CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950). - CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). - CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). - CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907). - CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). - CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902). - CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). - CVE-2024-50048: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (bsc#1232310). - CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329). - CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285). - CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345). - CVE-2024-50061: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (bsc#1232263). - CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435). - CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501). The following non-security bugs were fixed: - ACPI: EC: Do not release locks during operation region accesses (stable-fixes). - ACPI: PAD: fix crash in exit_round_robin() (stable-fixes). - ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes). - ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes). - ACPI: battery: Call power_supply_changed() when adding hooks (bsc#1232154) - ACPI: battery: Simplify battery hook locking (bsc#1232154) - ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes). - ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes). - ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes). - ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes). - ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes). - ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes). - ACPICA: iasl: handle empty connection_node (stable-fixes). - ALSA: asihpi: Fix potential OOB array access (stable-fixes). - ALSA: core: add isascii() check to card ID generator (stable-fixes). - ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes). - ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes). - ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes). - ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes). - ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes). - ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (git-fixes). - ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). - ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). - ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes). - ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes). - ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes). - ALSA: hda/realtek: Update default depop procedure (git-fixes). - ALSA: hda: Fix kctl->id initialization (git-fixes). - ALSA: hda: cs35l41: fix module autoloading (git-fixes). - ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes). - ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes). - ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes). - ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes). - ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes). - ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes). - ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes). - ALSA: usb-audio: Define macros for quirk table entries (stable-fixes). - ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes). - ASoC: allow module autoloading for table db1200_pids (stable-fixes). - ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes). - ASoC: intel: fix module autoloading (stable-fixes). - ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes). - ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes). - ASoC: soc-pcm: Do not zero TDM masks in __soc_pcm_open() (git-fixes). - ASoC: tda7419: fix module autoloading (stable-fixes). - Bluetooth: Call iso_exit() on module unload (git-fixes). - Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes). - Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes). - Bluetooth: Remove debugfs directory on module init failure (git-fixes). - Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes). - Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes). - Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes). - Drop HD-audio conexant patch that caused a regression on Thinkpad (bsc#1228269) - Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342) - HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes). - HID: multitouch: Add support for GT7868Q (stable-fixes). - HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes). - HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes). - Input: adp5589-keys - fix NULL pointer dereference (git-fixes). - Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes). - Input: ads7846 - ratelimit the spi_sync error message (stable-fixes). - Input: goodix - use the new soc_intel_is_byt() helper (stable-fixes). - Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes). - KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes). - KVM: Fix lockdep false negative during host resume (git-fixes). - KVM: Grab a reference to KVM for VM and vCPU stats file descriptors (git-fixes). - KVM: Optimize kvm_make_vcpus_request_mask() a bit (git-fixes). - KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except() (git-fixes). - KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). - KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes). - KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes). - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes). - KVM: Unconditionally get a ref to /dev/kvm module when creating a VM (git-fixes). - KVM: Write the per-page 'segment' when clearing (part of) a guest page (git-fixes). - KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). - KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes). - KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). - KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). - KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes). - KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). - KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes). - KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). - KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). - KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes). - KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). - KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes). - KVM: eventfd: Fix false positive RCU usage warning (git-fixes). - KVM: fix memoryleak in kvm_init() (git-fixes). - KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232631). - KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231277). - KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232630). - KVM: x86/mmu: Fold rmap_recycle into rmap_add (git-fixes). - KVM: x86/mmu: Rename slot_handle_leaf to slot_handle_level_4k (git-fixes). - KVM: x86: Use a stable condition around all VT-d PI paths (git-fixes). - Makefile.compiler: replace cc-ifversion with compiler-specific macros (bsc#1230414 bsc#1229450). - NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes). - NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes). - NFSD: Mark filecache 'down' if init fails (git-fixes). - NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). - NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes). - PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes). - PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes). - PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019). - PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes). - RDMA/bnxt_re: Add a check for memory allocation (git-fixes) - RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes) - RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes) - RDMA/bnxt_re: Fix the GID table length (git-fixes) - RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes) - RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes) - RDMA/bnxt_re: Return more meaningful error (git-fixes) - RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes) - RDMA/cxgb4: Dump vendor specific QP details (git-fixes) - RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes) - RDMA/hns: Remove unused abnormal interrupt of type RAS (git-fixes) - RDMA/irdma: Fix misspelling of 'accept*' (git-fixes) - RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes) - RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes). - RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes). - RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes) - RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes) - RDMA/srpt: Make slab cache names unique (git-fixes) - SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes). - SUNRPC: Fixup gss_status tracepoint error output (git-fixes). - SUNRPC: clnt.c: Remove misleading comment (git-fixes). - USB: appledisplay: close race between probe and completion handler (stable-fixes). - USB: misc: cypress_cy7c63: check for short transfer (stable-fixes). - USB: misc: yurex: fix race between read and write (stable-fixes). - USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes). - USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes). - USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes). - Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450). - add bug reference for a mana change (bsc#1229769). - add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036). - afs: Revert 'afs: Hide silly-rename files from userspace' (git-fixes). - arm64: cputype: Add Neoverse-N3 definitions (git-fixes) - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes). - arm64: errata: Expand speculative SSBS workaround once more (git-fixes) - arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) - arm64: probes: Fix simulate_ldr*_literal() (git-fixes) - arm64: probes: Fix uprobes for big-endian kernels (git-fixes) - arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) - block: print symbolic error name instead of error code (bsc#1231872). - bpf, lsm: Add disabled BPF LSM hook list (git-fixes). - bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes). - bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes). - bpf, x64: Remove tail call detection (git-fixes). - bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes). - bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 (bsc#1230414 bsc#1229450). - bpf: Allow helpers to accept pointers with a fixed size (git-fixes). - bpf: Check for helper calls in check_subprogs() (git-fixes). - bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes). - bpf: Fix helper writes to read-only maps (git-fixes). - bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). - bpf: Fix tailcall cases in test_bpf (git-fixes). - bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes). - bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes). - bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes). - bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes). - btf, scripts: Exclude Rust CUs with pahole (bsc#1230414 bsc#1229450). - bus: integrator-lm: fix OF node leak in probe() (git-fixes). - ceph: fix cap ref leak via netfs init_request (bsc#1231383). - char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes). - clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885). - clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885). - comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes). - cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes). - crypto: hisilicon - Remove pci_aer_clear_nonfatal_status() call (bsc#1232075) - crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF (bsc#1232075) - debugfs: fix automount d_fsdata usage (git-fixes). - dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). - drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes). - drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes). - driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes). - drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes). - drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) (stable-fixes). - drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (stable-fixes). - drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). - drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944) - drm/amd/display: Check null pointer before dereferencing se (stable-fixes). - drm/amd/display: Check null pointers before using dc->clk_mgr (stable-fixes). - drm/amd/display: Check stream before comparing them (stable-fixes). - drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes). - drm/amd/display: Fix index out of bounds in DCN30 color transformation (stable-fixes). - drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (stable-fixes). - drm/amd/display: Fix index out of bounds in degamma hardware format translation (stable-fixes). - drm/amd/display: Fix system hang while resume with TBT monitor (stable-fixes). - drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (stable-fixes). - drm/amd/display: Initialize get_bytes_per_element's default to 1 (stable-fixes). - drm/amd/display: Round calculated vtotal (stable-fixes). - drm/amd/display: Validate backlight caps are sane (stable-fixes). - drm/amd/pm: ensure the fw_info is not null before using it (stable-fixes). - drm/amd: Guard against bad data for ATIF ACPI method (git-fixes). - drm/amdgpu: Replace one-element array with flexible-array member (stable-fixes). - drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). - drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes). - drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). - drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes). - drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). - drm/amdgpu: properly handle vbios fake edid sizing (git-fixes). - drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). - drm/msm/dpu: do not always program merge_3d block (git-fixes). - drm/msm/dpu: make sure phys resources are properly initialized (git-fixes). - drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes). - drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes). - drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes). - drm/printer: Allow NULL data in devcoredump printer (stable-fixes). - drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes). - drm/radeon: Fix encoder->possible_clones (git-fixes). - drm/radeon: Replace one-element array with flexible-array member (stable-fixes). - drm/radeon: properly handle vbios fake edid sizing (git-fixes). - drm/rockchip: define gamma registers for RK3399 (stable-fixes). - drm/rockchip: support gamma control on RK3399 (stable-fixes). - drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes). - drm/v3d: Stop the active perfmon before being destroyed (git-fixes). - drm/vc4: Stop the active perfmon before being destroyed (git-fixes). - drm/vmwgfx: Handle surface check failure correctly (git-fixes). - drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes). - drm: komeda: Fix an issue related to normalized zpos (stable-fixes). - efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes). - erofs: avoid consecutive detection for Highmem memory (git-fixes). - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF (git-fixes). - erofs: fix pcluster use-after-free on UP platforms (git-fixes). - erofs: fix potential overflow calculating xattr_isize (git-fixes). - erofs: stop parsing non-compact HEAD index if clusterofs is invalid (git-fixes). - exportfs: use pr_debug for unreachable debug statements (git-fixes). - ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) - fat: fix uninitialized variable (git-fixes). - fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes). - fbdev: sisfb: Fix strbuf array overflow (stable-fixes). - fgraph: Change the name of cpuhp state to 'fgraph:online' (git-fixes). - fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes). - fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes). - filelock: fix potential use-after-free in posix_lock_inode (git-fixes). - firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes). - fs/namespace: fnic: Switch to use %ptTd (git-fixes). - fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes). - fs: Fix file_set_fowner LSM hook inconsistencies (git-fixes). - gpio: aspeed: Add the flush write to ensure the write complete (git-fixes). - gpio: aspeed: Use devm_clk api to manage clock source (git-fixes). - gpio: davinci: fix lazy disable (git-fixes). - hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes). - hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes). - hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes). - hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes). - i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes). - i2c: imx-lpi2c: return -EINVAL when i2c peripheral clk does not work (bsc#1227885). - i2c: imx-lpi2c: use bulk clk API (bsc#1227885). - i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes). - i2c: xiic: Fix RX IRQ busy check (stable-fixes). - i2c: xiic: Fix broken locking on tx_msg (stable-fixes). - i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes). - i2c: xiic: Switch from waitqueue to completion (stable-fixes). - i2c: xiic: Try re-initialization on bus busy timeout (git-fixes). - i2c: xiic: Use devm_clk_get_enabled() (stable-fixes). - i2c: xiic: improve error message when transfer fails to start (stable-fixes). - i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path (git-fixes). - ice: Unbind the workqueue (bsc#1231344). - iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes). - iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes). - iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes). - iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes). - iio: light: opt3001: add missing full-scale range value (git-fixes). - iio: light: veml6030: fix ALS sensor resolution (git-fixes). - iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes). - iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). - iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes). - ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). - ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). - jfs: Fix sanity check in dbMount (git-fixes). - jfs: Fix uaf in dbFreeBits (git-fixes). - jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes). - jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes). - jfs: check if leafidx greater than num leaves per dmap tree (git-fixes). - kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes). - kABI: bpf: struct bpf_func_proto kABI workaround (git-fixes). - kab: fix after net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes). - kabi fix of KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). - kabi: fix after KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). - kabi: fix after kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). - kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450). - kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450). - kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450). - kbuild: add test-{ge,gt,le,lt} macros (bsc#1230414 bsc#1229450). - kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450). - kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450). - kvm/arm64: rework guest entry logic (git-fixes). - kvm: Add support for arch compat vm ioctls (git-fixes). - kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). - media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes). - module: abort module loading when sysfs setup suffer errors (git-fixes). - nbd: fix race between timeout and normal completion (bsc#1230918). - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX (bsc#1226797) - net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes). - net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891). - net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289). - net: socket: suppress unused warning (git-fixes). - net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes). - net: usb: usbnet: fix name regression (git-fixes). - netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes). - nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). - nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes). - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). - nfsd: fix refcount leak when file is unhashed after being found (git-fixes). - nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes). - nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes). - nfsd: return -EINVAL when namelen is 0 (git-fixes). - nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes). - nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes). - ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes). - ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (stable-fixes). - nvme-multipath: system fails to create generic nvme device (git-fixes). - nvme-pci: qdepth 1 quirk (git-fixes). - nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes). - ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes). - ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes). - ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes). - parport: Proper fix for array out-of-bounds access (git-fixes). - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes). - platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes). - power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes). - powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869). - powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869). - powerpc/boot: Only free if realloc() succeeds (bsc#1194869). - powerpc/code-patching: Add generic memory patching (bsc#1194869). - powerpc/code-patching: Consolidate and cache per-cpu patching context (bsc#1194869). - powerpc/code-patching: Do not call is_vmalloc_or_module_addr() without CONFIG_MODULES (bsc#1194869). - powerpc/code-patching: Fix error handling in do_patch_instruction() (bsc#1194869). - powerpc/code-patching: Fix oops with DEBUG_VM enabled (bsc#1194869). - powerpc/code-patching: Fix unmap_patch_area() error handling (bsc#1194869). - powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869). - powerpc/code-patching: Pre-map patch area (bsc#1194869). - powerpc/code-patching: Remove #ifdef CONFIG_STRICT_KERNEL_RWX (bsc#1194869). - powerpc/code-patching: Remove pr_debug()/pr_devel() messages and fix check() (bsc#1194869). - powerpc/code-patching: Reorganise do_patch_instruction() to ease error handling (bsc#1194869). - powerpc/code-patching: Speed up page mapping/unmapping (bsc#1194869). - powerpc/code-patching: Use WARN_ON and fix check in poking_init (bsc#1194869). - powerpc/code-patching: Use jump_label to check if poking_init() is done (bsc#1194869). - powerpc/code-patching: Use temporary mm for Radix MMU (bsc#1194869). - powerpc/code-patching: introduce patch_instructions() (bsc#1194869). - powerpc/ftrace: Use patch_instruction() return directly (bsc#1194869). - powerpc/imc-pmu: Fix use of mutex in IRQs disabled section (bsc#1054914 git-fixes). - powerpc/imc-pmu: Use the correct spinlock initializer (bsc#1054914 git-fixes). - powerpc/inst: Refactor ___get_user_instr() (bsc#1194869). - powerpc/lib: Add __init attribute to eligible functions (bsc#1194869). - powerpc/tlb: Add local flush for page given mm_struct and psize (bsc#1194869). - powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869). - powerpc/vdso: Merge vdso64 and vdso32 into a single directory (bsc#1194869). - powerpc/vdso: Rework VDSO32 makefile to add a prefix to object files (bsc#1194869). - powerpc/vdso: augment VDSO32 functions to support 64 bits build (bsc#1194869). - powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869). - powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729). - powerpc: Allow clearing and restoring registers independent of saved breakpoint state (bsc#1194869). - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631). - rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full (bsc#1231327) - s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747). - s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232632). - sched/isolation: Prevent boot crash when the boot CPU is (bsc#1231327) - scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes). - scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes). - scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes). - scsi: core: Handle devices which return an unusually large VPD page count (git-fixes). - scsi: core: alua: I/O errors for ALUA state transitions (git-fixes). - scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (git-fixes). - scsi: fnic: Move flush_work initialization out of if block (bsc#1230055). - scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes). - scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes). - scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes). - scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757). - scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757). - scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757). - scsi: lpfc: Remove trailing space after \n newline (bsc#1232757). - scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (git-fixes). - scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757). - scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757). - scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757). - scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757). - scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes). - scsi: mac_scsi: Refactor polling loop (git-fixes). - scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes). - scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes). - scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes). - scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes). - scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes). - scsi: smartpqi: correct stream detection (git-fixes). - scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes). - scsi: spi: Fix sshdr use (git-fixes). - scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes). - selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes). - selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes). - selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes). - selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes). - selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes). - spi: bcm63xx: Enable module autoloading (stable-fixes). - spi: bcm63xx: Fix module autoloading (git-fixes). - spi: lpspi: Silence error message upon deferred probe (stable-fixes). - spi: lpspi: Simplify some error message (git-fixes). - spi: lpspi: release requested DMA channels (stable-fixes). - spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes). - spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes). - spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes). - spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes). - spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes). - spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes). - static_call: Do not make __static_call_return0 static (git-fixes). - tracing/hwlat: Fix a race during cpuhp processing (git-fixes). - tracing/uprobes: Use trace_event_buffer_reserve() helper (git-fixes). - tracing: Consider the NULL character when validating the event length (git-fixes). - uprobe: avoid out-of-bounds memory access of fetching args (git-fixes). - uprobes: encapsulate preparation of uprobe args buffer (git-fixes). - usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes). - usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes). - usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes). - usb: gadget: core: force synchronous registration (git-fixes). - usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes). - usb: typec: altmode should keep reference to parent (git-fixes). - usb: xhci: Fix problem with xhci resume from suspend (stable-fixes). - usb: yurex: Fix inconsistent locking bug in yurex_read() (git-fixes). - usb: yurex: Replace snprintf() with the safer scnprintf() variant (stable-fixes). - usbnet: ipheth: fix carrier detection in modes 1 and 4 (stable-fixes). - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes). - vhost_vdpa: assign irq bypass producer token correctly (git-fixes). - virtio-net: synchronize probe with ndo_set_features (git-fixes). - virtio_console: fix misc probe bugs (git-fixes). - virtio_net: fixing XDP for fully checksummed packets handling (git-fixes). - vmxnet3: add command to allow disabling of offloads (bsc#1226498). - vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498). - vmxnet3: prepare for version 9 changes (bsc#1226498). - vmxnet3: update to version 9 (bsc#1226498). - vsock/virtio: fix packet delivery to tap device (git-fixes). - wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes). - wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes). - wifi: ath9k: fix parameter check in ath9k_init_debug() (stable-fixes). - wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes). - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes). - wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes). - wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes). - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes). - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes). - wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes). - workqueue: Avoid using isolated cpus' timers on (bsc#1231327) - workqueue: mark power efficient workqueue as unbounded if (bsc#1231327) - x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes). - x86/bugs: Skip RSB fill at VMEXIT (git-fixes). - x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes). - x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes). - x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes). - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes). - x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405). - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). - xhci: Fix incorrect stream context type macro (git-fixes). - xhci: Mitigate failed set dequeue pointer commands (git-fixes). Important SUSE bug 1054914 SUSE bug 1065729 SUSE bug 1194869 SUSE bug 1204171 SUSE bug 1205796 SUSE bug 1206188 SUSE bug 1206344 SUSE bug 1209290 SUSE bug 1210449 SUSE bug 1210627 SUSE bug 1213034 SUSE bug 1216813 SUSE bug 1218562 SUSE bug 1223384 SUSE bug 1223524 SUSE bug 1223824 SUSE bug 1225189 SUSE bug 1225336 SUSE bug 1225611 SUSE bug 1225762 SUSE bug 1226498 SUSE bug 1226631 SUSE bug 1226797 SUSE bug 1227437 SUSE bug 1227885 SUSE bug 1228119 SUSE bug 1228269 SUSE bug 1228709 SUSE bug 1228743 SUSE bug 1228747 SUSE bug 1229005 SUSE bug 1229019 SUSE bug 1229450 SUSE bug 1229454 SUSE bug 1229456 SUSE bug 1229556 SUSE bug 1229769 SUSE bug 1229837 SUSE bug 1229891 SUSE bug 1230055 SUSE bug 1230179 SUSE bug 1230289 SUSE bug 1230405 SUSE bug 1230414 SUSE bug 1230429 SUSE bug 1230456 SUSE bug 1230550 SUSE bug 1230600 SUSE bug 1230620 SUSE bug 1230715 SUSE bug 1230722 SUSE bug 1230763 SUSE bug 1230773 SUSE bug 1230774 SUSE bug 1230801 SUSE bug 1230903 SUSE bug 1230918 SUSE bug 1231016 SUSE bug 1231072 SUSE bug 1231073 SUSE bug 1231084 SUSE bug 1231085 SUSE bug 1231087 SUSE bug 1231094 SUSE bug 1231096 SUSE bug 1231105 SUSE bug 1231114 SUSE bug 1231115 SUSE bug 1231148 SUSE bug 1231179 SUSE bug 1231191 SUSE bug 1231193 SUSE bug 1231195 SUSE bug 1231197 SUSE bug 1231200 SUSE bug 1231203 SUSE bug 1231277 SUSE bug 1231293 SUSE bug 1231327 SUSE bug 1231344 SUSE bug 1231375 SUSE bug 1231383 SUSE bug 1231439 SUSE bug 1231442 SUSE bug 1231496 SUSE bug 1231502 SUSE bug 1231539 SUSE bug 1231540 SUSE bug 1231578 SUSE bug 1231673 SUSE bug 1231857 SUSE bug 1231861 SUSE bug 1231872 SUSE bug 1231883 SUSE bug 1231885 SUSE bug 1231887 SUSE bug 1231888 SUSE bug 1231889 SUSE bug 1231890 SUSE bug 1231892 SUSE bug 1231893 SUSE bug 1231895 SUSE bug 1231896 SUSE bug 1231897 SUSE bug 1231902 SUSE bug 1231903 SUSE bug 1231907 SUSE bug 1231914 SUSE bug 1231929 SUSE bug 1231935 SUSE bug 1231936 SUSE bug 1231937 SUSE bug 1231938 SUSE bug 1231939 SUSE bug 1231940 SUSE bug 1231941 SUSE bug 1231942 SUSE bug 1231944 SUSE bug 1231950 SUSE bug 1231954 SUSE bug 1231958 SUSE bug 1231960 SUSE bug 1231961 SUSE bug 1231962 SUSE bug 1231965 SUSE bug 1231967 SUSE bug 1231968 SUSE bug 1231972 SUSE bug 1231973 SUSE bug 1231976 SUSE bug 1231979 SUSE bug 1231987 SUSE bug 1231988 SUSE bug 1231990 SUSE bug 1231991 SUSE bug 1231992 SUSE bug 1231995 SUSE bug 1231996 SUSE bug 1231997 SUSE bug 1231998 SUSE bug 1232001 SUSE bug 1232004 SUSE bug 1232005 SUSE bug 1232006 SUSE bug 1232007 SUSE bug 1232025 SUSE bug 1232026 SUSE bug 1232033 SUSE bug 1232034 SUSE bug 1232035 SUSE bug 1232036 SUSE bug 1232037 SUSE bug 1232038 SUSE bug 1232039 SUSE bug 1232043 SUSE bug 1232049 SUSE bug 1232067 SUSE bug 1232069 SUSE bug 1232070 SUSE bug 1232071 SUSE bug 1232075 SUSE bug 1232083 SUSE bug 1232084 SUSE bug 1232085 SUSE bug 1232089 SUSE bug 1232097 SUSE bug 1232104 SUSE bug 1232105 SUSE bug 1232108 SUSE bug 1232114 SUSE bug 1232116 SUSE bug 1232119 SUSE bug 1232120 SUSE bug 1232123 SUSE bug 1232124 SUSE bug 1232133 SUSE bug 1232135 SUSE bug 1232136 SUSE bug 1232140 SUSE bug 1232145 SUSE bug 1232149 SUSE bug 1232150 SUSE bug 1232151 SUSE bug 1232154 SUSE bug 1232155 SUSE bug 1232160 SUSE bug 1232163 SUSE bug 1232164 SUSE bug 1232170 SUSE bug 1232172 SUSE bug 1232174 SUSE bug 1232175 SUSE bug 1232191 SUSE bug 1232196 SUSE bug 1232199 SUSE bug 1232200 SUSE bug 1232201 SUSE bug 1232217 SUSE bug 1232220 SUSE bug 1232221 SUSE bug 1232229 SUSE bug 1232233 SUSE bug 1232237 SUSE bug 1232251 SUSE bug 1232253 SUSE bug 1232259 SUSE bug 1232260 SUSE bug 1232262 SUSE bug 1232263 SUSE bug 1232282 SUSE bug 1232285 SUSE bug 1232286 SUSE bug 1232304 SUSE bug 1232305 SUSE bug 1232307 SUSE bug 1232309 SUSE bug 1232310 SUSE bug 1232313 SUSE bug 1232314 SUSE bug 1232316 SUSE bug 1232329 SUSE bug 1232332 SUSE bug 1232335 SUSE bug 1232337 SUSE bug 1232342 SUSE bug 1232345 SUSE bug 1232352 SUSE bug 1232354 SUSE bug 1232355 SUSE bug 1232358 SUSE bug 1232361 SUSE bug 1232366 SUSE bug 1232367 SUSE bug 1232368 SUSE bug 1232369 SUSE bug 1232374 SUSE bug 1232381 SUSE bug 1232383 SUSE bug 1232392 SUSE bug 1232395 SUSE bug 1232418 SUSE bug 1232424 SUSE bug 1232432 SUSE bug 1232435 SUSE bug 1232442 SUSE bug 1232446 SUSE bug 1232501 SUSE bug 1232519 SUSE bug 1232630 SUSE bug 1232631 SUSE bug 1232632 SUSE bug 1232757 CVE-2021-47416 at SUSE CVE-2021-47416 at NVD CVE-2021-47534 at SUSE CVE-2021-47534 at NVD CVE-2022-3435 at SUSE CVE-2022-3435 at NVD CVE-2022-45934 at SUSE CVE-2022-45934 at NVD CVE-2022-48664 at SUSE CVE-2022-48664 at NVD CVE-2022-48879 at SUSE CVE-2022-48879 at NVD CVE-2022-48946 at SUSE CVE-2022-48946 at NVD CVE-2022-48947 at SUSE CVE-2022-48947 at NVD CVE-2022-48948 at SUSE CVE-2022-48948 at NVD CVE-2022-48949 at SUSE CVE-2022-48949 at NVD CVE-2022-48951 at SUSE CVE-2022-48951 at NVD CVE-2022-48953 at SUSE CVE-2022-48953 at NVD CVE-2022-48954 at SUSE CVE-2022-48954 at NVD CVE-2022-48955 at SUSE CVE-2022-48955 at NVD CVE-2022-48956 at SUSE CVE-2022-48956 at NVD CVE-2022-48957 at SUSE CVE-2022-48957 at NVD CVE-2022-48958 at SUSE CVE-2022-48958 at NVD CVE-2022-48959 at SUSE CVE-2022-48959 at NVD CVE-2022-48960 at SUSE CVE-2022-48960 at NVD CVE-2022-48961 at SUSE CVE-2022-48961 at NVD CVE-2022-48962 at SUSE CVE-2022-48962 at NVD CVE-2022-48966 at SUSE CVE-2022-48966 at NVD CVE-2022-48967 at SUSE CVE-2022-48967 at NVD CVE-2022-48968 at SUSE CVE-2022-48968 at NVD CVE-2022-48969 at SUSE CVE-2022-48969 at NVD CVE-2022-48970 at SUSE CVE-2022-48970 at NVD CVE-2022-48971 at SUSE CVE-2022-48971 at NVD CVE-2022-48972 at SUSE CVE-2022-48972 at NVD CVE-2022-48973 at SUSE CVE-2022-48973 at NVD CVE-2022-48975 at SUSE CVE-2022-48975 at NVD CVE-2022-48977 at SUSE CVE-2022-48977 at NVD CVE-2022-48978 at SUSE CVE-2022-48978 at NVD CVE-2022-48980 at SUSE CVE-2022-48980 at NVD CVE-2022-48981 at SUSE CVE-2022-48981 at NVD CVE-2022-48985 at SUSE CVE-2022-48985 at NVD CVE-2022-48987 at SUSE CVE-2022-48987 at NVD CVE-2022-48988 at SUSE CVE-2022-48988 at NVD CVE-2022-48991 at SUSE CVE-2022-48991 at NVD CVE-2022-48992 at SUSE CVE-2022-48992 at NVD CVE-2022-48994 at SUSE CVE-2022-48994 at NVD CVE-2022-48995 at SUSE CVE-2022-48995 at NVD CVE-2022-48997 at SUSE CVE-2022-48997 at NVD CVE-2022-48999 at SUSE CVE-2022-48999 at NVD CVE-2022-49000 at SUSE CVE-2022-49000 at NVD CVE-2022-49002 at SUSE CVE-2022-49002 at NVD CVE-2022-49003 at SUSE CVE-2022-49003 at NVD CVE-2022-49005 at SUSE CVE-2022-49005 at NVD CVE-2022-49006 at SUSE CVE-2022-49006 at NVD CVE-2022-49007 at SUSE CVE-2022-49007 at NVD CVE-2022-49010 at SUSE CVE-2022-49010 at NVD CVE-2022-49011 at SUSE CVE-2022-49011 at NVD CVE-2022-49012 at SUSE CVE-2022-49012 at NVD CVE-2022-49014 at SUSE CVE-2022-49014 at NVD CVE-2022-49015 at SUSE CVE-2022-49015 at NVD CVE-2022-49016 at SUSE CVE-2022-49016 at NVD CVE-2022-49017 at SUSE CVE-2022-49017 at NVD CVE-2022-49019 at SUSE CVE-2022-49019 at NVD CVE-2022-49020 at SUSE CVE-2022-49020 at NVD CVE-2022-49021 at SUSE CVE-2022-49021 at NVD CVE-2022-49022 at SUSE CVE-2022-49022 at NVD CVE-2022-49023 at SUSE CVE-2022-49023 at NVD CVE-2022-49024 at SUSE CVE-2022-49024 at NVD CVE-2022-49025 at SUSE CVE-2022-49025 at NVD CVE-2022-49026 at SUSE CVE-2022-49026 at NVD CVE-2022-49027 at SUSE CVE-2022-49027 at NVD CVE-2022-49028 at SUSE CVE-2022-49028 at NVD CVE-2022-49029 at SUSE CVE-2022-49029 at NVD CVE-2022-49031 at SUSE CVE-2022-49031 at NVD CVE-2022-49032 at SUSE CVE-2022-49032 at NVD CVE-2023-2166 at SUSE CVE-2023-2166 at NVD CVE-2023-28327 at SUSE CVE-2023-28327 at NVD CVE-2023-52766 at SUSE CVE-2023-52766 at NVD CVE-2023-52800 at SUSE CVE-2023-52800 at NVD CVE-2023-52881 at SUSE CVE-2023-52881 at NVD CVE-2023-52919 at SUSE CVE-2023-52919 at NVD CVE-2023-6270 at SUSE CVE-2023-6270 at NVD CVE-2024-27043 at SUSE CVE-2024-27043 at NVD CVE-2024-36244 at SUSE CVE-2024-36244 at NVD CVE-2024-36957 at SUSE CVE-2024-36957 at NVD CVE-2024-39476 at SUSE CVE-2024-39476 at NVD CVE-2024-40965 at SUSE CVE-2024-40965 at NVD CVE-2024-42145 at SUSE CVE-2024-42145 at NVD CVE-2024-42226 at SUSE CVE-2024-42226 at NVD CVE-2024-42253 at SUSE CVE-2024-42253 at NVD CVE-2024-44931 at SUSE CVE-2024-44931 at NVD CVE-2024-44947 at SUSE CVE-2024-44947 at NVD CVE-2024-44958 at SUSE CVE-2024-44958 at NVD CVE-2024-45016 at SUSE CVE-2024-45016 at NVD CVE-2024-45025 at SUSE CVE-2024-45025 at NVD CVE-2024-46678 at SUSE CVE-2024-46678 at NVD CVE-2024-46716 at SUSE CVE-2024-46716 at NVD CVE-2024-46719 at SUSE CVE-2024-46719 at NVD CVE-2024-46754 at SUSE CVE-2024-46754 at NVD CVE-2024-46770 at SUSE CVE-2024-46770 at NVD CVE-2024-46775 at SUSE CVE-2024-46775 at NVD CVE-2024-46777 at SUSE CVE-2024-46777 at NVD CVE-2024-46809 at SUSE CVE-2024-46809 at NVD CVE-2024-46811 at SUSE CVE-2024-46811 at NVD CVE-2024-46813 at SUSE CVE-2024-46813 at NVD CVE-2024-46814 at SUSE CVE-2024-46814 at NVD CVE-2024-46815 at SUSE CVE-2024-46815 at NVD CVE-2024-46816 at SUSE CVE-2024-46816 at NVD CVE-2024-46817 at SUSE CVE-2024-46817 at NVD CVE-2024-46818 at SUSE CVE-2024-46818 at NVD CVE-2024-46826 at SUSE CVE-2024-46826 at NVD CVE-2024-46828 at SUSE CVE-2024-46828 at NVD CVE-2024-46834 at SUSE CVE-2024-46834 at NVD CVE-2024-46840 at SUSE CVE-2024-46840 at NVD CVE-2024-46841 at SUSE CVE-2024-46841 at NVD CVE-2024-46848 at SUSE CVE-2024-46848 at NVD CVE-2024-46849 at SUSE CVE-2024-46849 at NVD CVE-2024-46854 at SUSE CVE-2024-46854 at NVD CVE-2024-46855 at SUSE CVE-2024-46855 at NVD CVE-2024-46857 at SUSE CVE-2024-46857 at NVD CVE-2024-47660 at SUSE CVE-2024-47660 at NVD CVE-2024-47661 at SUSE CVE-2024-47661 at NVD CVE-2024-47664 at SUSE CVE-2024-47664 at NVD CVE-2024-47668 at SUSE CVE-2024-47668 at NVD CVE-2024-47672 at SUSE CVE-2024-47672 at NVD CVE-2024-47673 at SUSE CVE-2024-47673 at NVD CVE-2024-47674 at SUSE CVE-2024-47674 at NVD CVE-2024-47684 at SUSE CVE-2024-47684 at NVD CVE-2024-47685 at SUSE CVE-2024-47685 at NVD CVE-2024-47692 at SUSE CVE-2024-47692 at NVD CVE-2024-47704 at SUSE CVE-2024-47704 at NVD CVE-2024-47705 at SUSE CVE-2024-47705 at NVD CVE-2024-47706 at SUSE CVE-2024-47706 at NVD CVE-2024-47707 at SUSE CVE-2024-47707 at NVD CVE-2024-47710 at SUSE CVE-2024-47710 at NVD CVE-2024-47720 at SUSE CVE-2024-47720 at NVD CVE-2024-47727 at SUSE CVE-2024-47727 at NVD CVE-2024-47730 at SUSE CVE-2024-47730 at NVD CVE-2024-47738 at SUSE CVE-2024-47738 at NVD CVE-2024-47739 at SUSE CVE-2024-47739 at NVD CVE-2024-47745 at SUSE CVE-2024-47745 at NVD CVE-2024-47747 at SUSE CVE-2024-47747 at NVD CVE-2024-47748 at SUSE CVE-2024-47748 at NVD CVE-2024-49858 at SUSE CVE-2024-49858 at NVD CVE-2024-49860 at SUSE CVE-2024-49860 at NVD CVE-2024-49866 at SUSE CVE-2024-49866 at NVD CVE-2024-49867 at SUSE CVE-2024-49867 at NVD CVE-2024-49881 at SUSE CVE-2024-49881 at NVD CVE-2024-49882 at SUSE CVE-2024-49882 at NVD CVE-2024-49883 at SUSE CVE-2024-49883 at NVD CVE-2024-49886 at SUSE CVE-2024-49886 at NVD CVE-2024-49890 at SUSE CVE-2024-49890 at NVD CVE-2024-49892 at SUSE CVE-2024-49892 at NVD CVE-2024-49894 at SUSE CVE-2024-49894 at NVD CVE-2024-49895 at SUSE CVE-2024-49895 at NVD CVE-2024-49896 at SUSE CVE-2024-49896 at NVD CVE-2024-49897 at SUSE CVE-2024-49897 at NVD CVE-2024-49899 at SUSE CVE-2024-49899 at NVD CVE-2024-49901 at SUSE CVE-2024-49901 at NVD CVE-2024-49906 at SUSE CVE-2024-49906 at NVD CVE-2024-49908 at SUSE CVE-2024-49908 at NVD CVE-2024-49909 at SUSE CVE-2024-49909 at NVD CVE-2024-49911 at SUSE CVE-2024-49911 at NVD CVE-2024-49912 at SUSE CVE-2024-49912 at NVD CVE-2024-49913 at SUSE CVE-2024-49913 at NVD CVE-2024-49914 at SUSE CVE-2024-49914 at NVD CVE-2024-49917 at SUSE CVE-2024-49917 at NVD CVE-2024-49918 at SUSE CVE-2024-49918 at NVD CVE-2024-49919 at SUSE CVE-2024-49919 at NVD CVE-2024-49920 at SUSE CVE-2024-49920 at NVD CVE-2024-49922 at SUSE CVE-2024-49922 at NVD CVE-2024-49923 at SUSE CVE-2024-49923 at NVD CVE-2024-49929 at SUSE CVE-2024-49929 at NVD CVE-2024-49930 at SUSE CVE-2024-49930 at NVD CVE-2024-49933 at SUSE CVE-2024-49933 at NVD CVE-2024-49936 at SUSE CVE-2024-49936 at NVD CVE-2024-49939 at SUSE CVE-2024-49939 at NVD CVE-2024-49946 at SUSE CVE-2024-49946 at NVD CVE-2024-49949 at SUSE CVE-2024-49949 at NVD CVE-2024-49954 at SUSE CVE-2024-49954 at NVD CVE-2024-49955 at SUSE CVE-2024-49955 at NVD CVE-2024-49958 at SUSE CVE-2024-49958 at NVD CVE-2024-49959 at SUSE CVE-2024-49959 at NVD CVE-2024-49960 at SUSE CVE-2024-49960 at NVD CVE-2024-49962 at SUSE CVE-2024-49962 at NVD CVE-2024-49967 at SUSE CVE-2024-49967 at NVD CVE-2024-49969 at SUSE CVE-2024-49969 at NVD CVE-2024-49973 at SUSE CVE-2024-49973 at NVD CVE-2024-49974 at SUSE CVE-2024-49974 at NVD CVE-2024-49975 at SUSE CVE-2024-49975 at NVD CVE-2024-49982 at SUSE CVE-2024-49982 at NVD CVE-2024-49991 at SUSE CVE-2024-49991 at NVD CVE-2024-49993 at SUSE CVE-2024-49993 at NVD CVE-2024-49995 at SUSE CVE-2024-49995 at NVD CVE-2024-49996 at SUSE CVE-2024-49996 at NVD CVE-2024-50000 at SUSE CVE-2024-50000 at NVD CVE-2024-50001 at SUSE CVE-2024-50001 at NVD CVE-2024-50002 at SUSE CVE-2024-50002 at NVD CVE-2024-50006 at SUSE CVE-2024-50006 at NVD CVE-2024-50014 at SUSE CVE-2024-50014 at NVD CVE-2024-50019 at SUSE CVE-2024-50019 at NVD CVE-2024-50024 at SUSE CVE-2024-50024 at NVD CVE-2024-50028 at SUSE CVE-2024-50028 at NVD CVE-2024-50033 at SUSE CVE-2024-50033 at NVD CVE-2024-50035 at SUSE CVE-2024-50035 at NVD CVE-2024-50041 at SUSE CVE-2024-50041 at NVD CVE-2024-50045 at SUSE CVE-2024-50045 at NVD CVE-2024-50046 at SUSE CVE-2024-50046 at NVD CVE-2024-50047 at SUSE CVE-2024-50047 at NVD CVE-2024-50048 at SUSE CVE-2024-50048 at NVD CVE-2024-50049 at SUSE CVE-2024-50049 at NVD CVE-2024-50055 at SUSE CVE-2024-50055 at NVD CVE-2024-50058 at SUSE CVE-2024-50058 at NVD CVE-2024-50059 at SUSE CVE-2024-50059 at NVD CVE-2024-50061 at SUSE CVE-2024-50061 at NVD CVE-2024-50063 at SUSE CVE-2024-50063 at NVD CVE-2024-50081 at SUSE CVE-2024-50081 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Moderate) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579). Moderate SUSE bug 1232579 CVE-2024-50602 at SUSE CVE-2024-50602 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) - CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. - CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. - CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. - Update for functional issues. New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000036 | 00000037 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000036 | 00000037 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000434 | 00000435 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000434 | 00000435 | Core Gen12 | EMR-SP | A0 | 06-cf-01/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | EMR-SP | A1 | 06-cf-02/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | MTL | C0 | 06-aa-04/e6 | 0000001f | 00000020 | Core™ Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004122 | 00004123 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004122 | 00004123 | Core Gen13 | SPR-SP | E3 | 06-8f-06/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E4/S2 | 06-8f-07/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 New Disclosures Updated in Prior Releases: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ICL-D | B0 | 06-6c-01/10 | 010002b0 | N/A | Xeon D-17xx/D-18xx, D-27xx/D-28xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | N/A | Xeon Scalable Gen3 - Intel CPU Microcode was updated to the 20241029 release Update for functional issues. Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000129 | 0000012b | Core Gen13/Gen14 Important SUSE bug 1233313 CVE-2024-21820 at SUSE CVE-2024-21820 at NVD CVE-2024-21853 at SUSE CVE-2024-21853 at NVD CVE-2024-23918 at SUSE CVE-2024-23918 at NVD CVE-2024-23984 at SUSE CVE-2024-23984 at NVD CVE-2024-24968 at SUSE CVE-2024-24968 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Important) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282). Important SUSE bug 1233282 CVE-2024-52533 at SUSE CVE-2024-52533 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ovmf (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ovmf fixes the following issues: - CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount (bsc#1225889). Moderate SUSE bug 1225889 CVE-2024-1298 at SUSE CVE-2024-1298 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libuv (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libuv fixes the following issues: - CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks (bsc#1219724) Moderate SUSE bug 1219724 CVE-2024-24806 at SUSE CVE-2024-24806 at NVD cpe:/o:suse:sle-micro:5.5 Security update for wget (Moderate) SUSE Linux Enterprise Micro 5.5 This update for wget fixes the following issues: - CVE-2024-10524: Fixed SSRF via shorthand HTTP URL (bsc#1233773) Moderate SUSE bug 1233773 CVE-2024-10524 at SUSE CVE-2024-10524 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Low) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307) Other fixes: - Remove -IVendor/ from python-config (bsc#1231795) Low SUSE bug 1231795 SUSE bug 1233307 CVE-2024-11168 at SUSE CVE-2024-11168 at NVD cpe:/o:suse:sle-micro:5.5 Recommended update for helm (Moderate) SUSE Linux Enterprise Micro 5.5 helm was updated to fix the following issues: Update to version 3.16.3: * fix: fix label name * Fix typo in pkg/lint/rules/chartfile_test.go * Increasing the size of the runner used for releases. * fix(hooks): correct hooks delete order * Bump github.com/containerd/containerd from 1.7.12 to 1.7.23 Update to version 3.16.2: * Revering change unrelated to issue #13176 * adds tests for handling of Helm index with broken chart versions #13176 * improves handling of Helm index with broken helm chart versions #13176 * Bump the k8s-io group with 7 updates * adding check-latest:true * Grammar fixes * Fix typos Update to version 3.16.1: * bumping version to 1.22.7 * Merge pull request #13327 from mattfarina/revert-11726 Update to version 3.16.0: Helm v3.16.0 is a feature release. Users are encouraged to upgrade for the best experience. * Notable Changes - added sha512sum template function - added ActiveHelp for cmds that don't take any more args - drops very old Kubernetes versions support in helm create - add --skip-schema-validation flag to helm 'install', 'upgrade' and 'lint' - fixed bug to now use burst limit setting for discovery - Added windows arm64 support * Full changelog see https://github.com/helm/helm/releases/tag/v3.16.0 Update to version 3.15.4: * Bump the k8s-io group across 1 directory with 7 updates * Bump github.com/docker/docker ------------------------------------------------------------------- Thu Jul 11 05:39:32 UTC 2024 - opensuse_buildservice@ojkastl.de - Update to version 3.15.3: * fix(helm): Use burst limit setting for discovery * fixed dependency_update_test.go * fix(dependencyBuild): prevent race condition in concurrent helm dependency * fix: respect proxy envvars on helm install/upgrade * Merge pull request #13085 from alex-kattathra-johnson/issue-12961 Update to version 3.15.2: * fix: wrong cli description * fix typo in load_plugins.go * fix docs of DeployedAll * Bump github.com/docker/docker * bump oras minor version * feat(load.go): add warning on requirements.lock Update to version 3.15.1: * Fixing build issue where wrong version is used Update to version 3.15.0: Helm v3.15.0 is a feature release. Users are encouraged to upgrade for the best experience. * Updating to k8s 1.30 c4e37b3 (Matt Farina) * bump version to v3.15.0 d7afa3b (Matt Farina) * bump version to 7743467 (Matt Farina) * Fix namespace on kubeconfig error 214fb6e (Calvin Krist) * Update testdata PKI with keys that have validity until 3393 (Fixes #12880) 1b75d48 (Dirk M?ller) * Modified how created annotation is populated based on package creation time 0a69a0d (Andrew Block) * Enabling hide secrets on install and upgrade dry run 25c4738 (Matt Farina) * Fixing all the linting errors d58d7b3 (Robert Sirchia) * Add a note about --dry-run displaying secrets a23dd9e (Matt Farina) * Updating .gitignore 8b424ba (Robert Sirchia) * add error messages 8d19bcb (George Jenkins) * Fix: Ignore alias validation error for index load 68294fd (George Jenkins) * validation fix 8e6a514 (Matt Farina) * bug: add proxy support for oci getter 94c1dea (Ricardo Maraschini) * Update architecture detection method 57a1bb8 (weidongkl) * Improve release action 4790bb9 (George Jenkins) * Fix grammatical error c25736c (Matt Carr) * Updated for review comments d2cf8c6 (MichaelMorris) * Add robustness to wait status checks fc74964 (MichaelMorris) * refactor: create a helper for checking if a release is uninstalled f908379 (Alex Petrov) * fix: reinstall previously uninstalled chart with --keep-history 9e198fa (Alex Petrov) Update to version 3.14.4: Helm v3.14.4 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience. * refactor: create a helper for checking if a release is uninstalled 81c902a (Alex Petrov) * fix: reinstall previously uninstalled chart with --keep-history 5a11c76 (Alex Petrov) * bug: add proxy support for oci getter aa7d953 (Ricardo Maraschini) Update to version 3.14.3: * Add a note about --dry-run displaying secrets * add error messages * Fix: Ignore alias validation error for index load * Update architecture detection method Update to version 3.14.2 (bsc#1220207, CVE-2024-26147): * Fix for uninitialized variable in yaml parsing Update to version 3.14.1 (bsc#1219969, CVE-2024-25620): * validation fix Update to version 3.14.0: * Notable Changes - New helm search flag of --fail-on-no-result - Allow a nested tpl invocation access to defines - Speed up the tpl function - Added qps/HELM_QPS parameter that tells Kubernetes packages how to operate - Added --kube-version to lint command - The ignore pkg is now public * Changelog - Improve release action - Fix issues when verify generation readiness was merged - fix test to use the default code's k8sVersionMinor - lint: Add --kube-version flag to set capabilities and deprecation rules - Removing Asset Transparency - tests(pkg/engine): test RenderWithClientProvider - Make the `ignore` pkg public again - feature(pkg/engine): introduce RenderWithClientProvider - Updating Helm libraries for k8s 1.28.4 - Remove excessive logging - Update CONTRIBUTING.md - Fixing release labelling in rollback - feat: move livenessProbe and readinessProbe values to default values file - Revert 'fix(main): fix basic auth for helm pull or push' - Revert 'fix(registry): address anonymous pull issue' - Update get-helm-3 - Drop filterSystemLabels usage from Query method - Apply review suggestions - Update get-helm-3 to get version through get.helm.sh - feat: print failed hook name - Fixing precedence issue with the import of values. - chore(create): indent to spaces - Allow using label selectors for system labels for sql backend. - Allow using label selectors for system labels for secrets and configmap backends. - remove useless print during prepareUpgrade - Add missing with clause to release gh action - FIX Default ServiceAccount yaml - fix(registry): address anonymous pull issue - fix(registry): unswallow error - Fix missing run statement on release action - Add qps/HELM_QPS parameter - Write latest version to get.helm.sh bucket - Increased release information key name max length. - Pin gox to specific commit - Remove `GoFish` from package managers for installing the binary - Test update for 'Allow a nested `tpl` invocation access to `defines` in a containing one' - Test update for 'Speed up `tpl`' - Add support for RISC-V - lint and validate dependency metadata to reference dependencies with a unique key (name or alias) - Work around template.Clone omitting options - fix: pass 'passCredentialsAll' as env-var to getter - feat: pass basic auth to env-vars when running download plugins - helm search: New CLI Flag --fail-on-no-result - Update pkg/kube/ready.go - fix post install hook deletion due to before-hook-creation policy - Allow a nested `tpl` invocation access to `defines` in a containing one - Remove the 'reference templates' concept - Speed up `tpl` - ready checker- comment update - ready checker- remove duplicate statefulset generational check - Verify generation in readiness checks - feat(helm): add --reset-then-reuse-values flag to 'helm upgrade' Moderate SUSE bug 1219969 SUSE bug 1220207 CVE-2024-25620 at SUSE CVE-2024-25620 at NVD CVE-2024-26147 at SUSE CVE-2024-26147 at NVD cpe:/o:suse:sle-micro:5.5 Security update for socat (Moderate) SUSE Linux Enterprise Micro 5.5 This update for socat fixes the following issues: - CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory (bsc#1225462) Moderate SUSE bug 1225462 CVE-2024-54661 at SUSE CVE-2024-54661 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47594: mptcp: never allow the PM to close a listener subflow (bsc#1226560). - CVE-2022-48983: io_uring: Fix a null-ptr-deref in io_tctx_exit_cb() (bsc#1231959). - CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590). - CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202). - CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656). - CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518). - CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526). - CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725). - CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730). - CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742). - CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764). - CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748). - CVE-2024-38615: cpufreq: exit() callback is optional (bsc#1226592). - CVE-2024-40997: cpufreq: amd-pstate: fix memory leak on CPU EPP exit (bsc#1227853). - CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430). - CVE-2024-44932: idpf: fix UAFs when destroying the queues (bsc#1229808). - CVE-2024-44964: idpf: fix memory leaks and crashes while performing a soft reset (bsc#1230220). - CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231). - CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558). - CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827). - CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930). - CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920). - CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135). - CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187). - CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272). - CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371). - CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224) - CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387). - CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165). - CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159). - CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264). - CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096). - CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483). - CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318). - CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520). - CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500). - CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860). - CVE-2024-50093: thermal: intel: int340x: processor: Fix warning during module unload (bsc#1232877). - CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881). - CVE-2024-50108: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (bsc#1232884). - CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885). - CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919). - CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928). - CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907). - CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905). - CVE-2024-50134: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape (bsc#1232890). - CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888). - CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935). - CVE-2024-50146: net/mlx5e: Do not call cleanup on profile rollback failure (bsc#1233056). - CVE-2024-50147: net/mlx5: Fix command bitmask initialization (bsc#1233067). - CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061). - CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070). - CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049). - CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057). - CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129). - CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135). - CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110). - CVE-2024-50188: net: phy: dp83869: fix memory corruption when enabling fiber (bsc#1233107). - CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106). - CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103). - CVE-2024-50196: pinctrl: ocelot: fix system hang on level based interrupts (bsc#1233113). - CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293). - CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117). - CVE-2024-50229: nilfs2: fix potential deadlock with newly created symlinks (bsc#1233205). - CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206). - CVE-2024-50259: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() (bsc#1233214). - CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253). - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453). - CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456). - CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460). - CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462). - CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463). - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). - CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478). - CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484). - CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487). - CVE-2024-53052: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (bsc#1233548). - CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552). - CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555). - CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557). - CVE-2024-53068: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (bsc#1233561). - CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570). - CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085). The following non-security bugs were fixed: - Drop OCFS2 patch causing a regression (bsc#1233255) - Fix regression on AMDGPU driver (bsc#1233134) - Removed the duplicated check of static_assert(sizeof(struct work_struct) >= sizeof(struct rcu_head)). - Removed unnecessary white-space change in kernel/bpf/syscall.c - Revert 'cgroup: Fix memory leak caused by missing cgroup_bpf_offline' (bsc#1234108). - Revert 'ixgbe: Manual AN-37 for troublesome link partners for X550 SFI' (git-fixes). - Revert 'mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K' (git-fixes). - Revert 'usb: gadget: composite: fix OS descriptors w_value logic' (git-fixes). - Update config files (bsc#1218644). - Update config files. Enabled IDPF for ARM64 (bsc#1221309) - acpi: CPPC: Fix _CPC register setting issue (git-fixes). - acpi: CPPC: Make rmw_lock a raw_spin_lock (git-fixes). - acpi: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes). - acpi: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes). - ad7780: fix division by zero in ad7780_write_raw() (git-fixes). - adapt same struct naming as similar kABI workaround in SLE15-SP6 (prefixed with 'suse_' to make it more obvious its a downstream thing. - add bugreference to a hv_netvsc patch (bsc#1232413). - add commit message for the kABI patch - alsa: 6fire: Release resources at card release (git-fixes). - alsa: ac97: bus: Fix the mistake in the comment (git-fixes). - alsa: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes). - alsa: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes). - alsa: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes). - alsa: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes). - alsa: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes). - alsa: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes). - alsa: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes). - alsa: hda/realtek: Update ALC225 depop procedure (git-fixes). - alsa: hda/realtek: Update ALC256 depop procedure (git-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes). - alsa: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes). - alsa: usb-audio: Add quirk for HP 320 FHD Webcam (stable-fixes). - alsa: usb-audio: Add quirks for Dell WD19 dock (stable-fixes). - alsa: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes). - amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes). - arm64/sve: Discard stale CPU state when handling SVE traps (git-fixes) - arm64: Force position-independent veneers (git-fixes). - arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes). - arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes) - arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes) - arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes) - arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes) - arm64:uprobe fix the uprobe SWBP_INSN in big-endian (git-fixes) - asoc: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes). - asoc: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes). - asoc: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes). - asoc: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes). - asoc: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes). - asoc: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes). - asoc: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes). - blk-throttle: Fix io statistics for cgroup v1 (bsc#1233528). - block: Avoid leaking hctx->nr_active counter on batched completion (bsc#1231923). - bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes). - bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes). - bnxt_en: Fix the PCI-AER routines (git-fixes). - bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters() (git-fixes). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes). - bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes). - bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes). - bnxt_en: Wait for FLR to complete during probe (git-fixes). - bnxt_en: refactor reset close code (git-fixes). - can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes). - can: c_can: fix {rx,tx}_errors statistics (git-fixes). - can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes). - can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes). - can: j1939: j1939_session_new(): fix skb reference counting (git-fixes). - can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes). - can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes). - can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes). - cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108). - chtls: fix tp->rcv_tstamp initialization (git-fixes). - comedi: Flush partial mappings in error case (git-fixes). - crypto: bcm - add error check in the ahash_hmac_init function (git-fixes). - crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes). - crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes). - crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes). - crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes). - crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes). - crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes). - cxgb4: Properly lock TX queue for the selftest (git-fixes). - cxgb4: add forgotten u64 ivlan cast before shift (git-fixes). - cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes). - drivers: net: prevent tun_build_skb() to exceed the packet size limit (git-fixes). - drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes). - drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes). - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes). - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes). - drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes). - drm/bridge: tc358767: Fix link properties discovery (git-fixes). - drm/bridge: tc358768: Fix DSI command tx (git-fixes). - drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes). - drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes). - drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes). - drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes). - drm/omap: Fix possible NULL dereference (git-fixes). - drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes). - drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes). - drm/sti: avoid potential dereference of error pointers (git-fixes). - drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes). - drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes). - drm/v3d: Address race-condition in MMU flush (git-fixes). - drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes). - drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes). - drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes). - drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes). - drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes). - e1000e: Fix S0ix residency on corporate systems (git-fixes). - efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465). - eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes). - firmware: google: Unregister driver_info on failure (git-fixes). - genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes). - goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes). - gve: Fix XDP TX completion handling when counters overflow (git-fixes). - gve: Fix an edge case for TSO skb validity check (git-fixes). - gve: Fix skb truesize underestimation (git-fixes). - gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes). - hid: core: zero-initialize the report buffer (git-fixes). - hid: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes). - hid: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes). - hid: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes). - hid: multitouch: Add support for B2402FVA track point (stable-fixes). - hid: wacom: Defer calculation of resolution until resolution_code is known (git-fixes). - hid: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes). - hid: wacom: fix when get product name maybe null pointer (git-fixes). - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes). - hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes). - i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes). - i40e: Fix XDP program unloading while removing the driver (git-fixes). - i40e: Fix filter input checks to prevent config with invalid values (git-fixes). - i40e: Fix waiting for queues of all VSIs to be disabled (git-fixes). - i40e: Report MFS in decimal base instead of hex (git-fixes). - i40e: Restore VF MSI-X state during PCI reset (git-fixes). - i40e: avoid double calling i40e_pf_rxq_wait() (git-fixes). - i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes). - i40e: fix use-after-free in i40e_aqc_add_filters() (git-fixes). - i40e: take into account XDP Tx queues when stopping rings (git-fixes). - iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes). - iavf: Fix TC config comparison with existing adapter TC config (git-fixes). - iavf: Fix promiscuous mode configuration flow messages (git-fixes). - iavf: Introduce new state machines for flow director (git-fixes). - iavf: do not process adminq tasks when __IAVF_IN_REMOVE_TASK is set (git-fixes). - iavf: fix FDIR rule fields masks validation (git-fixes). - iavf: in iavf_down, disable queues when removing the driver (git-fixes). - iavf: initialize waitqueues before starting watchdog_task (git-fixes). - iavf: send VLAN offloading caps once after VFR (git-fixes). - iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero (git-fixes). - ibmvnic: Do partial reset on login failure (bsc#1233150). - ibmvnic: Enforce stronger sanity checks on login response (bsc#1233150). - ibmvnic: Ensure login failure recovery is safe from other resets (bsc#1233150). - ibmvnic: Handle DMA unmapping of login buffs in release functions (bsc#1233150). - ibmvnic: Unmap DMA login rsp buffer on send login fail (bsc#1233150). - ice: Block switchdev mode when ADQ is active and vice versa (git-fixes). - ice: Fix NULL pointer deref during VF reset (git-fixes). - ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes). - ice: Fix link_down_on_close message (git-fixes). - ice: Fix netif_is_ice() in Safe Mode (git-fixes). - ice: Interpret .set_channels() input differently (git-fixes). - ice: Shut down VSI with 'link-down-on-close' enabled (git-fixes). - ice: avoid executing commands on other ports when driving sync (git-fixes). - ice: change q_index variable type to s16 to store -1 value (git-fixes). - ice: fix ICE_LAST_OFFSET formula (git-fixes). - ice: fix VLAN replay after reset (git-fixes). - ice: fix accounting for filters shared by multiple VSIs (git-fixes). - ice: fix accounting if a VLAN already exists (git-fixes). - ice: fix over-shifted variable (git-fixes). - ice: fix receive buffer size miscalculation (git-fixes). - ice: ice_aq_check_events: fix off-by-one check when filling buffer (git-fixes). - ice: reset first in crash dump kernels (git-fixes). - ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes). - ice: tc: allow zero flags in parsing tc flower (git-fixes). - ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes). - idpf: Interpret .set_channels() input differently (git-fixes). - idpf: avoid compiler introduced padding in virtchnl2_rss_key struct (git-fixes). - idpf: avoid compiler padding in virtchnl2_ptype struct (git-fixes). - idpf: disable local BH when scheduling napi for marker packets (git-fixes). - idpf: distinguish vports by the dev_port attribute (git-fixes). - idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes). - idpf: fix UAFs when destroying the queues (git-fixes). - idpf: fix corrupted frames and skb leaks in singleq mode (git-fixes). - idpf: fix memleak in vport interrupt configuration (git-fixes). - idpf: fix memory leaks and crashes while performing a soft reset (git-fixes). - igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes). - igb: Fix missing time sync events (git-fixes). - igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes). - igb: extend PTP timestamp adjustments to i211 (git-fixes). - igc: Check VLAN EtherType mask (git-fixes). - igc: Check VLAN TCI mask (git-fixes). - igc: Fix hicredit calculation (git-fixes). - igc: Fix missing time sync events (git-fixes). - igc: Remove temporary workaround (git-fixes). - igc: Report VLAN EtherType matching back to user (git-fixes). - igc: Unlock on error in igc_io_resume() (git-fixes). - iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes). - iio: adc: ad7606: Fix typo in the driver name (git-fixes). - iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes). - iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes). - iio: light: veml6030: fix microlux value calculation (git-fixes). - initramfs: avoid filename buffer overrun (bsc#1232436). - input: i8042 - add Ayaneo Kun to i8042 quirk table (git-fixes). - input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (git-fixes). - input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (git-fixes). - input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (git-fixes). - input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (git-fixes). - irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes). - irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes). - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes). - ixgbe: fix crash with empty VF macvlan list (git-fixes). - ixgbe: fix timestamp configuration code (git-fixes). - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes). - kABI: Restore exported __arm_smccc_sve_check (git-fixes) - kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644). - kernel.h: split out COUNT_ARGS() and CONCATENATE() to args.h (git-fixes) - kexec: fix a memory leak in crash_shrink_memory() (git-fixes). - kvm: PPC: Book3S HV: remove unused varible (bsc#1194869). - mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes). - media: adv7604: prevent underflow condition when reporting colorspace (git-fixes). - media: cx24116: prevent overflows on SNR calculus (git-fixes). - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer (stable-fixes). - media: dvb-usb-v2: af9035: fix missing unlock (git-fixes). - media: dvb_frontend: do not play tricks with underflow values (git-fixes). - media: dvbdev: prevent the risk of out of memory access (git-fixes). - media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes). - media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes). - media: stb0899_algo: initialize cfr before using it (git-fixes). - media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes). - media: v4l2-tpg: prevent the risk of a division by zero (git-fixes). - mei: use kvmalloc for read buffer (git-fixes). - misc: apds990x: Fix missing pm_runtime_disable() (git-fixes). - mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012). - mm/memory: add non-anonymous page check in the copy_present_page() (bsc#1231646). - modpost: remove incorrect code in do_eisa_entry() (git-fixes). - net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes). - net/mlx5: Added cond_resched() to crdump collection (git-fixes). - net/mlx5: Allow 0 for total host VFs (git-fixes). - net/mlx5: Correctly compare pkt reformat ids (git-fixes). - net/mlx5: DR, Can't go to uplink vport on RX rule (git-fixes). - net/mlx5: DR, Use the right GVMI number for drop action (git-fixes). - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx (git-fixes). - net/mlx5: Drain health before unregistering devlink (git-fixes). - net/mlx5: E-switch, register event handler before arming the event (git-fixes). - net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes). - net/mlx5: Fix fw tracer first block check (git-fixes). - net/mlx5: Handle fw tracer change ownership event based on MTRC (git-fixes). - net/mlx5: LAG, Check correct bucket when modifying LAG (git-fixes). - net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes). - net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes). - net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes). - net/mlx5: Skip clock update work when device is in error state (git-fixes). - net/mlx5: Unregister notifier on eswitch init failure (git-fixes). - net/mlx5: Update the list of the PCI supported devices (git-fixes). - net/mlx5: Use RMW accessors for changing LNKCTL (git-fixes). - net/mlx5: Use mlx5 device constant for selecting CQ period mode for ASO (git-fixes). - net/mlx5: Use recovery timeout on sync reset flow (git-fixes). - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx (git-fixes). - net/mlx5: fs, lock FTE when checking if active (git-fixes). - net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes). - net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes). - net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes). - net/mlx5e: Again mutually exclude RX-FCS and RX-port-timestamp (git-fixes). - net/mlx5e: Allow software parsing when IPsec crypto is enabled (git-fixes). - net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes). - net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes). - net/mlx5e: Check return value of snprintf writing to fw_version buffer (git-fixes). - net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors (git-fixes). - net/mlx5e: Correct snprintf truncation handling for fw_version buffer (git-fixes). - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used by representors (git-fixes). - net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes). - net/mlx5e: Do not offload internal port if filter device is out device (git-fixes). - net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes). - net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes). - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set (git-fixes). - net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes). - net/mlx5e: Fix pedit endianness (git-fixes). - net/mlx5e: Fix possible deadlock on mlx5e_tx_timeout_work (git-fixes). - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list() (git-fixes). - net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes). - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx (git-fixes). - net/mlx5e: Reduce the size of icosq_str (git-fixes). - net/mlx5e: Take state lock during tx timeout reporter (git-fixes). - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes). - net/mlx5e: fix a potential double-free in fs_udp_create_groups (git-fixes). - net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups (git-fixes). - net/mlx5e: fix double free of encap_header (git-fixes). - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() (git-fixes). - net/mlx5e: kTLS, Fix incorrect page refcounting (git-fixes). - net: ena: Fix potential sign extension issue (git-fixes). - net: ena: Remove ena_select_queue (git-fixes). - net: ena: Wrong missing IO completions check order (git-fixes). - net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes). - net: relax socket state check at accept time (git-fixes). - net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes). - net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes). - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes). - net: usb: usbnet: fix race in probe failure (git-fixes). - nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes). - nvme-fabrics: fix kernel crash while shutting down controller (git-fixes). - nvme-pci: fix freeing of the HMB descriptor table (git-fixes). - nvme-pci: reverse request order in nvme_queue_rqs (git-fixes). - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes). - pci: Add T_PVPERL macro (git-fixes). - pci: Fix reset_method_store() memory leak (git-fixes). - pci: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes). - pci: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes). - pci: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes). - pci: keystone: Set mode as Root Complex for 'ti,keystone-pcie' compatible (git-fixes). - pci: rockchip-ep: Fix address translation unit programming (git-fixes). - phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes). - platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes). - platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes). - platform/x86: dell-sysman: add support for alienware products (stable-fixes). - platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes). - posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098). - power: supply: bq27xxx: Fix registers of bq27426 (git-fixes). - power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes). - powerpc/asm: Remove UPD_CONSTR after GCC 4.9 removal (bsc#1194869). - powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869). - powerpc/kexec: Fix return of uninitialized variable (bsc#1194869). - powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869). - powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869). - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869). - powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869). - powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869). - powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869). - powerpc: remove GCC version check for UPD_CONSTR (bsc#1194869). - qed: avoid truncating work queue length (git-fixes). - rdma/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes) - rdma/hns: Add clear_hem return value to log (git-fixes) - rdma/hns: Add mutex_destroy() (git-fixes) - rdma/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes) - rdma/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes) - rdma/hns: Fix cpu stuck caused by printings during reset (git-fixes) - rdma/hns: Fix different dgids mapping to the same dip_idx (git-fixes) - rdma/hns: Fix flush cqe error when racing with destroy qp (git-fixes) - rdma/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes) - rdma/hns: Remove unnecessary QP type checks (git-fixes) - rdma/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes) - rdma/hns: Use macro instead of magic number (git-fixes) - rdma/mlx5: Move events notifier registration to be after device registration (git-fixes) - rdma/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes). - rdma/rxe: Fix the qp flush warnings in req (git-fixes) - rdma/rxe: Set queue pair cur_qp_state when being queried (git-fixes) - rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644) - rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes). - rtc: abx80x: Fix WDT bit position of the status register (git-fixes). - rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes). - rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241). - scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241). - scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241). - scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241). - scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241). - scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241). - scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241). - scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241). - scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241). - scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241). - scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241). - scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes). - scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes). - security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes). - serial: 8250: omap: Move pm_runtime_get_sync (git-fixes). - sfc: Check firmware supports Ethernet PTP filter (git-fixes). - sfc: do not unregister flow_indr if it was never registered (git-fixes). - sfc: fix a double-free bug in efx_probe_filters (git-fixes). - signal: Replace BUG_ON()s (bsc#1234093). - spi: Fix acpi deferred irq probe (git-fixes). - spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes). - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes). - thermal: core: Initialize thermal zones before registering them (git-fixes). - thermal: intel: int340x: processor: Fix warning during module unload (git-fixes). - tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes). - tun: Fix xdp_rxq_info's queue_index when detaching (git-fixes). - tun: prevent negative ifindex (git-fixes). - ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460). - usb: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes). - usb: chaoskey: fail open after removal (git-fixes). - usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes). - usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes). - usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes). - usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes). - usb: musb: sunxi: Fix accessing an released usb phy (git-fixes). - usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes). - usb: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes). - usb: serial: io_edgeport: fix use after free in debug printk (git-fixes). - usb: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes). - usb: serial: option: add Quectel RG650V (stable-fixes). - usb: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes). - usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes). - usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes). - usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes). - usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes). - usb: yurex: make waiting on yurex_write interruptible (git-fixes). - usbip: tools: Fix detach_port() invalid port error path (git-fixes). - vdpa/mlx5: preserve CVQ vringh index (git-fixes). - watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes). - watchdog: rti: of: honor timeout-sec property (git-fixes). - wifi: ath10k: Fix memory leak in management tx (git-fixes). - wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes). - wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes). - wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes). - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes). - wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes). - wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes). - wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes). - wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (stable-fixes). - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes). - wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes). - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes). - wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - x86/kvm: fix is_stale_page_fault() (bsc#1221333). - xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes). - xhci: Separate PORT and CAPs macros into dedicated file (stable-fixes). - xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes). Important SUSE bug 1082555 SUSE bug 1194869 SUSE bug 1218644 SUSE bug 1220382 SUSE bug 1221309 SUSE bug 1221333 SUSE bug 1222364 SUSE bug 1222590 SUSE bug 1223202 SUSE bug 1223656 SUSE bug 1223848 SUSE bug 1223919 SUSE bug 1223942 SUSE bug 1224518 SUSE bug 1224526 SUSE bug 1224574 SUSE bug 1225725 SUSE bug 1225730 SUSE bug 1225742 SUSE bug 1225764 SUSE bug 1225812 SUSE bug 1226560 SUSE bug 1226592 SUSE bug 1226631 SUSE bug 1226748 SUSE bug 1226872 SUSE bug 1227853 SUSE bug 1228410 SUSE bug 1228430 SUSE bug 1228486 SUSE bug 1228650 SUSE bug 1228857 SUSE bug 1229312 SUSE bug 1229429 SUSE bug 1229585 SUSE bug 1229752 SUSE bug 1229808 SUSE bug 1230055 SUSE bug 1230220 SUSE bug 1230231 SUSE bug 1230270 SUSE bug 1230558 SUSE bug 1230827 SUSE bug 1230918 SUSE bug 1231083 SUSE bug 1231089 SUSE bug 1231098 SUSE bug 1231101 SUSE bug 1231108 SUSE bug 1231111 SUSE bug 1231132 SUSE bug 1231135 SUSE bug 1231138 SUSE bug 1231169 SUSE bug 1231178 SUSE bug 1231180 SUSE bug 1231181 SUSE bug 1231187 SUSE bug 1231202 SUSE bug 1231434 SUSE bug 1231441 SUSE bug 1231452 SUSE bug 1231465 SUSE bug 1231474 SUSE bug 1231481 SUSE bug 1231537 SUSE bug 1231541 SUSE bug 1231646 SUSE bug 1231849 SUSE bug 1231856 SUSE bug 1231858 SUSE bug 1231859 SUSE bug 1231864 SUSE bug 1231904 SUSE bug 1231916 SUSE bug 1231920 SUSE bug 1231923 SUSE bug 1231930 SUSE bug 1231931 SUSE bug 1231947 SUSE bug 1231952 SUSE bug 1231953 SUSE bug 1231959 SUSE bug 1231978 SUSE bug 1232013 SUSE bug 1232015 SUSE bug 1232016 SUSE bug 1232017 SUSE bug 1232027 SUSE bug 1232028 SUSE bug 1232047 SUSE bug 1232048 SUSE bug 1232050 SUSE bug 1232056 SUSE bug 1232076 SUSE bug 1232080 SUSE bug 1232094 SUSE bug 1232096 SUSE bug 1232098 SUSE bug 1232111 SUSE bug 1232126 SUSE bug 1232134 SUSE bug 1232135 SUSE bug 1232141 SUSE bug 1232142 SUSE bug 1232147 SUSE bug 1232152 SUSE bug 1232159 SUSE bug 1232162 SUSE bug 1232165 SUSE bug 1232180 SUSE bug 1232185 SUSE bug 1232187 SUSE bug 1232189 SUSE bug 1232195 SUSE bug 1232198 SUSE bug 1232201 SUSE bug 1232218 SUSE bug 1232224 SUSE bug 1232232 SUSE bug 1232254 SUSE bug 1232255 SUSE bug 1232264 SUSE bug 1232272 SUSE bug 1232279 SUSE bug 1232287 SUSE bug 1232293 SUSE bug 1232312 SUSE bug 1232317 SUSE bug 1232318 SUSE bug 1232333 SUSE bug 1232334 SUSE bug 1232335 SUSE bug 1232339 SUSE bug 1232349 SUSE bug 1232357 SUSE bug 1232359 SUSE bug 1232362 SUSE bug 1232364 SUSE bug 1232370 SUSE bug 1232371 SUSE bug 1232378 SUSE bug 1232385 SUSE bug 1232387 SUSE bug 1232394 SUSE bug 1232413 SUSE bug 1232416 SUSE bug 1232436 SUSE bug 1232483 SUSE bug 1232500 SUSE bug 1232503 SUSE bug 1232504 SUSE bug 1232507 SUSE bug 1232520 SUSE bug 1232552 SUSE bug 1232757 SUSE bug 1232819 SUSE bug 1232860 SUSE bug 1232870 SUSE bug 1232873 SUSE bug 1232877 SUSE bug 1232878 SUSE bug 1232881 SUSE bug 1232884 SUSE bug 1232885 SUSE bug 1232887 SUSE bug 1232888 SUSE bug 1232890 SUSE bug 1232892 SUSE bug 1232896 SUSE bug 1232897 SUSE bug 1232905 SUSE bug 1232907 SUSE bug 1232919 SUSE bug 1232926 SUSE bug 1232928 SUSE bug 1232935 SUSE bug 1233035 SUSE bug 1233049 SUSE bug 1233051 SUSE bug 1233056 SUSE bug 1233057 SUSE bug 1233061 SUSE bug 1233063 SUSE bug 1233065 SUSE bug 1233067 SUSE bug 1233070 SUSE bug 1233073 SUSE bug 1233074 SUSE bug 1233100 SUSE bug 1233103 SUSE bug 1233104 SUSE bug 1233105 SUSE bug 1233106 SUSE bug 1233107 SUSE bug 1233108 SUSE bug 1233110 SUSE bug 1233111 SUSE bug 1233113 SUSE bug 1233114 SUSE bug 1233117 SUSE bug 1233123 SUSE bug 1233125 SUSE bug 1233129 SUSE bug 1233130 SUSE bug 1233134 SUSE bug 1233135 SUSE bug 1233150 SUSE bug 1233189 SUSE bug 1233191 SUSE bug 1233197 SUSE bug 1233205 SUSE bug 1233206 SUSE bug 1233209 SUSE bug 1233210 SUSE bug 1233211 SUSE bug 1233212 SUSE bug 1233214 SUSE bug 1233216 SUSE bug 1233238 SUSE bug 1233241 SUSE bug 1233253 SUSE bug 1233255 SUSE bug 1233293 SUSE bug 1233350 SUSE bug 1233452 SUSE bug 1233453 SUSE bug 1233454 SUSE bug 1233456 SUSE bug 1233457 SUSE bug 1233458 SUSE bug 1233460 SUSE bug 1233462 SUSE bug 1233463 SUSE bug 1233468 SUSE bug 1233471 SUSE bug 1233476 SUSE bug 1233478 SUSE bug 1233479 SUSE bug 1233481 SUSE bug 1233484 SUSE bug 1233487 SUSE bug 1233490 SUSE bug 1233491 SUSE bug 1233528 SUSE bug 1233548 SUSE bug 1233552 SUSE bug 1233553 SUSE bug 1233554 SUSE bug 1233555 SUSE bug 1233557 SUSE bug 1233560 SUSE bug 1233561 SUSE bug 1233570 SUSE bug 1233577 SUSE bug 1233580 SUSE bug 1233977 SUSE bug 1234012 SUSE bug 1234025 SUSE bug 1234085 SUSE bug 1234093 SUSE bug 1234098 SUSE bug 1234108 CVE-2021-47594 at SUSE CVE-2021-47594 at NVD CVE-2022-48674 at SUSE CVE-2022-48674 at NVD CVE-2022-48979 at SUSE CVE-2022-48979 at NVD CVE-2022-48982 at SUSE CVE-2022-48982 at NVD CVE-2022-48983 at SUSE CVE-2022-48983 at NVD CVE-2022-48989 at SUSE CVE-2022-48989 at NVD CVE-2022-48990 at SUSE CVE-2022-48990 at NVD CVE-2023-52915 at SUSE CVE-2023-52915 at NVD CVE-2023-52917 at SUSE CVE-2023-52917 at NVD CVE-2023-52918 at SUSE CVE-2023-52918 at NVD CVE-2023-52921 at SUSE CVE-2023-52921 at NVD CVE-2023-52922 at SUSE CVE-2023-52922 at NVD CVE-2024-26782 at SUSE CVE-2024-26782 at NVD CVE-2024-26906 at SUSE CVE-2024-26906 at NVD CVE-2024-26953 at SUSE CVE-2024-26953 at NVD CVE-2024-35888 at SUSE CVE-2024-35888 at NVD CVE-2024-35937 at SUSE CVE-2024-35937 at NVD CVE-2024-35980 at SUSE CVE-2024-35980 at NVD CVE-2024-36484 at SUSE CVE-2024-36484 at NVD CVE-2024-36883 at SUSE CVE-2024-36883 at NVD CVE-2024-36886 at SUSE CVE-2024-36886 at NVD CVE-2024-36905 at SUSE CVE-2024-36905 at NVD CVE-2024-36953 at SUSE CVE-2024-36953 at NVD CVE-2024-36954 at SUSE CVE-2024-36954 at NVD CVE-2024-38577 at SUSE CVE-2024-38577 at NVD CVE-2024-38589 at SUSE CVE-2024-38589 at NVD CVE-2024-38615 at SUSE CVE-2024-38615 at NVD CVE-2024-40997 at SUSE CVE-2024-40997 at NVD CVE-2024-41016 at SUSE CVE-2024-41016 at NVD CVE-2024-41023 at SUSE CVE-2024-41023 at NVD CVE-2024-41049 at SUSE CVE-2024-41049 at NVD CVE-2024-42131 at SUSE CVE-2024-42131 at NVD CVE-2024-43817 at SUSE CVE-2024-43817 at NVD CVE-2024-43897 at SUSE CVE-2024-43897 at NVD CVE-2024-44932 at SUSE CVE-2024-44932 at NVD CVE-2024-44964 at SUSE CVE-2024-44964 at NVD CVE-2024-44995 at SUSE CVE-2024-44995 at NVD CVE-2024-46681 at SUSE CVE-2024-46681 at NVD CVE-2024-46800 at SUSE CVE-2024-46800 at NVD CVE-2024-46802 at SUSE CVE-2024-46802 at NVD CVE-2024-46804 at SUSE CVE-2024-46804 at NVD CVE-2024-46805 at SUSE CVE-2024-46805 at NVD CVE-2024-46807 at SUSE CVE-2024-46807 at NVD CVE-2024-46810 at SUSE CVE-2024-46810 at NVD CVE-2024-46812 at SUSE CVE-2024-46812 at NVD CVE-2024-46819 at SUSE CVE-2024-46819 at NVD CVE-2024-46821 at SUSE CVE-2024-46821 at NVD CVE-2024-46835 at SUSE CVE-2024-46835 at NVD CVE-2024-46842 at SUSE CVE-2024-46842 at NVD CVE-2024-46853 at SUSE CVE-2024-46853 at NVD CVE-2024-46859 at SUSE CVE-2024-46859 at NVD CVE-2024-46864 at SUSE CVE-2024-46864 at NVD CVE-2024-46871 at SUSE CVE-2024-46871 at NVD CVE-2024-47663 at SUSE CVE-2024-47663 at NVD CVE-2024-47665 at SUSE CVE-2024-47665 at NVD CVE-2024-47667 at SUSE CVE-2024-47667 at NVD CVE-2024-47669 at SUSE CVE-2024-47669 at NVD CVE-2024-47670 at SUSE CVE-2024-47670 at NVD CVE-2024-47671 at SUSE CVE-2024-47671 at NVD CVE-2024-47679 at SUSE CVE-2024-47679 at NVD CVE-2024-47682 at SUSE CVE-2024-47682 at NVD CVE-2024-47693 at SUSE CVE-2024-47693 at NVD CVE-2024-47695 at SUSE CVE-2024-47695 at NVD CVE-2024-47696 at SUSE CVE-2024-47696 at NVD CVE-2024-47697 at SUSE CVE-2024-47697 at NVD CVE-2024-47698 at SUSE CVE-2024-47698 at NVD CVE-2024-47699 at SUSE CVE-2024-47699 at NVD CVE-2024-47701 at SUSE CVE-2024-47701 at NVD CVE-2024-47709 at SUSE CVE-2024-47709 at NVD CVE-2024-47712 at SUSE CVE-2024-47712 at NVD CVE-2024-47713 at SUSE CVE-2024-47713 at NVD CVE-2024-47718 at SUSE CVE-2024-47718 at NVD CVE-2024-47723 at SUSE CVE-2024-47723 at NVD CVE-2024-47728 at SUSE CVE-2024-47728 at NVD CVE-2024-47735 at SUSE CVE-2024-47735 at NVD CVE-2024-47737 at SUSE CVE-2024-47737 at NVD CVE-2024-47742 at SUSE CVE-2024-47742 at NVD CVE-2024-47745 at SUSE CVE-2024-47745 at NVD CVE-2024-47749 at SUSE CVE-2024-47749 at NVD CVE-2024-47756 at SUSE CVE-2024-47756 at NVD CVE-2024-47757 at SUSE CVE-2024-47757 at NVD CVE-2024-49850 at SUSE CVE-2024-49850 at NVD CVE-2024-49851 at SUSE CVE-2024-49851 at NVD CVE-2024-49852 at SUSE CVE-2024-49852 at NVD CVE-2024-49855 at SUSE CVE-2024-49855 at NVD CVE-2024-49861 at SUSE CVE-2024-49861 at NVD CVE-2024-49863 at SUSE CVE-2024-49863 at NVD CVE-2024-49868 at SUSE CVE-2024-49868 at NVD CVE-2024-49870 at SUSE CVE-2024-49870 at NVD CVE-2024-49871 at SUSE CVE-2024-49871 at NVD CVE-2024-49875 at SUSE CVE-2024-49875 at NVD CVE-2024-49877 at SUSE CVE-2024-49877 at NVD CVE-2024-49879 at SUSE CVE-2024-49879 at NVD CVE-2024-49884 at SUSE CVE-2024-49884 at NVD CVE-2024-49891 at SUSE CVE-2024-49891 at NVD CVE-2024-49900 at SUSE CVE-2024-49900 at NVD CVE-2024-49902 at SUSE CVE-2024-49902 at NVD CVE-2024-49903 at SUSE CVE-2024-49903 at NVD CVE-2024-49905 at SUSE CVE-2024-49905 at NVD CVE-2024-49907 at SUSE CVE-2024-49907 at NVD CVE-2024-49908 at SUSE CVE-2024-49908 at NVD CVE-2024-49921 at SUSE CVE-2024-49921 at NVD CVE-2024-49924 at SUSE CVE-2024-49924 at NVD CVE-2024-49925 at SUSE CVE-2024-49925 at NVD CVE-2024-49934 at SUSE CVE-2024-49934 at NVD CVE-2024-49935 at SUSE CVE-2024-49935 at NVD CVE-2024-49938 at SUSE CVE-2024-49938 at NVD CVE-2024-49945 at SUSE CVE-2024-49945 at NVD CVE-2024-49947 at SUSE CVE-2024-49947 at NVD CVE-2024-49950 at SUSE CVE-2024-49950 at NVD CVE-2024-49957 at SUSE CVE-2024-49957 at NVD CVE-2024-49963 at SUSE CVE-2024-49963 at NVD CVE-2024-49965 at SUSE CVE-2024-49965 at NVD CVE-2024-49966 at SUSE CVE-2024-49966 at NVD CVE-2024-49968 at SUSE CVE-2024-49968 at NVD CVE-2024-49981 at SUSE CVE-2024-49981 at NVD CVE-2024-49983 at SUSE CVE-2024-49983 at NVD CVE-2024-49985 at SUSE CVE-2024-49985 at NVD CVE-2024-49989 at SUSE CVE-2024-49989 at NVD CVE-2024-50003 at SUSE CVE-2024-50003 at NVD CVE-2024-50007 at SUSE CVE-2024-50007 at NVD CVE-2024-50008 at SUSE CVE-2024-50008 at NVD CVE-2024-50009 at SUSE CVE-2024-50009 at NVD CVE-2024-50013 at SUSE CVE-2024-50013 at NVD CVE-2024-50017 at SUSE CVE-2024-50017 at NVD CVE-2024-50025 at SUSE CVE-2024-50025 at NVD CVE-2024-50026 at SUSE CVE-2024-50026 at NVD CVE-2024-50031 at SUSE CVE-2024-50031 at NVD CVE-2024-50044 at SUSE CVE-2024-50044 at NVD CVE-2024-50062 at SUSE CVE-2024-50062 at NVD CVE-2024-50067 at SUSE CVE-2024-50067 at NVD CVE-2024-50073 at SUSE CVE-2024-50073 at NVD CVE-2024-50074 at SUSE CVE-2024-50074 at NVD CVE-2024-50077 at SUSE CVE-2024-50077 at NVD CVE-2024-50078 at SUSE CVE-2024-50078 at NVD CVE-2024-50082 at SUSE CVE-2024-50082 at NVD CVE-2024-50089 at SUSE CVE-2024-50089 at NVD CVE-2024-50093 at SUSE CVE-2024-50093 at NVD CVE-2024-50095 at SUSE CVE-2024-50095 at NVD CVE-2024-50096 at SUSE CVE-2024-50096 at NVD CVE-2024-50098 at SUSE CVE-2024-50098 at NVD CVE-2024-50099 at SUSE CVE-2024-50099 at NVD CVE-2024-50103 at SUSE CVE-2024-50103 at NVD CVE-2024-50108 at SUSE CVE-2024-50108 at NVD CVE-2024-50110 at SUSE CVE-2024-50110 at NVD CVE-2024-50115 at SUSE CVE-2024-50115 at NVD CVE-2024-50116 at SUSE CVE-2024-50116 at NVD CVE-2024-50117 at SUSE CVE-2024-50117 at NVD CVE-2024-50124 at SUSE CVE-2024-50124 at NVD CVE-2024-50125 at SUSE CVE-2024-50125 at NVD CVE-2024-50127 at SUSE CVE-2024-50127 at NVD CVE-2024-50128 at SUSE CVE-2024-50128 at NVD CVE-2024-50131 at SUSE CVE-2024-50131 at NVD CVE-2024-50134 at SUSE CVE-2024-50134 at NVD CVE-2024-50135 at SUSE CVE-2024-50135 at NVD CVE-2024-50138 at SUSE CVE-2024-50138 at NVD CVE-2024-50141 at SUSE CVE-2024-50141 at NVD CVE-2024-50146 at SUSE CVE-2024-50146 at NVD CVE-2024-50147 at SUSE CVE-2024-50147 at NVD CVE-2024-50148 at SUSE CVE-2024-50148 at NVD CVE-2024-50150 at SUSE CVE-2024-50150 at NVD CVE-2024-50153 at SUSE CVE-2024-50153 at NVD CVE-2024-50154 at SUSE CVE-2024-50154 at NVD CVE-2024-50155 at SUSE CVE-2024-50155 at NVD CVE-2024-50156 at SUSE CVE-2024-50156 at NVD CVE-2024-50160 at SUSE CVE-2024-50160 at NVD CVE-2024-50167 at SUSE CVE-2024-50167 at NVD CVE-2024-50171 at SUSE CVE-2024-50171 at NVD CVE-2024-50179 at SUSE CVE-2024-50179 at NVD CVE-2024-50180 at SUSE CVE-2024-50180 at NVD CVE-2024-50182 at SUSE CVE-2024-50182 at NVD CVE-2024-50183 at SUSE CVE-2024-50183 at NVD CVE-2024-50184 at SUSE CVE-2024-50184 at NVD CVE-2024-50186 at SUSE CVE-2024-50186 at NVD CVE-2024-50187 at SUSE CVE-2024-50187 at NVD CVE-2024-50188 at SUSE CVE-2024-50188 at NVD CVE-2024-50189 at SUSE CVE-2024-50189 at NVD CVE-2024-50192 at SUSE CVE-2024-50192 at NVD CVE-2024-50194 at SUSE CVE-2024-50194 at NVD CVE-2024-50195 at SUSE CVE-2024-50195 at NVD CVE-2024-50196 at SUSE CVE-2024-50196 at NVD CVE-2024-50198 at SUSE CVE-2024-50198 at NVD CVE-2024-50201 at SUSE CVE-2024-50201 at NVD CVE-2024-50205 at SUSE CVE-2024-50205 at NVD CVE-2024-50208 at SUSE CVE-2024-50208 at NVD CVE-2024-50209 at SUSE CVE-2024-50209 at NVD CVE-2024-50215 at SUSE CVE-2024-50215 at NVD CVE-2024-50218 at SUSE CVE-2024-50218 at NVD CVE-2024-50229 at SUSE CVE-2024-50229 at NVD CVE-2024-50230 at SUSE CVE-2024-50230 at NVD CVE-2024-50232 at SUSE CVE-2024-50232 at NVD CVE-2024-50233 at SUSE CVE-2024-50233 at NVD CVE-2024-50234 at SUSE CVE-2024-50234 at NVD CVE-2024-50236 at SUSE CVE-2024-50236 at NVD CVE-2024-50237 at SUSE CVE-2024-50237 at NVD CVE-2024-50249 at SUSE CVE-2024-50249 at NVD CVE-2024-50255 at SUSE CVE-2024-50255 at NVD CVE-2024-50259 at SUSE CVE-2024-50259 at NVD CVE-2024-50261 at SUSE CVE-2024-50261 at NVD CVE-2024-50264 at SUSE CVE-2024-50264 at NVD CVE-2024-50265 at SUSE CVE-2024-50265 at NVD CVE-2024-50267 at SUSE CVE-2024-50267 at NVD CVE-2024-50268 at SUSE CVE-2024-50268 at NVD CVE-2024-50269 at SUSE CVE-2024-50269 at NVD CVE-2024-50271 at SUSE CVE-2024-50271 at NVD CVE-2024-50273 at SUSE CVE-2024-50273 at NVD CVE-2024-50274 at SUSE CVE-2024-50274 at NVD CVE-2024-50279 at SUSE CVE-2024-50279 at NVD CVE-2024-50282 at SUSE CVE-2024-50282 at NVD CVE-2024-50287 at SUSE CVE-2024-50287 at NVD CVE-2024-50289 at SUSE CVE-2024-50289 at NVD CVE-2024-50290 at SUSE CVE-2024-50290 at NVD CVE-2024-50292 at SUSE CVE-2024-50292 at NVD CVE-2024-50295 at SUSE CVE-2024-50295 at NVD CVE-2024-50298 at SUSE CVE-2024-50298 at NVD CVE-2024-50301 at SUSE CVE-2024-50301 at NVD CVE-2024-50302 at SUSE CVE-2024-50302 at NVD CVE-2024-53052 at SUSE CVE-2024-53052 at NVD CVE-2024-53058 at SUSE CVE-2024-53058 at NVD CVE-2024-53059 at SUSE CVE-2024-53059 at NVD CVE-2024-53060 at SUSE CVE-2024-53060 at NVD CVE-2024-53061 at SUSE CVE-2024-53061 at NVD CVE-2024-53063 at SUSE CVE-2024-53063 at NVD CVE-2024-53066 at SUSE CVE-2024-53066 at NVD CVE-2024-53068 at SUSE CVE-2024-53068 at NVD CVE-2024-53079 at SUSE CVE-2024-53079 at NVD CVE-2024-53085 at SUSE CVE-2024-53085 at NVD CVE-2024-53088 at SUSE CVE-2024-53088 at NVD CVE-2024-53104 at SUSE CVE-2024-53104 at NVD CVE-2024-53110 at SUSE CVE-2024-53110 at NVD cpe:/o:suse:sle-micro:5.5 Security update for vim (Low) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: - CVE-2024-47814: Fixed use-after-free when closing buffers in Vim (bsc#1231373) - CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238) Other fixes: - Updated to version 9.1.0836 Low SUSE bug 1229238 SUSE bug 1231373 CVE-2024-43374 at SUSE CVE-2024-43374 at NVD CVE-2024-47814 at SUSE CVE-2024-47814 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names (bsc#1233285) - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (bsc#1233292) - CVE-2024-52532: Fixed infinite loop while reading websocket data (bsc#1233287) Important SUSE bug 1233285 SUSE bug 1233287 SUSE bug 1233292 CVE-2024-52530 at SUSE CVE-2024-52530 at NVD CVE-2024-52531 at SUSE CVE-2024-52531 at NVD CVE-2024-52532 at SUSE CVE-2024-52532 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances (bsc#1234068) Moderate SUSE bug 1234068 CVE-2024-11053 at SUSE CVE-2024-11053 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker (Important) SUSE Linux Enterprise Micro 5.5 This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at <https://github.com/docker/buildx/releases/tag/v0.19.2>. Some notable changelogs from the last update: * <https://github.com/docker/buildx/releases/tag/v0.19.0> * <https://github.com/docker/buildx/releases/tag/v0.18.0> - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker (which creates special mounts in /run/secrets to allow container-suseconnect to authenticate containers with registries on registered hosts). bsc#1231348 bsc#1232999 In order to disable these mounts, just do echo 0 > /etc/docker/suse-secrets-enable and restart Docker. In order to re-enable them, just do echo 1 > /etc/docker/suse-secrets-enable and restart Docker. Docker will output information on startup to tell you whether the SUSE secrets feature is enabled or not. - Disable docker-buildx builds for SLES. It turns out that build containers with docker-buildx don't currently get the SUSE secrets mounts applied, meaning that container-suseconnect doesn't work when building images. bsc#1233819 - Remove DOCKER_NETWORK_OPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. - Allow a parallel docker-stable RPM to exists in repositories. - Update to docker-buildx v0.17.1 to match standalone docker-buildx package we are replacing. See upstream changelog online at <https://github.com/docker/buildx/releases/tag/v0.17.1> - Allow users to disable SUSE secrets support by setting DOCKER_SUSE_SECRETS_ENABLE=0 in /etc/sysconfig/docker. (bsc#1231348) - Mark docker-buildx as required since classic 'docker build' has been deprecated since Docker 23.0. (bsc#1230331) - Import docker-buildx v0.16.2 as a subpackage. Previously this was a separate package, but with docker-stable it will be necessary to maintain the packages together and it makes more sense to have them live in the same OBS package. (bsc#1230333) - Update to Docker 26.1.5-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/26.1/#2615> bsc#1230294 - This update includes fixes for: * CVE-2024-41110. bsc#1228324 * CVE-2023-47108. bsc#1217070 bsc#1229806 * CVE-2023-45142. bsc#1228553 bsc#1229806 - Update to Docker 26.1.4-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/26.1/#2614> - Update to Docker 26.1.0-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/26.1/#2610> - Update --add-runtime to point to correct binary path. Important SUSE bug 1217070 SUSE bug 1228324 SUSE bug 1228553 SUSE bug 1229806 SUSE bug 1230294 SUSE bug 1230331 SUSE bug 1230333 SUSE bug 1231348 SUSE bug 1232999 SUSE bug 1233819 CVE-2023-45142 at SUSE CVE-2023-45142 at NVD CVE-2023-47108 at SUSE CVE-2023-47108 at NVD CVE-2024-41110 at SUSE CVE-2024-41110 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47594: mptcp: never allow the PM to close a listener subflow (bsc#1226560). - CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). - CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). - CVE-2022-48957: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (bsc#1231973). - CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889). - CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). - CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). - CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). - CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191). - CVE-2022-48980: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (bsc#1232233). - CVE-2022-48983: io_uring: Fix a null-ptr-deref in io_tctx_exit_cb() (bsc#1231959). - CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). - CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). - CVE-2022-49017: tipc: re-fetch skb cb after tipc_msg_validate (bsc#1232004). - CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175). - CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590). - CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202). - CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656). - CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518). - CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526). - CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797). - CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725). - CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730). - CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742). - CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764). - CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762). - CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748). - CVE-2024-38615: cpufreq: exit() callback is optional (bsc#1226592). - CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437). - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). - CVE-2024-40997: cpufreq: amd-pstate: fix memory leak on CPU EPP exit (bsc#1227853). - CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430). - CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). - CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005). - CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837). - CVE-2024-44932: idpf: fix UAFs when destroying the queues (bsc#1229808). - CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). - CVE-2024-44964: idpf: fix memory leaks and crashes while performing a soft reset (bsc#1230220). - CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231). - CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). - CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456). - CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550). - CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558). - CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). - CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801). - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763). - CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774). - CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). - CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827). - CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148). - CVE-2024-46811: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (bsc#1231179). - CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). - CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). - CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). - CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). - CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). - CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). - CVE-2024-46828: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1231114). - CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). - CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). - CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). - CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072). - CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084). - CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085). - CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087). - CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). - CVE-2024-47661: drm/amd/display: Avoid overflow from uint32_t to uint8_t (bsc#1231496). - CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442). - CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). - CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540). - CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539). - CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). - CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930). - CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). - CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). - CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857). - CVE-2024-47701: ext4: explicitly exit when ext4_find_inline_entry returns an error (bsc#1231920). - CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944). - CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872). - CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). - CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). - CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049). - CVE-2024-47720: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (bsc#1232043). - CVE-2024-47727: x86/tdx: Fix 'in-kernel MMIO' check (bsc#1232116). - CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075). - CVE-2024-47738: wifi: mac80211: do not use rate mask for offchannel TX either (bsc#1232114). - CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124). - CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). - CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). - CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). - CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187). - CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251). - CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). - CVE-2024-49866: tracing/timerlat: Fix a race during cpuhp processing (bsc#1232259). - CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272). - CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). - CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). - CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). - CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (bsc#1232196). - CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). - CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220). - CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). - CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355). - CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358). - CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). - CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332). - CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337). - CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366). - CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369). - CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965). - CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967). - CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968). - CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). - CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371). - CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374). - CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361). - CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224) - CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253). - CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). - CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368). - CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387). - CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). - CVE-2024-49939: wifi: rtw89: avoid to add interface to list twice when SER (bsc#1232381). - CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165). - CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164). - CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). - CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159). - CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155). - CVE-2024-49955: ACPI: battery: Fix possible crash when unregistering a battery hook (bsc#1232154). - CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). - CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). - CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). - CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). - CVE-2024-49968: ext4: fix error message when rejecting the default hash (bsc#1232264). - CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). - CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105). - CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). - CVE-2024-49975: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1232104). - CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096). - CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483). - CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). - CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316). - CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). - CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). - CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085). - CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084). - CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083). - CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442). - CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318). - CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446). - CVE-2024-50019: kthread: unpark only parked kthread (bsc#1231990). - CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). - CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950). - CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). - CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). - CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907). - CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). - CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902). - CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). - CVE-2024-50048: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (bsc#1232310). - CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329). - CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285). - CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345). - CVE-2024-50061: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (bsc#1232263). - CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435). - CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520). - CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501). - CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500). - CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860). - CVE-2024-50093: thermal: intel: int340x: processor: Fix warning during module unload (bsc#1232877). - CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881). - CVE-2024-50108: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (bsc#1232884). - CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885). - CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919). - CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928). - CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907). - CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905). - CVE-2024-50134: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape (bsc#1232890). - CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888). - CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935). - CVE-2024-50146: net/mlx5e: Do not call cleanup on profile rollback failure (bsc#1233056). - CVE-2024-50147: net/mlx5: Fix command bitmask initialization (bsc#1233067). - CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061). - CVE-2024-50154: tcp: Fix use-after-free of nreq in reqsk_timer_handler() (bsc#1233070). - CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049). - CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057). - CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129). - CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135). - CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110). - CVE-2024-50188: net: phy: dp83869: fix memory corruption when enabling fiber (bsc#1233107). - CVE-2024-50192: irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs (bsc#1233106). - CVE-2024-50195: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() (bsc#1233103). - CVE-2024-50196: pinctrl: ocelot: fix system hang on level based interrupts (bsc#1233113). - CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293). - CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117). - CVE-2024-50229: nilfs2: fix potential deadlock with newly created symlinks (bsc#1233205). - CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206). - CVE-2024-50259: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() (bsc#1233214). - CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253). - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453). - CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456). - CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460). - CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462). - CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463). - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). - CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478). - CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484). - CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487). - CVE-2024-53052: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (bsc#1233548). - CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552). - CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555). - CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557). - CVE-2024-53068: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (bsc#1233561). - CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570). - CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085). The following non-security bugs were fixed: - acpi: battery: Call power_supply_changed() when adding hooks (bsc#1232154) - acpi: battery: Simplify battery hook locking (bsc#1232154) - acpi: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes). - acpi: CPPC: Fix _CPC register setting issue (git-fixes). - acpi: CPPC: Make rmw_lock a raw_spin_lock (git-fixes). - acpi: EC: Do not release locks during operation region accesses (stable-fixes). - acpi: PAD: fix crash in exit_round_robin() (stable-fixes). - acpi: PRM: Clean up guid type in struct prm_handler_info (git-fixes). - acpi: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes). - acpi: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes). - acpi: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes). - acpi: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes). - acpi: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes). - acpica: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes). - acpica: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes). - acpica: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes). - acpica: iasl: handle empty connection_node (stable-fixes). - ad7780: fix division by zero in ad7780_write_raw() (git-fixes). - adapt same struct naming as similar kABI workaround in SLE15-SP6 (prefixed with 'suse_' to make it more obvious its a downstream thing. - add bug reference for a mana change (bsc#1229769). - add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036). - add bugreference to a hv_netvsc patch (bsc#1232413). - afs: Revert 'afs: Hide silly-rename files from userspace' (git-fixes). - alsa: 6fire: Release resources at card release (git-fixes). - alsa: ac97: bus: Fix the mistake in the comment (git-fixes). - alsa: asihpi: Fix potential OOB array access (stable-fixes). - alsa: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes). - alsa: core: add isascii() check to card ID generator (stable-fixes). - alsa: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes). - alsa: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes). - alsa: hda: cs35l41: fix module autoloading (git-fixes). - alsa: hda: Fix kctl->id initialization (git-fixes). - alsa: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes). - alsa: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes). - alsa: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes). - alsa: hda/cs8409: Fix possible NULL dereference (git-fixes). - alsa: hda/generic: Unconditionally prefer preferred_dacs pairs (git-fixes). - alsa: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). - alsa: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). - alsa: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes). - alsa: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes). - alsa: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes). - alsa: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes). - alsa: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes). - alsa: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes). - alsa: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes). - alsa: hda/realtek: Fix the push button function for the ALC257 (git-fixes). - alsa: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes). - alsa: hda/realtek: Update ALC225 depop procedure (git-fixes). - alsa: hda/realtek: Update ALC256 depop procedure (git-fixes). - alsa: hda/realtek: Update default depop procedure (git-fixes). - alsa: hdsp: Break infinite MIDI input flush loop (stable-fixes). - alsa: line6: add hw monitor volume control to POD HD500X (stable-fixes). - alsa: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes). - alsa: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes). - alsa: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes). - alsa: usb-audio: Add input value sanity checks for standard types (stable-fixes). - alsa: usb-audio: Add logitech Audio profile quirk (stable-fixes). - alsa: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes). - alsa: usb-audio: Add quirk for HP 320 FHD Webcam (stable-fixes). - alsa: usb-audio: Add quirks for Dell WD19 dock (stable-fixes). - alsa: usb-audio: Define macros for quirk table entries (stable-fixes). - alsa: usb-audio: Replace complex quirk lines with macros (stable-fixes). - alsa: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes). - amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes). - arm64: cputype: Add Neoverse-N3 definitions (git-fixes) - arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes). - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes). - arm64: errata: Expand speculative SSBS workaround once more (git-fixes) - arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) - arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes) - arm64: Force position-independent veneers (git-fixes). - arm64: probes: Fix simulate_ldr*_literal() (git-fixes) - arm64: probes: Fix uprobes for big-endian kernels (git-fixes) - arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) - arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes) - arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes) - arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes) - arm64:uprobe fix the uprobe SWBP_INSN in big-endian (git-fixes) - arm64/sve: Discard stale CPU state when handling SVE traps (git-fixes) - asoc: allow module autoloading for table db1200_pids (stable-fixes). - asoc: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes). - asoc: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes). - asoc: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes). - asoc: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes). - asoc: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes). - asoc: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes). - asoc: intel: fix module autoloading (stable-fixes). - asoc: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes). - asoc: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes). - asoc: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes). - asoc: soc-pcm: Do not zero TDM masks in __soc_pcm_open() (git-fixes). - asoc: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes). - asoc: tda7419: fix module autoloading (stable-fixes). - blk-throttle: Fix io statistics for cgroup v1 (bsc#1233528). - block: Avoid leaking hctx->nr_active counter on batched completion (bsc#1231923). - block: print symbolic error name instead of error code (bsc#1231872). - bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes). - bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes). - bluetooth: Call iso_exit() on module unload (git-fixes). - bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes). - bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes). - bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes). - bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes). - bluetooth: Remove debugfs directory on module init failure (git-fixes). - bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes). - bnxt_en: Fix the PCI-AER routines (git-fixes). - bnxt_en: refactor reset close code (git-fixes). - bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters() (git-fixes). - bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes). - bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes). - bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes). - bnxt_en: Wait for FLR to complete during probe (git-fixes). - bpf, lsm: Add disabled BPF LSM hook list (git-fixes). - bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes). - bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes). - bpf, x64: Remove tail call detection (git-fixes). - bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes). - bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 (bsc#1230414 bsc#1229450). - bpf: Allow helpers to accept pointers with a fixed size (git-fixes). - bpf: Check for helper calls in check_subprogs() (git-fixes). - bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes). - bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes). - bpf: Fix helper writes to read-only maps (git-fixes). - bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). - bpf: Fix tailcall cases in test_bpf (git-fixes). - bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes). - bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes). - bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes). - btf, scripts: Exclude Rust CUs with pahole (bsc#1230414 bsc#1229450). - bus: integrator-lm: fix OF node leak in probe() (git-fixes). - can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes). - can: c_can: fix {rx,tx}_errors statistics (git-fixes). - can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes). - can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes). - can: j1939: j1939_session_new(): fix skb reference counting (git-fixes). - can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes). - can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes). - can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes). - ceph: fix cap ref leak via netfs init_request (bsc#1231383). - cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108). - char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes). - chtls: fix tp->rcv_tstamp initialization (git-fixes). - clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885). - clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885). - comedi: Flush partial mappings in error case (git-fixes). - comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes). - cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes). - crypto: bcm - add error check in the ahash_hmac_init function (git-fixes). - crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes). - crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes). - crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes). - crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes). - crypto: hisilicon - Remove pci_aer_clear_nonfatal_status() call (bsc#1232075) - crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF (bsc#1232075) - crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes). - crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes). - cxgb4: add forgotten u64 ivlan cast before shift (git-fixes). - cxgb4: Properly lock TX queue for the selftest (git-fixes). - cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes). - debugfs: fix automount d_fsdata usage (git-fixes). - dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). - drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes). - drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes). - driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes). - drivers: net: prevent tun_build_skb() to exceed the packet size limit (git-fixes). - drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes). - drm: komeda: Fix an issue related to normalized zpos (stable-fixes). - drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes). - drm/amd: Guard against bad data for ATIF ACPI method (git-fixes). - drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes). - drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) (stable-fixes). - drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (stable-fixes). - drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). - drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944) - drm/amd/display: Check null pointer before dereferencing se (stable-fixes). - drm/amd/display: Check null pointers before using dc->clk_mgr (stable-fixes). - drm/amd/display: Check stream before comparing them (stable-fixes). - drm/amd/display: Fix index out of bounds in DCN30 color transformation (stable-fixes). - drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (stable-fixes). - drm/amd/display: Fix index out of bounds in degamma hardware format translation (stable-fixes). - drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes). - drm/amd/display: Fix system hang while resume with TBT monitor (stable-fixes). - drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (stable-fixes). - drm/amd/display: Initialize get_bytes_per_element's default to 1 (stable-fixes). - drm/amd/display: Round calculated vtotal (stable-fixes). - drm/amd/display: Validate backlight caps are sane (stable-fixes). - drm/amd/pm: ensure the fw_info is not null before using it (stable-fixes). - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes). - drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). - drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes). - drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes). - drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). - drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes). - drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes). - drm/amdgpu: properly handle vbios fake edid sizing (git-fixes). - drm/amdgpu: Replace one-element array with flexible-array member (stable-fixes). - drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). - drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes). - drm/bridge: tc358767: Fix link properties discovery (git-fixes). - drm/bridge: tc358768: Fix DSI command tx (git-fixes). - drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes). - drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes). - drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes). - drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes). - drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes). - drm/msm/dpu: do not always program merge_3d block (git-fixes). - drm/msm/dpu: make sure phys resources are properly initialized (git-fixes). - drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes). - drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes). - drm/omap: Fix possible NULL dereference (git-fixes). - drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes). - drm/printer: Allow NULL data in devcoredump printer (stable-fixes). - drm/radeon: Fix encoder->possible_clones (git-fixes). - drm/radeon: properly handle vbios fake edid sizing (git-fixes). - drm/radeon: Replace one-element array with flexible-array member (stable-fixes). - drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes). - drm/rockchip: define gamma registers for RK3399 (stable-fixes). - drm/rockchip: support gamma control on RK3399 (stable-fixes). - drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes). - drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes). - drm/sti: avoid potential dereference of error pointers (git-fixes). - drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes). - drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes). - drm/v3d: Address race-condition in MMU flush (git-fixes). - drm/v3d: Stop the active perfmon before being destroyed (git-fixes). - drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes). - drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes). - drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes). - drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes). - drm/vc4: Stop the active perfmon before being destroyed (git-fixes). - drm/vmwgfx: Handle surface check failure correctly (git-fixes). - drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes). - drop HD-audio conexant patch that caused a regression on Thinkpad (bsc#1228269) - Drop OCFS2 patch causing a regression (bsc#1233255) - drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342) - e1000e: Fix S0ix residency on corporate systems (git-fixes). - efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465). - efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes). - erofs: avoid consecutive detection for Highmem memory (git-fixes). - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF (git-fixes). - erofs: fix pcluster use-after-free on UP platforms (git-fixes). - erofs: fix potential overflow calculating xattr_isize (git-fixes). - erofs: stop parsing non-compact HEAD index if clusterofs is invalid (git-fixes). - eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes). - exportfs: use pr_debug for unreachable debug statements (git-fixes). - ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) - fat: fix uninitialized variable (git-fixes). - fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes). - fbdev: sisfb: Fix strbuf array overflow (stable-fixes). - fgraph: Change the name of cpuhp state to 'fgraph:online' (git-fixes). - fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes). - fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes). - filelock: fix potential use-after-free in posix_lock_inode (git-fixes). - firmware: google: Unregister driver_info on failure (git-fixes). - firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes). - Fix regression on AMDGPU driver (bsc#1233134) - fs: Fix file_set_fowner LSM hook inconsistencies (git-fixes). - fs/namespace: fnic: Switch to use %ptTd (git-fixes). - fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes). - genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes). - goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes). - gpio: aspeed: Add the flush write to ensure the write complete (git-fixes). - gpio: aspeed: Use devm_clk api to manage clock source (git-fixes). - gpio: davinci: fix lazy disable (git-fixes). - gve: Fix an edge case for TSO skb validity check (git-fixes). - gve: Fix skb truesize underestimation (git-fixes). - gve: Fix XDP TX completion handling when counters overflow (git-fixes). - gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes). - hid: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes). - hid: core: zero-initialize the report buffer (git-fixes). - hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes). - hid: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes). - hid: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes). - hid: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes). - hid: multitouch: Add support for B2402FVA track point (stable-fixes). - hid: multitouch: Add support for GT7868Q (stable-fixes). - hid: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes). - hid: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes). - hid: wacom: Defer calculation of resolution until resolution_code is known (git-fixes). - hid: wacom: fix when get product name maybe null pointer (git-fixes). - hid: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes). - hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes). - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes). - hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes). - hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes). - hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes). - i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes). - i2c: imx-lpi2c: return -EINVAL when i2c peripheral clk does not work (bsc#1227885). - i2c: imx-lpi2c: use bulk clk API (bsc#1227885). - i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes). - i2c: xiic: Fix broken locking on tx_msg (stable-fixes). - i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes). - i2c: xiic: Fix RX IRQ busy check (stable-fixes). - i2c: xiic: improve error message when transfer fails to start (stable-fixes). - i2c: xiic: Switch from waitqueue to completion (stable-fixes). - i2c: xiic: Try re-initialization on bus busy timeout (git-fixes). - i2c: xiic: Use devm_clk_get_enabled() (stable-fixes). - i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path (git-fixes). - i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes). - i40e: avoid double calling i40e_pf_rxq_wait() (git-fixes). - i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes). - i40e: Fix filter input checks to prevent config with invalid values (git-fixes). - i40e: fix use-after-free in i40e_aqc_add_filters() (git-fixes). - i40e: Fix waiting for queues of all VSIs to be disabled (git-fixes). - i40e: Fix XDP program unloading while removing the driver (git-fixes). - i40e: Report MFS in decimal base instead of hex (git-fixes). - i40e: Restore VF MSI-X state during PCI reset (git-fixes). - i40e: take into account XDP Tx queues when stopping rings (git-fixes). - iavf: do not process adminq tasks when __IAVF_IN_REMOVE_TASK is set (git-fixes). - iavf: fix FDIR rule fields masks validation (git-fixes). - iavf: Fix promiscuous mode configuration flow messages (git-fixes). - iavf: Fix TC config comparison with existing adapter TC config (git-fixes). - iavf: in iavf_down, disable queues when removing the driver (git-fixes). - iavf: initialize waitqueues before starting watchdog_task (git-fixes). - iavf: Introduce new state machines for flow director (git-fixes). - iavf: send VLAN offloading caps once after VFR (git-fixes). - iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is zero (git-fixes). - ibmvnic: Do partial reset on login failure (bsc#1233150). - ibmvnic: Enforce stronger sanity checks on login response (bsc#1233150). - ibmvnic: Ensure login failure recovery is safe from other resets (bsc#1233150). - ibmvnic: Handle DMA unmapping of login buffs in release functions (bsc#1233150). - ibmvnic: Unmap DMA login rsp buffer on send login fail (bsc#1233150). - ice: avoid executing commands on other ports when driving sync (git-fixes). - ice: Block switchdev mode when ADQ is active and vice versa (git-fixes). - ice: change q_index variable type to s16 to store -1 value (git-fixes). - ice: fix accounting for filters shared by multiple VSIs (git-fixes). - ice: fix accounting if a VLAN already exists (git-fixes). - ice: fix ICE_LAST_OFFSET formula (git-fixes). - ice: Fix link_down_on_close message (git-fixes). - ice: Fix netif_is_ice() in Safe Mode (git-fixes). - ice: Fix NULL pointer deref during VF reset (git-fixes). - ice: fix over-shifted variable (git-fixes). - ice: fix receive buffer size miscalculation (git-fixes). - ice: fix VLAN replay after reset (git-fixes). - ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes). - ice: ice_aq_check_events: fix off-by-one check when filling buffer (git-fixes). - ice: Interpret .set_channels() input differently (git-fixes). - ice: reset first in crash dump kernels (git-fixes). - ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes). - ice: Shut down VSI with 'link-down-on-close' enabled (git-fixes). - ice: tc: allow zero flags in parsing tc flower (git-fixes). - ice: Unbind the workqueue (bsc#1231344). - ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes). - idpf: avoid compiler introduced padding in virtchnl2_rss_key struct (git-fixes). - idpf: avoid compiler padding in virtchnl2_ptype struct (git-fixes). - idpf: disable local BH when scheduling napi for marker packets (git-fixes). - idpf: distinguish vports by the dev_port attribute (git-fixes). - idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes). - idpf: fix corrupted frames and skb leaks in singleq mode (git-fixes). - idpf: fix memleak in vport interrupt configuration (git-fixes). - idpf: fix memory leaks and crashes while performing a soft reset (git-fixes). - idpf: fix UAFs when destroying the queues (git-fixes). - idpf: Interpret .set_channels() input differently (git-fixes). - igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes). - igb: extend PTP timestamp adjustments to i211 (git-fixes). - igb: Fix missing time sync events (git-fixes). - igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes). - igc: Check VLAN EtherType mask (git-fixes). - igc: Check VLAN TCI mask (git-fixes). - igc: Fix hicredit calculation (git-fixes). - igc: Fix missing time sync events (git-fixes). - igc: Remove temporary workaround (git-fixes). - igc: Report VLAN EtherType matching back to user (git-fixes). - igc: Unlock on error in igc_io_resume() (git-fixes). - iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes). - iio: adc: ad7606: Fix typo in the driver name (git-fixes). - iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes). - iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes). - iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes). - iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes). - iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes). - iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes). - iio: light: opt3001: add missing full-scale range value (git-fixes). - iio: light: veml6030: fix ALS sensor resolution (git-fixes). - iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes). - iio: light: veml6030: fix microlux value calculation (git-fixes). - iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). - initramfs: avoid filename buffer overrun (bsc#1232436). - input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes). - input: adp5589-keys - fix NULL pointer dereference (git-fixes). - input: ads7846 - ratelimit the spi_sync error message (stable-fixes). - input: goodix - use the new soc_intel_is_byt() helper (stable-fixes). - input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (git-fixes). - input: i8042 - add Ayaneo Kun to i8042 quirk table (git-fixes). - input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (git-fixes). - input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (git-fixes). - input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (git-fixes). - input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes). - iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes). - ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). - ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). - irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes). - irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes). - itco_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes). - ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes). - ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes). - ixgbe: fix crash with empty VF macvlan list (git-fixes). - ixgbe: fix timestamp configuration code (git-fixes). - jfs: check if leafidx greater than num leaves per dmap tree (git-fixes). - jfs: Fix sanity check in dbMount (git-fixes). - jfs: Fix uaf in dbFreeBits (git-fixes). - jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes). - jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes). - kab: fix after net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes). - kabi fix of KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). - kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes). - kABI: bpf: struct bpf_func_proto kABI workaround (git-fixes). - kabi: fix after kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). - kabi: fix after KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). - kabi: Restore exported __arm_smccc_sve_check (git-fixes) - kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450). - kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450). - kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450). - kbuild: add test-{ge,gt,le,lt} macros (bsc#1230414 bsc#1229450). - kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450). - kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450). - kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644). - kernel.h: split out COUNT_ARGS() and CONCATENATE() to args.h (git-fixes) - kexec: fix a memory leak in crash_shrink_memory() (git-fixes). - kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). - kvm: Add support for arch compat vm ioctls (git-fixes). - kvm: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). - kvm: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes). - kvm: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). - kvm: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). - kvm: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes). - kvm: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). - kvm: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). - kvm: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes). - kvm: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). - kvm: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). - kvm: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes). - kvm: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). - kvm: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes). - kvm: eventfd: Fix false positive RCU usage warning (git-fixes). - kvm: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes). - kvm: Fix lockdep false negative during host resume (git-fixes). - kvm: fix memoryleak in kvm_init() (git-fixes). - kvm: Grab a reference to KVM for VM and vCPU stats file descriptors (git-fixes). - kvm: Optimize kvm_make_vcpus_request_mask() a bit (git-fixes). - kvm: PPC: Book3S HV: remove unused varible (bsc#1194869). - kvm: Pre-allocate cpumasks for kvm_make_all_cpus_request_except() (git-fixes). - kvm: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). - kvm: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232631). - kvm: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231277). - kvm: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232630). - kvm: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes). - kvm: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes). - kvm: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes). - kvm: Unconditionally get a ref to /dev/kvm module when creating a VM (git-fixes). - kvm: Write the per-page 'segment' when clearing (part of) a guest page (git-fixes). - kvm: x86: Use a stable condition around all VT-d PI paths (git-fixes). - kvm: x86/mmu: Fold rmap_recycle into rmap_add (git-fixes). - kvm: x86/mmu: Rename slot_handle_leaf to slot_handle_level_4k (git-fixes). - kvm/arm64: rework guest entry logic (git-fixes). - mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes). - Makefile.compiler: replace cc-ifversion with compiler-specific macros (bsc#1230414 bsc#1229450). - media: adv7604: prevent underflow condition when reporting colorspace (git-fixes). - media: cx24116: prevent overflows on SNR calculus (git-fixes). - media: dvb_frontend: do not play tricks with underflow values (git-fixes). - media: dvb-usb-v2: af9035: fix missing unlock (git-fixes). - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer (stable-fixes). - media: dvbdev: prevent the risk of out of memory access (git-fixes). - media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes). - media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes). - media: stb0899_algo: initialize cfr before using it (git-fixes). - media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes). - media: v4l2-tpg: prevent the risk of a division by zero (git-fixes). - media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes). - mei: use kvmalloc for read buffer (git-fixes). - misc: apds990x: Fix missing pm_runtime_disable() (git-fixes). - mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012). - mm/memory: add non-anonymous page check in the copy_present_page() (bsc#1231646). - modpost: remove incorrect code in do_eisa_entry() (git-fixes). - module: abort module loading when sysfs setup suffer errors (git-fixes). - nbd: fix race between timeout and normal completion (bsc#1230918). - net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes). - net: ena: Fix potential sign extension issue (git-fixes). - net: ena: Remove ena_select_queue (git-fixes). - net: ena: Wrong missing IO completions check order (git-fixes). - net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891). - net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289). - net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes). - net: relax socket state check at accept time (git-fixes). - net: socket: suppress unused warning (git-fixes). - net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes). - net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes). - net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes). - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes). - net: usb: usbnet: fix name regression (git-fixes). - net: usb: usbnet: fix race in probe failure (git-fixes). - net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes). - net/mlx5: Added cond_resched() to crdump collection (git-fixes). - net/mlx5: Allow 0 for total host VFs (git-fixes). - net/mlx5: Correctly compare pkt reformat ids (git-fixes). - net/mlx5: DR, Can't go to uplink vport on RX rule (git-fixes). - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx (git-fixes). - net/mlx5: DR, Use the right GVMI number for drop action (git-fixes). - net/mlx5: Drain health before unregistering devlink (git-fixes). - net/mlx5: E-switch, register event handler before arming the event (git-fixes). - net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes). - net/mlx5: Fix fw tracer first block check (git-fixes). - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx (git-fixes). - net/mlx5: fs, lock FTE when checking if active (git-fixes). - net/mlx5: Handle fw tracer change ownership event based on MTRC (git-fixes). - net/mlx5: LAG, Check correct bucket when modifying LAG (git-fixes). - net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes). - net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes). - net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes). - net/mlx5: Skip clock update work when device is in error state (git-fixes). - net/mlx5: Unregister notifier on eswitch init failure (git-fixes). - net/mlx5: Update the list of the PCI supported devices (git-fixes). - net/mlx5: Use mlx5 device constant for selecting CQ period mode for ASO (git-fixes). - net/mlx5: Use recovery timeout on sync reset flow (git-fixes). - net/mlx5: Use RMW accessors for changing LNKCTL (git-fixes). - net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes). - net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes). - net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes). - net/mlx5e: Again mutually exclude RX-FCS and RX-port-timestamp (git-fixes). - net/mlx5e: Allow software parsing when IPsec crypto is enabled (git-fixes). - net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes). - net/mlx5e: Check return value of snprintf writing to fw_version buffer (git-fixes). - net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors (git-fixes). - net/mlx5e: Correct snprintf truncation handling for fw_version buffer (git-fixes). - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used by representors (git-fixes). - net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes). - net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes). - net/mlx5e: Do not offload internal port if filter device is out device (git-fixes). - net/mlx5e: fix a potential double-free in fs_udp_create_groups (git-fixes). - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set (git-fixes). - net/mlx5e: fix double free in macsec_fs_tx_create_crypto_table_groups (git-fixes). - net/mlx5e: fix double free of encap_header (git-fixes). - net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes). - net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes). - net/mlx5e: Fix pedit endianness (git-fixes). - net/mlx5e: Fix possible deadlock on mlx5e_tx_timeout_work (git-fixes). - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() (git-fixes). - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list() (git-fixes). - net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes). - net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes). - net/mlx5e: kTLS, Fix incorrect page refcounting (git-fixes). - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx (git-fixes). - net/mlx5e: Reduce the size of icosq_str (git-fixes). - net/mlx5e: Take state lock during tx timeout reporter (git-fixes). - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes). - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX (bsc#1226797) - netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes). - nfs: Avoid unnecessary rescanning of the per-server delegation list (git-fixes). - nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes). - nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). - nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes). - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). - nfsd: Fix NFSv4's PUTPUBFH operation (git-fixes). - nfsd: fix refcount leak when file is unhashed after being found (git-fixes). - nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes). - nfsd: Mark filecache 'down' if init fails (git-fixes). - nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes). - nfsd: return -EINVAL when namelen is 0 (git-fixes). - nfsv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). - nfsv4: Fix clearing of layout segments in layoutreturn (git-fixes). - nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes). - nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes). - ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes). - ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (stable-fixes). - nvme-fabrics: fix kernel crash while shutting down controller (git-fixes). - nvme-multipath: system fails to create generic nvme device (git-fixes). - nvme-pci: fix freeing of the HMB descriptor table (git-fixes). - nvme-pci: qdepth 1 quirk (git-fixes). - nvme-pci: reverse request order in nvme_queue_rqs (git-fixes). - nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes). - ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes). - ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes). - ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes). - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes). - parport: Proper fix for array out-of-bounds access (git-fixes). - pci: Add ACS quirk for Qualcomm SA8775P (stable-fixes). - pci: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes). - pci: Add T_PVPERL macro (git-fixes). - pci: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes). - pci: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019). - pci: Fix reset_method_store() memory leak (git-fixes). - pci: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes). - pci: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes). - pci: keystone: Set mode as Root Complex for 'ti,keystone-pcie' compatible (git-fixes). - pci: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes). - pci: rockchip-ep: Fix address translation unit programming (git-fixes). - phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes). - platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes). - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes). - platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes). - platform/x86: dell-sysman: add support for alienware products (stable-fixes). - platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes). - platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes). - posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098). - power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes). - power: supply: bq27xxx: Fix registers of bq27426 (git-fixes). - power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes). - powerpc: Allow clearing and restoring registers independent of saved breakpoint state (bsc#1194869). - powerpc: remove GCC version check for UPD_CONSTR (bsc#1194869). - powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869). - powerpc/asm: Remove UPD_CONSTR after GCC 4.9 removal (bsc#1194869). - powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869). - powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869). - powerpc/boot: Only free if realloc() succeeds (bsc#1194869). - powerpc/code-patching: Add generic memory patching (bsc#1194869). - powerpc/code-patching: Consolidate and cache per-cpu patching context (bsc#1194869). - powerpc/code-patching: Do not call is_vmalloc_or_module_addr() without CONFIG_MODULES (bsc#1194869). - powerpc/code-patching: Fix error handling in do_patch_instruction() (bsc#1194869). - powerpc/code-patching: Fix oops with DEBUG_VM enabled (bsc#1194869). - powerpc/code-patching: Fix unmap_patch_area() error handling (bsc#1194869). - powerpc/code-patching: introduce patch_instructions() (bsc#1194869). - powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869). - powerpc/code-patching: Pre-map patch area (bsc#1194869). - powerpc/code-patching: Remove #ifdef CONFIG_STRICT_KERNEL_RWX (bsc#1194869). - powerpc/code-patching: Remove pr_debug()/pr_devel() messages and fix check() (bsc#1194869). - powerpc/code-patching: Reorganise do_patch_instruction() to ease error handling (bsc#1194869). - powerpc/code-patching: Speed up page mapping/unmapping (bsc#1194869). - powerpc/code-patching: Use jump_label to check if poking_init() is done (bsc#1194869). - powerpc/code-patching: Use temporary mm for Radix MMU (bsc#1194869). - powerpc/code-patching: Use WARN_ON and fix check in poking_init (bsc#1194869). - powerpc/ftrace: Use patch_instruction() return directly (bsc#1194869). - powerpc/imc-pmu: Fix use of mutex in IRQs disabled section (bsc#1054914 git-fixes). - powerpc/imc-pmu: Use the correct spinlock initializer (bsc#1054914 git-fixes). - powerpc/inst: Refactor ___get_user_instr() (bsc#1194869). - powerpc/kexec: Fix return of uninitialized variable (bsc#1194869). - powerpc/lib: Add __init attribute to eligible functions (bsc#1194869). - powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869). - powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869). - powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869). - powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869). - powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869). - powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869). - powerpc/tlb: Add local flush for page given mm_struct and psize (bsc#1194869). - powerpc/vdso: augment VDSO32 functions to support 64 bits build (bsc#1194869). - powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869). - powerpc/vdso: Merge vdso64 and vdso32 into a single directory (bsc#1194869). - powerpc/vdso: Rework VDSO32 makefile to add a prefix to object files (bsc#1194869). - powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869). - powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729). - qed: avoid truncating work queue length (git-fixes). - rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631). - rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full (bsc#1231327) - rdma/bnxt_re: Add a check for memory allocation (git-fixes) - rdma/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes) - rdma/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes) - rdma/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes) - rdma/bnxt_re: Fix the GID table length (git-fixes) - rdma/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes) - rdma/bnxt_re: Fix the usage of control path spin locks (git-fixes) - rdma/bnxt_re: Return more meaningful error (git-fixes) - rdma/bnxt_re: synchronize the qp-handle table array (git-fixes) - rdma/cxgb4: Dump vendor specific QP details (git-fixes) - rdma/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes) - rdma/hns: Add clear_hem return value to log (git-fixes) - rdma/hns: Add mutex_destroy() (git-fixes) - rdma/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes) - rdma/hns: Fix cpu stuck caused by printings during reset (git-fixes) - rdma/hns: Fix different dgids mapping to the same dip_idx (git-fixes) - rdma/hns: Fix flush cqe error when racing with destroy qp (git-fixes) - rdma/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes) - rdma/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes) - rdma/hns: Remove unnecessary QP type checks (git-fixes) - rdma/hns: Remove unused abnormal interrupt of type RAS (git-fixes) - rdma/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes) - rdma/hns: Use macro instead of magic number (git-fixes) - rdma/irdma: Fix misspelling of 'accept*' (git-fixes) - rdma/mad: Improve handling of timed out WRs of mad agent (git-fixes) - rdma/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes). - rdma/mana_ib: use the correct page table index based on hardware page size (git-fixes). - rdma/mlx5: Move events notifier registration to be after device registration (git-fixes) - rdma/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes) - rdma/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes). - rdma/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes) - rdma/rxe: Fix the qp flush warnings in req (git-fixes) - rdma/rxe: Set queue pair cur_qp_state when being queried (git-fixes) - rdma/srpt: Make slab cache names unique (git-fixes) - Removed the duplicated check of static_assert(sizeof(struct work_struct) >= sizeof(struct rcu_head)). - Removed unnecessary white-space change in kernel/bpf/syscall.c - Revert 'cgroup: Fix memory leak caused by missing cgroup_bpf_offline' (bsc#1234108). - Revert 'ixgbe: Manual AN-37 for troublesome link partners for X550 SFI' (git-fixes). - Revert 'KVM: Prevent module exit until all VMs are freed' (git-fixes). - Revert 'mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K' (git-fixes). - Revert 'usb: gadget: composite: fix OS descriptors w_value logic' (git-fixes). - Revert 'usb: yurex: Replace snprintf() with the safer scnprintf() variant' (stable-fixes). - Revert PM changes that caused a regression on S4 resume (bsc#1231578). - rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK. - rpm/check-for-config-changes: Exclude ARCH_USING_PATCHABLE_FUNCTION_ENTRY gcc version dependent, at least on ppc - rpm/release-projects: Add SLFO projects (bsc#1231293). - rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644) - rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes). - rtc: abx80x: Fix WDT bit position of the status register (git-fixes). - rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes). - rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747). - s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232632). - sched/isolation: Prevent boot crash when the boot CPU is (bsc#1231327) - scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes). - scsi: core: alua: I/O errors for ALUA state transitions (git-fixes). - scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes). - scsi: core: Handle devices which return an unusually large VPD page count (git-fixes). - scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (git-fixes). - scsi: fnic: Move flush_work initialization out of if block (bsc#1230055). - scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes). - scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes). - scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes). - scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241). - scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757). - scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241). - scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241). - scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241). - scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241). - scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241). - scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757). - scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757). - scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241). - scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241). - scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241). - scsi: lpfc: Remove trailing space after \n newline (bsc#1232757). - scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (git-fixes). - scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757). - scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757). - scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757). - scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241). - scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241). - scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757). - scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes). - scsi: mac_scsi: Refactor polling loop (git-fixes). - scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes). - scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes). - scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes). - scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes). - scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes). - scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes). - scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes). - scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes). - scsi: smartpqi: correct stream detection (git-fixes). - scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes). - scsi: spi: Fix sshdr use (git-fixes). - scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes). - security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes). - selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes). - selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes). - selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes). - selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes). - selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes). - serial: 8250: omap: Move pm_runtime_get_sync (git-fixes). - sfc: Check firmware supports Ethernet PTP filter (git-fixes). - sfc: do not unregister flow_indr if it was never registered (git-fixes). - sfc: fix a double-free bug in efx_probe_filters (git-fixes). - signal: Replace BUG_ON()s (bsc#1234093). - spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes). - spi: bcm63xx: Enable module autoloading (stable-fixes). - spi: bcm63xx: Fix module autoloading (git-fixes). - spi: Fix acpi deferred irq probe (git-fixes). - spi: lpspi: release requested DMA channels (stable-fixes). - spi: lpspi: Silence error message upon deferred probe (stable-fixes). - spi: lpspi: Simplify some error message (git-fixes). - spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes). - spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes). - spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes). - spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes). - spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes). - spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes). - staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes). - static_call: Do not make __static_call_return0 static (git-fixes). - sunrpc: clnt.c: Remove misleading comment (git-fixes). - sunrpc: Fix integer overflow in decode_rc_list() (git-fixes). - sunrpc: Fixup gss_status tracepoint error output (git-fixes). - thermal: core: Initialize thermal zones before registering them (git-fixes). - thermal: intel: int340x: processor: Fix warning during module unload (git-fixes). - tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes). - tracing: Consider the NULL character when validating the event length (git-fixes). - tracing/hwlat: Fix a race during cpuhp processing (git-fixes). - tracing/uprobes: Use trace_event_buffer_reserve() helper (git-fixes). - tun: Fix xdp_rxq_info's queue_index when detaching (git-fixes). - tun: prevent negative ifindex (git-fixes). - ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460). - Update config files (bsc#1218644). LIVEPATCH_IPA_CLONES=n => LIVEPATCH=n - Update config files. Enabled IDPF for ARM64 (bsc#1221309) - uprobe: avoid out-of-bounds memory access of fetching args (git-fixes). - uprobes: encapsulate preparation of uprobe args buffer (git-fixes). - usb: appledisplay: close race between probe and completion handler (stable-fixes). - usb: chaoskey: fail open after removal (git-fixes). - usb: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes). - usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes). - usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes). - usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes). - usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes). - usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes). - usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes). - usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes). - usb: gadget: core: force synchronous registration (git-fixes). - usb: misc: cypress_cy7c63: check for short transfer (stable-fixes). - usb: misc: yurex: fix race between read and write (stable-fixes). - usb: musb: sunxi: Fix accessing an released usb phy (git-fixes). - usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes). - usb: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes). - usb: serial: io_edgeport: fix use after free in debug printk (git-fixes). - usb: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes). - usb: serial: option: add Quectel RG650V (stable-fixes). - usb: serial: option: add support for Quectel EG916Q-GL (stable-fixes). - usb: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes). - usb: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes). - usb: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes). - usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes). - usb: typec: altmode should keep reference to parent (git-fixes). - usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes). - usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes). - usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes). - usb: xhci: Fix problem with xhci resume from suspend (stable-fixes). - usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes). - usb: yurex: Fix inconsistent locking bug in yurex_read() (git-fixes). - usb: yurex: make waiting on yurex_write interruptible (git-fixes). - usb: yurex: Replace snprintf() with the safer scnprintf() variant (stable-fixes). - usbip: tools: Fix detach_port() invalid port error path (git-fixes). - usbnet: ipheth: fix carrier detection in modes 1 and 4 (stable-fixes). - Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450). - vdpa/mlx5: preserve CVQ vringh index (git-fixes). - vhost_vdpa: assign irq bypass producer token correctly (git-fixes). - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes). - virtio_console: fix misc probe bugs (git-fixes). - virtio_net: fixing XDP for fully checksummed packets handling (git-fixes). - virtio-net: synchronize probe with ndo_set_features (git-fixes). - vmxnet3: add command to allow disabling of offloads (bsc#1226498). - vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498). - vmxnet3: prepare for version 9 changes (bsc#1226498). - vmxnet3: update to version 9 (bsc#1226498). - vsock/virtio: fix packet delivery to tap device (git-fixes). - watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes). - watchdog: rti: of: honor timeout-sec property (git-fixes). - wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes). - wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes). - wifi: ath10k: Fix memory leak in management tx (git-fixes). - wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes). - wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes). - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes). - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes). - wifi: ath9k: fix parameter check in ath9k_init_debug() (stable-fixes). - wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes). - wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes). - wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes). - wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes). - wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes). - wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes). - wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (stable-fixes). - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes). - wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes). - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes). - wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes). - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes). - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes). - wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes). - workqueue: Avoid using isolated cpus' timers on (bsc#1231327) - workqueue: mark power efficient workqueue as unbounded if (bsc#1231327) - x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes). - x86/bugs: Skip RSB fill at VMEXIT (git-fixes). - x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes). - x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes). - x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes). - x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes). - x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405). - x86/kvm: fix is_stale_page_fault() (bsc#1221333). - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). - xhci: Fix incorrect stream context type macro (git-fixes). - xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes). - xhci: Mitigate failed set dequeue pointer commands (git-fixes). - xhci: Separate PORT and CAPs macros into dedicated file (stable-fixes). - xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes). Important SUSE bug 1054914 SUSE bug 1065729 SUSE bug 1082555 SUSE bug 1194869 SUSE bug 1204171 SUSE bug 1205796 SUSE bug 1206188 SUSE bug 1206344 SUSE bug 1209290 SUSE bug 1210449 SUSE bug 1210627 SUSE bug 1213034 SUSE bug 1216813 SUSE bug 1218562 SUSE bug 1218644 SUSE bug 1220382 SUSE bug 1221309 SUSE bug 1221333 SUSE bug 1222364 SUSE bug 1222590 SUSE bug 1223202 SUSE bug 1223384 SUSE bug 1223524 SUSE bug 1223656 SUSE bug 1223824 SUSE bug 1223848 SUSE bug 1223919 SUSE bug 1223942 SUSE bug 1224518 SUSE bug 1224526 SUSE bug 1224574 SUSE bug 1225189 SUSE bug 1225336 SUSE bug 1225611 SUSE bug 1225725 SUSE bug 1225730 SUSE bug 1225742 SUSE bug 1225762 SUSE bug 1225764 SUSE bug 1225812 SUSE bug 1226498 SUSE bug 1226560 SUSE bug 1226592 SUSE bug 1226631 SUSE bug 1226748 SUSE bug 1226797 SUSE bug 1226872 SUSE bug 1227437 SUSE bug 1227853 SUSE bug 1227885 SUSE bug 1228119 SUSE bug 1228269 SUSE bug 1228410 SUSE bug 1228430 SUSE bug 1228486 SUSE bug 1228650 SUSE bug 1228709 SUSE bug 1228743 SUSE bug 1228747 SUSE bug 1228857 SUSE bug 1229005 SUSE bug 1229019 SUSE bug 1229312 SUSE bug 1229429 SUSE bug 1229450 SUSE bug 1229454 SUSE bug 1229456 SUSE bug 1229556 SUSE bug 1229585 SUSE bug 1229752 SUSE bug 1229769 SUSE bug 1229808 SUSE bug 1229837 SUSE bug 1229891 SUSE bug 1230055 SUSE bug 1230179 SUSE bug 1230220 SUSE bug 1230231 SUSE bug 1230270 SUSE bug 1230289 SUSE bug 1230405 SUSE bug 1230414 SUSE bug 1230429 SUSE bug 1230456 SUSE bug 1230550 SUSE bug 1230558 SUSE bug 1230600 SUSE bug 1230620 SUSE bug 1230715 SUSE bug 1230722 SUSE bug 1230763 SUSE bug 1230773 SUSE bug 1230774 SUSE bug 1230801 SUSE bug 1230827 SUSE bug 1230903 SUSE bug 1230918 SUSE bug 1231016 SUSE bug 1231072 SUSE bug 1231073 SUSE bug 1231083 SUSE bug 1231084 SUSE bug 1231085 SUSE bug 1231087 SUSE bug 1231089 SUSE bug 1231094 SUSE bug 1231096 SUSE bug 1231098 SUSE bug 1231101 SUSE bug 1231105 SUSE bug 1231108 SUSE bug 1231111 SUSE bug 1231114 SUSE bug 1231115 SUSE bug 1231132 SUSE bug 1231135 SUSE bug 1231138 SUSE bug 1231148 SUSE bug 1231169 SUSE bug 1231178 SUSE bug 1231179 SUSE bug 1231180 SUSE bug 1231181 SUSE bug 1231187 SUSE bug 1231191 SUSE bug 1231193 SUSE bug 1231195 SUSE bug 1231197 SUSE bug 1231200 SUSE bug 1231202 SUSE bug 1231203 SUSE bug 1231277 SUSE bug 1231293 SUSE bug 1231327 SUSE bug 1231344 SUSE bug 1231375 SUSE bug 1231383 SUSE bug 1231434 SUSE bug 1231439 SUSE bug 1231441 SUSE bug 1231442 SUSE bug 1231452 SUSE bug 1231465 SUSE bug 1231474 SUSE bug 1231481 SUSE bug 1231496 SUSE bug 1231502 SUSE bug 1231537 SUSE bug 1231539 SUSE bug 1231540 SUSE bug 1231541 SUSE bug 1231578 SUSE bug 1231646 SUSE bug 1231673 SUSE bug 1231849 SUSE bug 1231856 SUSE bug 1231857 SUSE bug 1231858 SUSE bug 1231859 SUSE bug 1231861 SUSE bug 1231864 SUSE bug 1231872 SUSE bug 1231883 SUSE bug 1231885 SUSE bug 1231887 SUSE bug 1231888 SUSE bug 1231889 SUSE bug 1231890 SUSE bug 1231892 SUSE bug 1231893 SUSE bug 1231895 SUSE bug 1231896 SUSE bug 1231897 SUSE bug 1231902 SUSE bug 1231903 SUSE bug 1231904 SUSE bug 1231907 SUSE bug 1231914 SUSE bug 1231916 SUSE bug 1231920 SUSE bug 1231923 SUSE bug 1231929 SUSE bug 1231930 SUSE bug 1231931 SUSE bug 1231935 SUSE bug 1231936 SUSE bug 1231937 SUSE bug 1231938 SUSE bug 1231939 SUSE bug 1231940 SUSE bug 1231941 SUSE bug 1231942 SUSE bug 1231944 SUSE bug 1231947 SUSE bug 1231950 SUSE bug 1231952 SUSE bug 1231953 SUSE bug 1231954 SUSE bug 1231958 SUSE bug 1231959 SUSE bug 1231960 SUSE bug 1231961 SUSE bug 1231962 SUSE bug 1231965 SUSE bug 1231967 SUSE bug 1231968 SUSE bug 1231972 SUSE bug 1231973 SUSE bug 1231976 SUSE bug 1231978 SUSE bug 1231979 SUSE bug 1231987 SUSE bug 1231988 SUSE bug 1231990 SUSE bug 1231991 SUSE bug 1231992 SUSE bug 1231995 SUSE bug 1231996 SUSE bug 1231997 SUSE bug 1231998 SUSE bug 1232001 SUSE bug 1232004 SUSE bug 1232005 SUSE bug 1232006 SUSE bug 1232007 SUSE bug 1232013 SUSE bug 1232015 SUSE bug 1232016 SUSE bug 1232017 SUSE bug 1232025 SUSE bug 1232026 SUSE bug 1232027 SUSE bug 1232028 SUSE bug 1232033 SUSE bug 1232034 SUSE bug 1232035 SUSE bug 1232036 SUSE bug 1232037 SUSE bug 1232038 SUSE bug 1232039 SUSE bug 1232043 SUSE bug 1232047 SUSE bug 1232048 SUSE bug 1232049 SUSE bug 1232050 SUSE bug 1232056 SUSE bug 1232067 SUSE bug 1232069 SUSE bug 1232070 SUSE bug 1232071 SUSE bug 1232075 SUSE bug 1232076 SUSE bug 1232080 SUSE bug 1232083 SUSE bug 1232084 SUSE bug 1232085 SUSE bug 1232089 SUSE bug 1232094 SUSE bug 1232096 SUSE bug 1232097 SUSE bug 1232098 SUSE bug 1232104 SUSE bug 1232105 SUSE bug 1232108 SUSE bug 1232111 SUSE bug 1232114 SUSE bug 1232116 SUSE bug 1232119 SUSE bug 1232120 SUSE bug 1232123 SUSE bug 1232124 SUSE bug 1232126 SUSE bug 1232133 SUSE bug 1232134 SUSE bug 1232135 SUSE bug 1232136 SUSE bug 1232140 SUSE bug 1232141 SUSE bug 1232142 SUSE bug 1232145 SUSE bug 1232147 SUSE bug 1232149 SUSE bug 1232150 SUSE bug 1232151 SUSE bug 1232152 SUSE bug 1232154 SUSE bug 1232155 SUSE bug 1232159 SUSE bug 1232160 SUSE bug 1232162 SUSE bug 1232163 SUSE bug 1232164 SUSE bug 1232165 SUSE bug 1232170 SUSE bug 1232172 SUSE bug 1232174 SUSE bug 1232175 SUSE bug 1232180 SUSE bug 1232185 SUSE bug 1232187 SUSE bug 1232189 SUSE bug 1232191 SUSE bug 1232195 SUSE bug 1232196 SUSE bug 1232198 SUSE bug 1232199 SUSE bug 1232200 SUSE bug 1232201 SUSE bug 1232217 SUSE bug 1232218 SUSE bug 1232220 SUSE bug 1232221 SUSE bug 1232224 SUSE bug 1232229 SUSE bug 1232232 SUSE bug 1232233 SUSE bug 1232237 SUSE bug 1232251 SUSE bug 1232253 SUSE bug 1232254 SUSE bug 1232255 SUSE bug 1232259 SUSE bug 1232260 SUSE bug 1232262 SUSE bug 1232263 SUSE bug 1232264 SUSE bug 1232272 SUSE bug 1232279 SUSE bug 1232282 SUSE bug 1232285 SUSE bug 1232286 SUSE bug 1232287 SUSE bug 1232293 SUSE bug 1232304 SUSE bug 1232305 SUSE bug 1232307 SUSE bug 1232309 SUSE bug 1232310 SUSE bug 1232312 SUSE bug 1232313 SUSE bug 1232314 SUSE bug 1232316 SUSE bug 1232317 SUSE bug 1232318 SUSE bug 1232329 SUSE bug 1232332 SUSE bug 1232333 SUSE bug 1232334 SUSE bug 1232335 SUSE bug 1232337 SUSE bug 1232339 SUSE bug 1232342 SUSE bug 1232345 SUSE bug 1232349 SUSE bug 1232352 SUSE bug 1232354 SUSE bug 1232355 SUSE bug 1232357 SUSE bug 1232358 SUSE bug 1232359 SUSE bug 1232361 SUSE bug 1232362 SUSE bug 1232364 SUSE bug 1232366 SUSE bug 1232367 SUSE bug 1232368 SUSE bug 1232369 SUSE bug 1232370 SUSE bug 1232371 SUSE bug 1232374 SUSE bug 1232378 SUSE bug 1232381 SUSE bug 1232383 SUSE bug 1232385 SUSE bug 1232387 SUSE bug 1232392 SUSE bug 1232394 SUSE bug 1232395 SUSE bug 1232413 SUSE bug 1232416 SUSE bug 1232418 SUSE bug 1232424 SUSE bug 1232432 SUSE bug 1232435 SUSE bug 1232436 SUSE bug 1232442 SUSE bug 1232446 SUSE bug 1232483 SUSE bug 1232500 SUSE bug 1232501 SUSE bug 1232503 SUSE bug 1232504 SUSE bug 1232507 SUSE bug 1232519 SUSE bug 1232520 SUSE bug 1232552 SUSE bug 1232630 SUSE bug 1232631 SUSE bug 1232632 SUSE bug 1232757 SUSE bug 1232819 SUSE bug 1232860 SUSE bug 1232870 SUSE bug 1232873 SUSE bug 1232877 SUSE bug 1232878 SUSE bug 1232881 SUSE bug 1232884 SUSE bug 1232885 SUSE bug 1232887 SUSE bug 1232888 SUSE bug 1232890 SUSE bug 1232892 SUSE bug 1232896 SUSE bug 1232897 SUSE bug 1232905 SUSE bug 1232907 SUSE bug 1232919 SUSE bug 1232926 SUSE bug 1232928 SUSE bug 1232935 SUSE bug 1233035 SUSE bug 1233049 SUSE bug 1233051 SUSE bug 1233056 SUSE bug 1233057 SUSE bug 1233061 SUSE bug 1233063 SUSE bug 1233065 SUSE bug 1233067 SUSE bug 1233070 SUSE bug 1233073 SUSE bug 1233074 SUSE bug 1233100 SUSE bug 1233103 SUSE bug 1233104 SUSE bug 1233105 SUSE bug 1233106 SUSE bug 1233107 SUSE bug 1233108 SUSE bug 1233110 SUSE bug 1233111 SUSE bug 1233113 SUSE bug 1233114 SUSE bug 1233117 SUSE bug 1233123 SUSE bug 1233125 SUSE bug 1233129 SUSE bug 1233130 SUSE bug 1233134 SUSE bug 1233135 SUSE bug 1233150 SUSE bug 1233189 SUSE bug 1233191 SUSE bug 1233197 SUSE bug 1233205 SUSE bug 1233206 SUSE bug 1233209 SUSE bug 1233210 SUSE bug 1233211 SUSE bug 1233212 SUSE bug 1233214 SUSE bug 1233216 SUSE bug 1233238 SUSE bug 1233241 SUSE bug 1233253 SUSE bug 1233255 SUSE bug 1233293 SUSE bug 1233350 SUSE bug 1233452 SUSE bug 1233453 SUSE bug 1233454 SUSE bug 1233456 SUSE bug 1233457 SUSE bug 1233458 SUSE bug 1233460 SUSE bug 1233462 SUSE bug 1233463 SUSE bug 1233468 SUSE bug 1233471 SUSE bug 1233476 SUSE bug 1233478 SUSE bug 1233479 SUSE bug 1233481 SUSE bug 1233484 SUSE bug 1233487 SUSE bug 1233490 SUSE bug 1233491 SUSE bug 1233528 SUSE bug 1233548 SUSE bug 1233552 SUSE bug 1233553 SUSE bug 1233554 SUSE bug 1233555 SUSE bug 1233557 SUSE bug 1233560 SUSE bug 1233561 SUSE bug 1233570 SUSE bug 1233577 SUSE bug 1233580 SUSE bug 1233977 SUSE bug 1234012 SUSE bug 1234025 SUSE bug 1234085 SUSE bug 1234093 SUSE bug 1234098 SUSE bug 1234108 CVE-2021-47416 at SUSE CVE-2021-47416 at NVD CVE-2021-47534 at SUSE CVE-2021-47534 at NVD CVE-2021-47594 at SUSE CVE-2021-47594 at NVD CVE-2022-3435 at SUSE CVE-2022-3435 at NVD CVE-2022-45934 at SUSE CVE-2022-45934 at NVD CVE-2022-48664 at SUSE CVE-2022-48664 at NVD CVE-2022-48674 at SUSE CVE-2022-48674 at NVD CVE-2022-48879 at SUSE CVE-2022-48879 at NVD CVE-2022-48946 at SUSE CVE-2022-48946 at NVD CVE-2022-48947 at SUSE CVE-2022-48947 at NVD CVE-2022-48948 at SUSE CVE-2022-48948 at NVD CVE-2022-48949 at SUSE CVE-2022-48949 at NVD CVE-2022-48951 at SUSE CVE-2022-48951 at NVD CVE-2022-48953 at SUSE CVE-2022-48953 at NVD CVE-2022-48954 at SUSE CVE-2022-48954 at NVD CVE-2022-48955 at SUSE CVE-2022-48955 at NVD CVE-2022-48956 at SUSE CVE-2022-48956 at NVD CVE-2022-48957 at SUSE CVE-2022-48957 at NVD CVE-2022-48958 at SUSE CVE-2022-48958 at NVD CVE-2022-48959 at SUSE CVE-2022-48959 at NVD CVE-2022-48960 at SUSE CVE-2022-48960 at NVD CVE-2022-48961 at SUSE CVE-2022-48961 at NVD CVE-2022-48962 at SUSE CVE-2022-48962 at NVD CVE-2022-48966 at SUSE CVE-2022-48966 at NVD CVE-2022-48967 at SUSE CVE-2022-48967 at NVD CVE-2022-48968 at SUSE CVE-2022-48968 at NVD CVE-2022-48969 at SUSE CVE-2022-48969 at NVD CVE-2022-48970 at SUSE CVE-2022-48970 at NVD CVE-2022-48971 at SUSE CVE-2022-48971 at NVD CVE-2022-48972 at SUSE CVE-2022-48972 at NVD CVE-2022-48973 at SUSE CVE-2022-48973 at NVD CVE-2022-48975 at SUSE CVE-2022-48975 at NVD CVE-2022-48977 at SUSE CVE-2022-48977 at NVD CVE-2022-48978 at SUSE CVE-2022-48978 at NVD CVE-2022-48979 at SUSE CVE-2022-48979 at NVD CVE-2022-48980 at SUSE CVE-2022-48980 at NVD CVE-2022-48981 at SUSE CVE-2022-48981 at NVD CVE-2022-48982 at SUSE CVE-2022-48982 at NVD CVE-2022-48983 at SUSE CVE-2022-48983 at NVD CVE-2022-48985 at SUSE CVE-2022-48985 at NVD CVE-2022-48987 at SUSE CVE-2022-48987 at NVD CVE-2022-48988 at SUSE CVE-2022-48988 at NVD CVE-2022-48989 at SUSE CVE-2022-48989 at NVD CVE-2022-48990 at SUSE CVE-2022-48990 at NVD CVE-2022-48991 at SUSE CVE-2022-48991 at NVD CVE-2022-48992 at SUSE CVE-2022-48992 at NVD CVE-2022-48994 at SUSE CVE-2022-48994 at NVD CVE-2022-48995 at SUSE CVE-2022-48995 at NVD CVE-2022-48997 at SUSE CVE-2022-48997 at NVD CVE-2022-48999 at SUSE CVE-2022-48999 at NVD CVE-2022-49000 at SUSE CVE-2022-49000 at NVD CVE-2022-49002 at SUSE CVE-2022-49002 at NVD CVE-2022-49003 at SUSE CVE-2022-49003 at NVD CVE-2022-49005 at SUSE CVE-2022-49005 at NVD CVE-2022-49006 at SUSE CVE-2022-49006 at NVD CVE-2022-49007 at SUSE CVE-2022-49007 at NVD CVE-2022-49010 at SUSE CVE-2022-49010 at NVD CVE-2022-49011 at SUSE CVE-2022-49011 at NVD CVE-2022-49012 at SUSE CVE-2022-49012 at NVD CVE-2022-49014 at SUSE CVE-2022-49014 at NVD CVE-2022-49015 at SUSE CVE-2022-49015 at NVD CVE-2022-49016 at SUSE CVE-2022-49016 at NVD CVE-2022-49017 at SUSE CVE-2022-49017 at NVD CVE-2022-49019 at SUSE CVE-2022-49019 at NVD CVE-2022-49020 at SUSE CVE-2022-49020 at NVD CVE-2022-49021 at SUSE CVE-2022-49021 at NVD CVE-2022-49022 at SUSE CVE-2022-49022 at NVD CVE-2022-49023 at SUSE CVE-2022-49023 at NVD CVE-2022-49024 at SUSE CVE-2022-49024 at NVD CVE-2022-49025 at SUSE CVE-2022-49025 at NVD CVE-2022-49026 at SUSE CVE-2022-49026 at NVD CVE-2022-49027 at SUSE CVE-2022-49027 at NVD CVE-2022-49028 at SUSE CVE-2022-49028 at NVD CVE-2022-49029 at SUSE CVE-2022-49029 at NVD CVE-2022-49031 at SUSE CVE-2022-49031 at NVD CVE-2022-49032 at SUSE CVE-2022-49032 at NVD CVE-2023-2166 at SUSE CVE-2023-2166 at NVD CVE-2023-28327 at SUSE CVE-2023-28327 at NVD CVE-2023-52766 at SUSE CVE-2023-52766 at NVD CVE-2023-52800 at SUSE CVE-2023-52800 at NVD CVE-2023-52881 at SUSE CVE-2023-52881 at NVD CVE-2023-52915 at SUSE CVE-2023-52915 at NVD CVE-2023-52917 at SUSE CVE-2023-52917 at NVD CVE-2023-52918 at SUSE CVE-2023-52918 at NVD CVE-2023-52919 at SUSE CVE-2023-52919 at NVD CVE-2023-52921 at SUSE CVE-2023-52921 at NVD CVE-2023-52922 at SUSE CVE-2023-52922 at NVD CVE-2023-6270 at SUSE CVE-2023-6270 at NVD CVE-2024-26782 at SUSE CVE-2024-26782 at NVD CVE-2024-26906 at SUSE CVE-2024-26906 at NVD CVE-2024-26953 at SUSE CVE-2024-26953 at NVD CVE-2024-27043 at SUSE CVE-2024-27043 at NVD CVE-2024-35888 at SUSE CVE-2024-35888 at NVD CVE-2024-35937 at SUSE CVE-2024-35937 at NVD CVE-2024-35980 at SUSE CVE-2024-35980 at NVD CVE-2024-36244 at SUSE CVE-2024-36244 at NVD CVE-2024-36484 at SUSE CVE-2024-36484 at NVD CVE-2024-36883 at SUSE CVE-2024-36883 at NVD CVE-2024-36886 at SUSE CVE-2024-36886 at NVD CVE-2024-36905 at SUSE CVE-2024-36905 at NVD CVE-2024-36953 at SUSE CVE-2024-36953 at NVD CVE-2024-36954 at SUSE CVE-2024-36954 at NVD CVE-2024-36957 at SUSE CVE-2024-36957 at NVD CVE-2024-38577 at SUSE CVE-2024-38577 at NVD CVE-2024-38589 at SUSE CVE-2024-38589 at NVD CVE-2024-38615 at SUSE CVE-2024-38615 at NVD CVE-2024-39476 at SUSE CVE-2024-39476 at NVD CVE-2024-40965 at SUSE CVE-2024-40965 at NVD CVE-2024-40997 at SUSE CVE-2024-40997 at NVD CVE-2024-41016 at SUSE CVE-2024-41016 at NVD CVE-2024-41023 at SUSE CVE-2024-41023 at NVD CVE-2024-41049 at SUSE CVE-2024-41049 at NVD CVE-2024-42131 at SUSE CVE-2024-42131 at NVD CVE-2024-42145 at SUSE CVE-2024-42145 at NVD CVE-2024-42226 at SUSE CVE-2024-42226 at NVD CVE-2024-42253 at SUSE CVE-2024-42253 at NVD CVE-2024-43817 at SUSE CVE-2024-43817 at NVD CVE-2024-43897 at SUSE CVE-2024-43897 at NVD CVE-2024-44931 at SUSE CVE-2024-44931 at NVD CVE-2024-44932 at SUSE CVE-2024-44932 at NVD CVE-2024-44947 at SUSE CVE-2024-44947 at NVD CVE-2024-44958 at SUSE CVE-2024-44958 at NVD CVE-2024-44964 at SUSE CVE-2024-44964 at NVD CVE-2024-44995 at SUSE CVE-2024-44995 at NVD CVE-2024-45016 at SUSE CVE-2024-45016 at NVD CVE-2024-45025 at SUSE CVE-2024-45025 at NVD CVE-2024-46678 at SUSE CVE-2024-46678 at NVD CVE-2024-46681 at SUSE CVE-2024-46681 at NVD CVE-2024-46716 at SUSE CVE-2024-46716 at NVD CVE-2024-46719 at SUSE CVE-2024-46719 at NVD CVE-2024-46754 at SUSE CVE-2024-46754 at NVD CVE-2024-46770 at SUSE CVE-2024-46770 at NVD CVE-2024-46775 at SUSE CVE-2024-46775 at NVD CVE-2024-46777 at SUSE CVE-2024-46777 at NVD CVE-2024-46800 at SUSE CVE-2024-46800 at NVD CVE-2024-46802 at SUSE CVE-2024-46802 at NVD CVE-2024-46804 at SUSE CVE-2024-46804 at NVD CVE-2024-46805 at SUSE CVE-2024-46805 at NVD CVE-2024-46807 at SUSE CVE-2024-46807 at NVD CVE-2024-46809 at SUSE CVE-2024-46809 at NVD CVE-2024-46810 at SUSE CVE-2024-46810 at NVD CVE-2024-46811 at SUSE CVE-2024-46811 at NVD CVE-2024-46812 at SUSE CVE-2024-46812 at NVD CVE-2024-46813 at SUSE CVE-2024-46813 at NVD CVE-2024-46814 at SUSE CVE-2024-46814 at NVD CVE-2024-46815 at SUSE CVE-2024-46815 at NVD CVE-2024-46816 at SUSE CVE-2024-46816 at NVD CVE-2024-46817 at SUSE CVE-2024-46817 at NVD CVE-2024-46818 at SUSE CVE-2024-46818 at NVD CVE-2024-46819 at SUSE CVE-2024-46819 at NVD CVE-2024-46821 at SUSE CVE-2024-46821 at NVD CVE-2024-46826 at SUSE CVE-2024-46826 at NVD CVE-2024-46828 at SUSE CVE-2024-46828 at NVD CVE-2024-46834 at SUSE CVE-2024-46834 at NVD CVE-2024-46835 at SUSE CVE-2024-46835 at NVD CVE-2024-46840 at SUSE CVE-2024-46840 at NVD CVE-2024-46841 at SUSE CVE-2024-46841 at NVD CVE-2024-46842 at SUSE CVE-2024-46842 at NVD CVE-2024-46848 at SUSE CVE-2024-46848 at NVD CVE-2024-46849 at SUSE CVE-2024-46849 at NVD CVE-2024-46853 at SUSE CVE-2024-46853 at NVD CVE-2024-46854 at SUSE CVE-2024-46854 at NVD CVE-2024-46855 at SUSE CVE-2024-46855 at NVD CVE-2024-46857 at SUSE CVE-2024-46857 at NVD CVE-2024-46859 at SUSE CVE-2024-46859 at NVD CVE-2024-46864 at SUSE CVE-2024-46864 at NVD CVE-2024-46871 at SUSE CVE-2024-46871 at NVD CVE-2024-47660 at SUSE CVE-2024-47660 at NVD CVE-2024-47661 at SUSE CVE-2024-47661 at NVD CVE-2024-47663 at SUSE CVE-2024-47663 at NVD CVE-2024-47664 at SUSE CVE-2024-47664 at NVD CVE-2024-47665 at SUSE CVE-2024-47665 at NVD CVE-2024-47667 at SUSE CVE-2024-47667 at NVD CVE-2024-47668 at SUSE CVE-2024-47668 at NVD CVE-2024-47669 at SUSE CVE-2024-47669 at NVD CVE-2024-47670 at SUSE CVE-2024-47670 at NVD CVE-2024-47671 at SUSE CVE-2024-47671 at NVD CVE-2024-47672 at SUSE CVE-2024-47672 at NVD CVE-2024-47673 at SUSE CVE-2024-47673 at NVD CVE-2024-47674 at SUSE CVE-2024-47674 at NVD CVE-2024-47679 at SUSE CVE-2024-47679 at NVD CVE-2024-47682 at SUSE CVE-2024-47682 at NVD CVE-2024-47684 at SUSE CVE-2024-47684 at NVD CVE-2024-47685 at SUSE CVE-2024-47685 at NVD CVE-2024-47692 at SUSE CVE-2024-47692 at NVD CVE-2024-47693 at SUSE CVE-2024-47693 at NVD CVE-2024-47695 at SUSE CVE-2024-47695 at NVD CVE-2024-47696 at SUSE CVE-2024-47696 at NVD CVE-2024-47697 at SUSE CVE-2024-47697 at NVD CVE-2024-47698 at SUSE CVE-2024-47698 at NVD CVE-2024-47699 at SUSE CVE-2024-47699 at NVD CVE-2024-47701 at SUSE CVE-2024-47701 at NVD CVE-2024-47704 at SUSE CVE-2024-47704 at NVD CVE-2024-47705 at SUSE CVE-2024-47705 at NVD CVE-2024-47706 at SUSE CVE-2024-47706 at NVD CVE-2024-47707 at SUSE CVE-2024-47707 at NVD CVE-2024-47709 at SUSE CVE-2024-47709 at NVD CVE-2024-47710 at SUSE CVE-2024-47710 at NVD CVE-2024-47712 at SUSE CVE-2024-47712 at NVD CVE-2024-47713 at SUSE CVE-2024-47713 at NVD CVE-2024-47718 at SUSE CVE-2024-47718 at NVD CVE-2024-47720 at SUSE CVE-2024-47720 at NVD CVE-2024-47723 at SUSE CVE-2024-47723 at NVD CVE-2024-47727 at SUSE CVE-2024-47727 at NVD CVE-2024-47728 at SUSE CVE-2024-47728 at NVD CVE-2024-47730 at SUSE CVE-2024-47730 at NVD CVE-2024-47735 at SUSE CVE-2024-47735 at NVD CVE-2024-47737 at SUSE CVE-2024-47737 at NVD CVE-2024-47738 at SUSE CVE-2024-47738 at NVD CVE-2024-47739 at SUSE CVE-2024-47739 at NVD CVE-2024-47742 at SUSE CVE-2024-47742 at NVD CVE-2024-47745 at SUSE CVE-2024-47745 at NVD CVE-2024-47747 at SUSE CVE-2024-47747 at NVD CVE-2024-47748 at SUSE CVE-2024-47748 at NVD CVE-2024-47749 at SUSE CVE-2024-47749 at NVD CVE-2024-47756 at SUSE CVE-2024-47756 at NVD CVE-2024-47757 at SUSE CVE-2024-47757 at NVD CVE-2024-49850 at SUSE CVE-2024-49850 at NVD CVE-2024-49851 at SUSE CVE-2024-49851 at NVD CVE-2024-49852 at SUSE CVE-2024-49852 at NVD CVE-2024-49855 at SUSE CVE-2024-49855 at NVD CVE-2024-49858 at SUSE CVE-2024-49858 at NVD CVE-2024-49860 at SUSE CVE-2024-49860 at NVD CVE-2024-49861 at SUSE CVE-2024-49861 at NVD CVE-2024-49863 at SUSE CVE-2024-49863 at NVD CVE-2024-49866 at SUSE CVE-2024-49866 at NVD CVE-2024-49867 at SUSE CVE-2024-49867 at NVD CVE-2024-49868 at SUSE CVE-2024-49868 at NVD CVE-2024-49870 at SUSE CVE-2024-49870 at NVD CVE-2024-49871 at SUSE CVE-2024-49871 at NVD CVE-2024-49875 at SUSE CVE-2024-49875 at NVD CVE-2024-49877 at SUSE CVE-2024-49877 at NVD CVE-2024-49879 at SUSE CVE-2024-49879 at NVD CVE-2024-49881 at SUSE CVE-2024-49881 at NVD CVE-2024-49882 at SUSE CVE-2024-49882 at NVD CVE-2024-49883 at SUSE CVE-2024-49883 at NVD CVE-2024-49884 at SUSE CVE-2024-49884 at NVD CVE-2024-49886 at SUSE CVE-2024-49886 at NVD CVE-2024-49890 at SUSE CVE-2024-49890 at NVD CVE-2024-49891 at SUSE CVE-2024-49891 at NVD CVE-2024-49892 at SUSE CVE-2024-49892 at NVD CVE-2024-49894 at SUSE CVE-2024-49894 at NVD CVE-2024-49895 at SUSE CVE-2024-49895 at NVD CVE-2024-49896 at SUSE CVE-2024-49896 at NVD CVE-2024-49897 at SUSE CVE-2024-49897 at NVD CVE-2024-49899 at SUSE CVE-2024-49899 at NVD CVE-2024-49900 at SUSE CVE-2024-49900 at NVD CVE-2024-49901 at SUSE CVE-2024-49901 at NVD CVE-2024-49902 at SUSE CVE-2024-49902 at NVD CVE-2024-49903 at SUSE CVE-2024-49903 at NVD CVE-2024-49905 at SUSE CVE-2024-49905 at NVD CVE-2024-49906 at SUSE CVE-2024-49906 at NVD CVE-2024-49907 at SUSE CVE-2024-49907 at NVD CVE-2024-49908 at SUSE CVE-2024-49908 at NVD CVE-2024-49909 at SUSE CVE-2024-49909 at NVD CVE-2024-49911 at SUSE CVE-2024-49911 at NVD CVE-2024-49912 at SUSE CVE-2024-49912 at NVD CVE-2024-49913 at SUSE CVE-2024-49913 at NVD CVE-2024-49914 at SUSE CVE-2024-49914 at NVD CVE-2024-49917 at SUSE CVE-2024-49917 at NVD CVE-2024-49918 at SUSE CVE-2024-49918 at NVD CVE-2024-49919 at SUSE CVE-2024-49919 at NVD CVE-2024-49920 at SUSE CVE-2024-49920 at NVD CVE-2024-49921 at SUSE CVE-2024-49921 at NVD CVE-2024-49922 at SUSE CVE-2024-49922 at NVD CVE-2024-49923 at SUSE CVE-2024-49923 at NVD CVE-2024-49924 at SUSE CVE-2024-49924 at NVD CVE-2024-49925 at SUSE CVE-2024-49925 at NVD CVE-2024-49929 at SUSE CVE-2024-49929 at NVD CVE-2024-49930 at SUSE CVE-2024-49930 at NVD CVE-2024-49933 at SUSE CVE-2024-49933 at NVD CVE-2024-49934 at SUSE CVE-2024-49934 at NVD CVE-2024-49935 at SUSE CVE-2024-49935 at NVD CVE-2024-49936 at SUSE CVE-2024-49936 at NVD CVE-2024-49938 at SUSE CVE-2024-49938 at NVD CVE-2024-49939 at SUSE CVE-2024-49939 at NVD CVE-2024-49945 at SUSE CVE-2024-49945 at NVD CVE-2024-49946 at SUSE CVE-2024-49946 at NVD CVE-2024-49947 at SUSE CVE-2024-49947 at NVD CVE-2024-49949 at SUSE CVE-2024-49949 at NVD CVE-2024-49950 at SUSE CVE-2024-49950 at NVD CVE-2024-49954 at SUSE CVE-2024-49954 at NVD CVE-2024-49955 at SUSE CVE-2024-49955 at NVD CVE-2024-49957 at SUSE CVE-2024-49957 at NVD CVE-2024-49958 at SUSE CVE-2024-49958 at NVD CVE-2024-49959 at SUSE CVE-2024-49959 at NVD CVE-2024-49960 at SUSE CVE-2024-49960 at NVD CVE-2024-49962 at SUSE CVE-2024-49962 at NVD CVE-2024-49963 at SUSE CVE-2024-49963 at NVD CVE-2024-49965 at SUSE CVE-2024-49965 at NVD CVE-2024-49966 at SUSE CVE-2024-49966 at NVD CVE-2024-49967 at SUSE CVE-2024-49967 at NVD CVE-2024-49968 at SUSE CVE-2024-49968 at NVD CVE-2024-49969 at SUSE CVE-2024-49969 at NVD CVE-2024-49973 at SUSE CVE-2024-49973 at NVD CVE-2024-49974 at SUSE CVE-2024-49974 at NVD CVE-2024-49975 at SUSE CVE-2024-49975 at NVD CVE-2024-49981 at SUSE CVE-2024-49981 at NVD CVE-2024-49982 at SUSE CVE-2024-49982 at NVD CVE-2024-49983 at SUSE CVE-2024-49983 at NVD CVE-2024-49985 at SUSE CVE-2024-49985 at NVD CVE-2024-49989 at SUSE CVE-2024-49989 at NVD CVE-2024-49991 at SUSE CVE-2024-49991 at NVD CVE-2024-49993 at SUSE CVE-2024-49993 at NVD CVE-2024-49995 at SUSE CVE-2024-49995 at NVD CVE-2024-49996 at SUSE CVE-2024-49996 at NVD CVE-2024-50000 at SUSE CVE-2024-50000 at NVD CVE-2024-50001 at SUSE CVE-2024-50001 at NVD CVE-2024-50002 at SUSE CVE-2024-50002 at NVD CVE-2024-50003 at SUSE CVE-2024-50003 at NVD CVE-2024-50006 at SUSE CVE-2024-50006 at NVD CVE-2024-50007 at SUSE CVE-2024-50007 at NVD CVE-2024-50008 at SUSE CVE-2024-50008 at NVD CVE-2024-50009 at SUSE CVE-2024-50009 at NVD CVE-2024-50013 at SUSE CVE-2024-50013 at NVD CVE-2024-50014 at SUSE CVE-2024-50014 at NVD CVE-2024-50017 at SUSE CVE-2024-50017 at NVD CVE-2024-50019 at SUSE CVE-2024-50019 at NVD CVE-2024-50024 at SUSE CVE-2024-50024 at NVD CVE-2024-50025 at SUSE CVE-2024-50025 at NVD CVE-2024-50026 at SUSE CVE-2024-50026 at NVD CVE-2024-50028 at SUSE CVE-2024-50028 at NVD CVE-2024-50031 at SUSE CVE-2024-50031 at NVD CVE-2024-50033 at SUSE CVE-2024-50033 at NVD CVE-2024-50035 at SUSE CVE-2024-50035 at NVD CVE-2024-50041 at SUSE CVE-2024-50041 at NVD CVE-2024-50044 at SUSE CVE-2024-50044 at NVD CVE-2024-50045 at SUSE CVE-2024-50045 at NVD CVE-2024-50046 at SUSE CVE-2024-50046 at NVD CVE-2024-50047 at SUSE CVE-2024-50047 at NVD CVE-2024-50048 at SUSE CVE-2024-50048 at NVD CVE-2024-50049 at SUSE CVE-2024-50049 at NVD CVE-2024-50055 at SUSE CVE-2024-50055 at NVD CVE-2024-50058 at SUSE CVE-2024-50058 at NVD CVE-2024-50059 at SUSE CVE-2024-50059 at NVD CVE-2024-50061 at SUSE CVE-2024-50061 at NVD CVE-2024-50062 at SUSE CVE-2024-50062 at NVD CVE-2024-50063 at SUSE CVE-2024-50063 at NVD CVE-2024-50067 at SUSE CVE-2024-50067 at NVD CVE-2024-50073 at SUSE CVE-2024-50073 at NVD CVE-2024-50074 at SUSE CVE-2024-50074 at NVD CVE-2024-50077 at SUSE CVE-2024-50077 at NVD CVE-2024-50078 at SUSE CVE-2024-50078 at NVD CVE-2024-50081 at SUSE CVE-2024-50081 at NVD CVE-2024-50082 at SUSE CVE-2024-50082 at NVD CVE-2024-50089 at SUSE CVE-2024-50089 at NVD CVE-2024-50093 at SUSE CVE-2024-50093 at NVD CVE-2024-50095 at SUSE CVE-2024-50095 at NVD CVE-2024-50096 at SUSE CVE-2024-50096 at NVD CVE-2024-50098 at SUSE CVE-2024-50098 at NVD CVE-2024-50099 at SUSE CVE-2024-50099 at NVD CVE-2024-50103 at SUSE CVE-2024-50103 at NVD CVE-2024-50108 at SUSE CVE-2024-50108 at NVD CVE-2024-50110 at SUSE CVE-2024-50110 at NVD CVE-2024-50115 at SUSE CVE-2024-50115 at NVD CVE-2024-50116 at SUSE CVE-2024-50116 at NVD CVE-2024-50117 at SUSE CVE-2024-50117 at NVD CVE-2024-50124 at SUSE CVE-2024-50124 at NVD CVE-2024-50125 at SUSE CVE-2024-50125 at NVD CVE-2024-50127 at SUSE CVE-2024-50127 at NVD CVE-2024-50128 at SUSE CVE-2024-50128 at NVD CVE-2024-50131 at SUSE CVE-2024-50131 at NVD CVE-2024-50134 at SUSE CVE-2024-50134 at NVD CVE-2024-50135 at SUSE CVE-2024-50135 at NVD CVE-2024-50138 at SUSE CVE-2024-50138 at NVD CVE-2024-50141 at SUSE CVE-2024-50141 at NVD CVE-2024-50146 at SUSE CVE-2024-50146 at NVD CVE-2024-50147 at SUSE CVE-2024-50147 at NVD CVE-2024-50148 at SUSE CVE-2024-50148 at NVD CVE-2024-50150 at SUSE CVE-2024-50150 at NVD CVE-2024-50153 at SUSE CVE-2024-50153 at NVD CVE-2024-50154 at SUSE CVE-2024-50154 at NVD CVE-2024-50155 at SUSE CVE-2024-50155 at NVD CVE-2024-50156 at SUSE CVE-2024-50156 at NVD CVE-2024-50160 at SUSE CVE-2024-50160 at NVD CVE-2024-50167 at SUSE CVE-2024-50167 at NVD CVE-2024-50171 at SUSE CVE-2024-50171 at NVD CVE-2024-50179 at SUSE CVE-2024-50179 at NVD CVE-2024-50180 at SUSE CVE-2024-50180 at NVD CVE-2024-50182 at SUSE CVE-2024-50182 at NVD CVE-2024-50183 at SUSE CVE-2024-50183 at NVD CVE-2024-50184 at SUSE CVE-2024-50184 at NVD CVE-2024-50186 at SUSE CVE-2024-50186 at NVD CVE-2024-50187 at SUSE CVE-2024-50187 at NVD CVE-2024-50188 at SUSE CVE-2024-50188 at NVD CVE-2024-50189 at SUSE CVE-2024-50189 at NVD CVE-2024-50192 at SUSE CVE-2024-50192 at NVD CVE-2024-50194 at SUSE CVE-2024-50194 at NVD CVE-2024-50195 at SUSE CVE-2024-50195 at NVD CVE-2024-50196 at SUSE CVE-2024-50196 at NVD CVE-2024-50198 at SUSE CVE-2024-50198 at NVD CVE-2024-50201 at SUSE CVE-2024-50201 at NVD CVE-2024-50205 at SUSE CVE-2024-50205 at NVD CVE-2024-50208 at SUSE CVE-2024-50208 at NVD CVE-2024-50209 at SUSE CVE-2024-50209 at NVD CVE-2024-50215 at SUSE CVE-2024-50215 at NVD CVE-2024-50218 at SUSE CVE-2024-50218 at NVD CVE-2024-50229 at SUSE CVE-2024-50229 at NVD CVE-2024-50230 at SUSE CVE-2024-50230 at NVD CVE-2024-50232 at SUSE CVE-2024-50232 at NVD CVE-2024-50233 at SUSE CVE-2024-50233 at NVD CVE-2024-50234 at SUSE CVE-2024-50234 at NVD CVE-2024-50236 at SUSE CVE-2024-50236 at NVD CVE-2024-50237 at SUSE CVE-2024-50237 at NVD CVE-2024-50249 at SUSE CVE-2024-50249 at NVD CVE-2024-50255 at SUSE CVE-2024-50255 at NVD CVE-2024-50259 at SUSE CVE-2024-50259 at NVD CVE-2024-50261 at SUSE CVE-2024-50261 at NVD CVE-2024-50264 at SUSE CVE-2024-50264 at NVD CVE-2024-50265 at SUSE CVE-2024-50265 at NVD CVE-2024-50267 at SUSE CVE-2024-50267 at NVD CVE-2024-50268 at SUSE CVE-2024-50268 at NVD CVE-2024-50269 at SUSE CVE-2024-50269 at NVD CVE-2024-50271 at SUSE CVE-2024-50271 at NVD CVE-2024-50273 at SUSE CVE-2024-50273 at NVD CVE-2024-50274 at SUSE CVE-2024-50274 at NVD CVE-2024-50279 at SUSE CVE-2024-50279 at NVD CVE-2024-50282 at SUSE CVE-2024-50282 at NVD CVE-2024-50287 at SUSE CVE-2024-50287 at NVD CVE-2024-50289 at SUSE CVE-2024-50289 at NVD CVE-2024-50290 at SUSE CVE-2024-50290 at NVD CVE-2024-50292 at SUSE CVE-2024-50292 at NVD CVE-2024-50295 at SUSE CVE-2024-50295 at NVD CVE-2024-50298 at SUSE CVE-2024-50298 at NVD CVE-2024-50301 at SUSE CVE-2024-50301 at NVD CVE-2024-50302 at SUSE CVE-2024-50302 at NVD CVE-2024-53052 at SUSE CVE-2024-53052 at NVD CVE-2024-53058 at SUSE CVE-2024-53058 at NVD CVE-2024-53059 at SUSE CVE-2024-53059 at NVD CVE-2024-53060 at SUSE CVE-2024-53060 at NVD CVE-2024-53061 at SUSE CVE-2024-53061 at NVD CVE-2024-53063 at SUSE CVE-2024-53063 at NVD CVE-2024-53066 at SUSE CVE-2024-53066 at NVD CVE-2024-53068 at SUSE CVE-2024-53068 at NVD CVE-2024-53079 at SUSE CVE-2024-53079 at NVD CVE-2024-53085 at SUSE CVE-2024-53085 at NVD CVE-2024-53088 at SUSE CVE-2024-53088 at NVD CVE-2024-53104 at SUSE CVE-2024-53104 at NVD CVE-2024-53110 at SUSE CVE-2024-53110 at NVD cpe:/o:suse:sle-micro:5.5 Security update for avahi (Moderate) SUSE Linux Enterprise Micro 5.5 This update for avahi fixes the following issues: - CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs (bsc#1233420) Other fixes: - no longer supply bogus services to callbacks (bsc#1226586). Moderate SUSE bug 1226586 SUSE bug 1233420 CVE-2024-52616 at SUSE CVE-2024-52616 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Moderate) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update to version 1.1.1: Release notes are on https://github.com/kubevirt/kubevirt/releases/tag/v1.1.1 - Fix seccomp profile for post-copy migration - Fix firmware path for aarch64 (/usr/share/AAVMF) - Fix test with initially invalid DataVolume (bsc#1218174) The containers were also rebuilt against updated go version. Moderate SUSE bug 1218174 cpe:/o:suse:sle-micro:5.5 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (Important) SUSE Linux Enterprise Micro 5.5 This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: - Set ExclusiveArch conditionally depending on the distro - rebuild with current go release. Important cpe:/o:suse:sle-micro:5.5 Security update for suse-build-key (Important) SUSE Linux Enterprise Micro 5.5 This update for suse-build-key fixes the following issues: This update runs a import-suse-build-key script. The previous libzypp-post-script based installation is replaced with a systemd timer and service (bsc#1217215 bsc#1216410 jsc#PED-2777). - suse-build-key-import.service - suse-build-key-import.timer It imports the future SUSE Linux Enterprise 15 4096 bit RSA key primary and reserve keys. After successful import the timer is disabled. To manually import them you can also run: # rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-3fa1d6ce-63c9481c.asc # rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-d588dc46-63c939db.asc Bugfix added since last update: - run rpm commands in import script only when libzypp is not active. bsc#1219189 bsc#1219123 Important SUSE bug 1219123 SUSE bug 1219189 cpe:/o:suse:sle-micro:5.5 Security update for gcc13 (Important) SUSE Linux Enterprise Micro 5.5 This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP4 and SP5, and provided in the 'Development Tools' module. The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories. To use gcc13 compilers use: - install 'gcc13' or 'gcc13-c++' or one of the other 'gcc13-COMPILER' frontend packages. - override your Makefile to use CC=gcc-13, CXX=g++-13 and similar overrides for the other languages. For a full changelog with all new GCC13 features, check out https://gcc.gnu.org/gcc-13/changes.html Detailed changes: * CVE-2023-4039: Fixed -fstack-protector issues on aarch64 with variable length stack allocations. (bsc#1214052) - Work around third party app crash during C++ standard library initialization. [bsc#1216664] - Fixed that GCC13 fails to compile some packages with error: unrecognizable insn (bsc#1215427) - Bump included newlib to version 4.3.0. - Update to GCC trunk head (r13-5254-g05b9868b182bb9) - Redo floatn fixinclude pick-up to simply keep what is there. - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Also handle -static-pie in the default-PIE specs - Fixed missed optimization in Skia resulting in Firefox crashes when building with LTO. [bsc#1212101] - Make libstdc++6-devel packages own their directories since they can be installed standalone. [bsc#1211427] - Add new x86-related intrinsics (amxcomplexintrin.h). - RISC-V: Add support for inlining subword atomic operations - Use --enable-link-serialization rather that --enable-link-mutex, the benefit of the former one is that the linker jobs are not holding tokens of the make's jobserver. - Add cross-bpf packages. See https://gcc.gnu.org/wiki/BPFBackEnd for the general state of BPF with GCC. - Add bootstrap conditional to allow --without=bootstrap to be specified to speed up local builds for testing. - Bump included newlib to version 4.3.0. - Also package libhwasan_preinit.o on aarch64. - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Package libhwasan_preinit.o on x86_64. - Fixed unwinding on aarch64 with pointer signing. [bsc#1206684] - Enable PRU flavour for gcc13 - update floatn fixinclude pickup to check each header separately (bsc#1206480) - Redo floatn fixinclude pick-up to simply keep what is there. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Depend on at least LLVM 13 for GCN cross compiler. - Update embedded newlib to version 4.2.0 - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. Important SUSE bug 1206480 SUSE bug 1206684 SUSE bug 1210557 SUSE bug 1211427 SUSE bug 1212101 SUSE bug 1213915 SUSE bug 1214052 SUSE bug 1214460 SUSE bug 1215427 SUSE bug 1216664 CVE-2023-4039 at SUSE CVE-2023-4039 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Important) SUSE Linux Enterprise Micro 5.5 This update for runc fixes the following issues: - Update to runc v1.1.12 (bsc#1218894) The following CVE was already fixed with the previous release. - CVE-2024-21626: Fixed container breakout. Important SUSE bug 1218894 CVE-2024-21626 at SUSE CVE-2024-21626 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219429). - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434). - CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128). - CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730). - CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836). - CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702). - CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275). - CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120). - CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053). - CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752). - CVE-2024-0641: Fixed a denial of service vulnerability in tipc_crypto_key_revoke in net/tipc/crypto.c (bsc#1218916). - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832). - CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804). - CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757). - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447). The following non-security bugs were fixed: - Store the old kernel changelog entries in kernel-docs package (bsc#1218713). - ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes). - ACPI: LPSS: Fix the fractional clock divider flags (git-fixes). - ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377) - ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error (git-fixes). - ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377) - ACPI: property: Allow _DSD buffer data only for byte accessors (git-fixes). - ACPI: resource: Add another DMI match for the TongFang GMxXGxx (git-fixes). - ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377) - ACPI: video: check for error while searching for backlight device parent (git-fixes). - ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (git-fixes). - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (git-fixes). - ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models (git-fixes). - ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 (git-fixes). - ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook (git-fixes). - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (git-fixes). - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (git-fixes). - ALSA: hda: Refer to correct stream index at loops (git-fixes). - ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format (git-fixes). - ALSA: oxygen: Fix right channel of capture volume mixer (git-fixes). - ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes). - ASoC: Intel: Skylake: mem leak in skl register function (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (git-fixes). - ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch (git-fixes). - ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136). - ASoC: amd: Add check for acp config flags (bsc#1219136). - ASoC: amd: Add new dmi entries to config entry (bsc#1219136). - ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136). - ASoC: amd: Drop empty platform remove function (bsc#1219136). - ASoC: amd: Update Pink Sardine platform ACP register header (bsc#1219136). - ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION (git-fixes). - ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting Line Out (bsc#1219136). - ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp: Add TDM slots setting support for ACP I2S controller (bsc#1219136). - ASoC: amd: acp: Add TDM support for acp i2s stream (bsc#1219136). - ASoC: amd: acp: Add i2s tdm support in machine driver (bsc#1219136). - ASoC: amd: acp: Add kcontrols and widgets per-codec in common code (bsc#1219136). - ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common (git-fixes). - ASoC: amd: acp: Add new cpu dai's in machine driver (bsc#1219136). - ASoC: amd: acp: Add setbias level for rt5682s codec in machine driver (bsc#1219136). - ASoC: amd: acp: Enable i2s tdm support for skyrim platforms (bsc#1219136). - ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136). - ASoC: amd: acp: Initialize list to store acp_stream during pcm_open (bsc#1219136). - ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp: Modify dai_id macros to be more generic (bsc#1219136). - ASoC: amd: acp: Refactor bit width calculation (bsc#1219136). - ASoC: amd: acp: Refactor dai format implementation (bsc#1219136). - ASoC: amd: acp: Refactor i2s clocks programming sequence (bsc#1219136). - ASoC: amd: acp: add a label to make error path more clean (bsc#1219136). - ASoC: amd: acp: add acp i2s master clock generation for rembrandt platform (bsc#1219136). - ASoC: amd: acp: add pm ops support for acp pci driver (bsc#1219136). - ASoC: amd: acp: add pm ops support for rembrandt platform (bsc#1219136). - ASoC: amd: acp: clean up some inconsistent indentings (bsc#1219136). - ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136). - ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136). - ASoC: amd: acp: export config_acp_dma() and config_pte_for_stream() symbols (bsc#1219136). - ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies (bsc#1219136). - ASoC: amd: acp: move pdm macros to common header file (bsc#1219136). - ASoC: amd: acp: refactor the acp init and de-init sequence (bsc#1219136). - ASoC: amd: acp: rembrandt: Drop if blocks with always false condition (bsc#1219136). - ASoC: amd: acp: remove acp poweroff function (bsc#1219136). - ASoC: amd: acp: remove the redundant acp enable/disable interrupts functions (bsc#1219136). - ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136). - ASoC: amd: acp: store platform device reference created in pci probe call (bsc#1219136). - ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136). - ASoC: amd: acp: store xfer_resolution of the stream (bsc#1219136). - ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136). - ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc() (bsc#1219136). - ASoC: amd: acp: use function devm_kcalloc() instead of devm_kzalloc() (bsc#1219136). - ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136). - ASoC: amd: add Pink Sardine machine driver using dmic (bsc#1219136). - ASoC: amd: add Pink Sardine platform ACP IP register header (bsc#1219136). - ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136). - ASoC: amd: add acp6.2 irq handler (bsc#1219136). - ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136). - ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136). - ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136). - ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136). - ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver (bsc#1219136). - ASoC: amd: create platform device for acp6.2 machine driver (bsc#1219136). - ASoC: amd: enable Pink Sardine acp6.2 drivers build (bsc#1219136). - ASoC: amd: enable Pink sardine platform machine driver build (bsc#1219136). - ASoC: amd: fix ACP version typo mistake (bsc#1219136). - ASoC: amd: fix spelling mistake: 'i.e' -> 'i.e.' (bsc#1219136). - ASoC: amd: ps: Add a module parameter to influence pdm_gain (bsc#1219136). - ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136). - ASoC: amd: ps: Fix uninitialized ret in create_acp64_platform_devs() (bsc#1219136). - ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver (bsc#1219136). - ASoC: amd: ps: Update copyright notice (bsc#1219136). - ASoC: amd: ps: add mutex lock for accessing common registers (bsc#1219136). - ASoC: amd: ps: fix for acp_lock access in pdm driver (bsc#1219136). - ASoC: amd: ps: implement api to retrieve acp device config (bsc#1219136). - ASoC: amd: ps: move irq handler registration (bsc#1219136). - ASoC: amd: ps: refactor acp power on and reset functions (bsc#1219136). - ASoC: amd: ps: refactor platform device creation logic (bsc#1219136). - ASoC: amd: ps: remove the register read and write wrappers (bsc#1219136). - ASoC: amd: ps: remove unused variable (bsc#1219136). - ASoC: amd: ps: update dev index value in irq handler (bsc#1219136). - ASoC: amd: ps: update macros with ps platform naming convention (bsc#1219136). - ASoC: amd: ps: update the acp clock source (bsc#1219136). - ASoC: amd: ps: use acp_lock to protect common registers in pdm driver (bsc#1219136). - ASoC: amd: ps: use static function (bsc#1219136). - ASoC: amd: renoir: Add a module parameter to influence pdm_gain (bsc#1219136). - ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136). - ASoC: amd: update pm_runtime enable sequence (bsc#1219136). - ASoC: amd: vangogh: Add check for acp config flags in vangogh platform (bsc#1219136). - ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136). - ASoC: amd: vangogh: Remove unnecessary init function (bsc#1219136). - ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG (bsc#1219136). - ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136). - ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136). - ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table (bsc#1219136). - ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A42) (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43) (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming Laptop 15-fb0xxx (8A3E) (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx (8A22) (bsc#1219136). - ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12 (bsc#1219136). - ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13 (bsc#1219136). - ASoC: amd: yc: Add DMI support for new acer/emdoor platforms (bsc#1219136). - ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136). - ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table (bsc#1219136). - ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table (bsc#1219136). - ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table (bsc#1219136). - ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table (bsc#1219136). - ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table (bsc#1219136). - ASoC: amd: yc: Add a module parameter to influence pdm_gain (bsc#1219136). - ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136). - ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136). - ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL (bsc#1219136). - ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA (bsc#1219136). - ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks (bsc#1219136). - ASoC: codecs: lpass-wsa-macro: fix compander volume hack (git-fixes). - ASoC: codecs: wcd938x: fix headphones volume controls (git-fixes). - ASoC: codecs: wcd938x: handle deferred probe (git-fixes). - ASoC: cs35l33: Fix GPIO name and drop legacy include (git-fixes). - ASoC: cs43130: Fix incorrect frame delay configuration (git-fixes). - ASoC: cs43130: Fix the position of const qualifier (git-fixes). - ASoC: da7219: Support low DC impedance headset (git-fixes). - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 (git-fixes). - ASoC: ops: add correct range check for limiting volume (git-fixes). - ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (git-fixes). - ASoC: rt5650: add mutex to avoid the jack detection failure (git-fixes). - ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes). - ASoC: wm8974: Correct boost mixer inputs (git-fixes). - Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136). - Bluetooth: Fix atomicity violation in {min,max}_key_size_set (git-fixes). - Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes). - Documentation: Begin a RAS section (jsc#PED-7622). - EDAC/amd64: Add context struct (jsc#PED-7615). - EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615). - EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616). - EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615). - EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622). - EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615). - EDAC/amd64: Cache and use GPU node map (jsc#PED-7616). - EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615). - EDAC/amd64: Do not set up EDAC PCI control on Family 17h+ (jsc#PED-7615). - EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616). - EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615). - EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615). - EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615). - EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615). - EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615). - EDAC/amd64: Remove early_channel_count() (jsc#PED-7615). - EDAC/amd64: Remove module version string (jsc#PED-7615). - EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615). - EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615). - EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615). - EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615). - EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false positive (jsc#PED-7615). - EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615). - EDAC/mc: Add new HBM2 memory type (jsc#PED-7616). - EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622). - EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622). - EDAC/thunderx: Fix possible out-of-bounds string access (git-fixes). - Fix crash in vmw_context_cotables_unref when 3d support is enabled (bsc#1218738) - HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes). - HID: wacom: Correct behavior when processing some confidence == false touches (git-fixes). - IB/iser: Prevent invalidating wrong MR (git-fixes) - Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID (git-fixes). - Input: atkbd - skip ATKBD_CMD_GETID in translated mode (git-fixes). - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (git-fixes). - Input: atkbd - use ab83 as id when skipping the getid command (git-fixes). - Input: bcm5974 - check endpoint type before starting traffic (git-fixes). - Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes). - Input: xpad - add Razer Wolverine V2 support (git-fixes). - KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (git-fixes). - KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1218997). - KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322). - Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281). - PCI/AER: Configure ECRC only if AER is native (bsc#1218778) - PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes). - PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes). - PCI: keystone: Fix race condition when initializing PHYs (git-fixes). - PM: hibernate: Enforce ordering during image compression/decompression (git-fixes). - RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes) - RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes) - RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes) - RDMA/irdma: Add wait for suspend on SQD (git-fixes) - RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes) - RDMA/irdma: Do not modify to SQD on error (git-fixes) - RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes) - RDMA/irdma: Refactor error handling in create CQP (git-fixes) - RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes) - RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes) - RDMA/rtrs-clt: Start hb after path_up (git-fixes) - RDMA/rtrs-srv: Check return values while processing info request (git-fixes) - RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes) - RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes) - RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes) - RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes) - USB: xhci: workaround for grace period (git-fixes). - Update config files: enable ASoC AMD PS drivers (bsc#1219136) - Update patch reference for ax88179 fix (bsc#1218948) - acpi: property: Let args be NULL in __acpi_node_get_property_reference (git-fixes). - aio: fix mremap after fork null-deref (git-fixes). - apparmor: avoid crash when parsed profile name is empty (git-fixes). - arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 (jsc#PED-4729) - arm64: Add a capability for FEAT_ECV (jsc#PED-4729) Use cpu_hwcaps PLACEHOLDER_4 for HAS_ECV. - arm64: alternative: patch alternatives in the vDSO (jsc#PED-4729) - arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes) - arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes) - arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes) - arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes) - arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes) - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes) - arm64: module: move find_section to header (jsc#PED-4729) - arm64: vdso: Fix 'no previous prototype' warning (jsc#PED-4729) - arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729) - arm64: vdso: use SYS_CNTVCTSS_EL0 for gettimeofday (jsc#PED-4729) - asix: Add check for usbnet_get_endpoints (git-fixes). - attr: block mode changes of symlinks (git-fixes). - badblocks: add helper routines for badblock ranges handling (bsc#1174649). - badblocks: add more helper structure and routines in badblocks.h (bsc#1174649). - badblocks: avoid checking invalid range in badblocks_check() (bsc#1174649). - badblocks: improve badblocks_check() for multiple ranges handling (bsc#1174649). - badblocks: improve badblocks_clear() for multiple ranges handling (bsc#1174649). - badblocks: improve badblocks_set() for multiple ranges handling (bsc#1174649). - badblocks: switch to the improved badblock handling code (bsc#1174649). - bpf: Limit the number of kprobes when attaching program to multiple kprobes (git-fixes). - bus: mhi: host: Add alignment check for event ring read pointer (git-fixes). - bus: mhi: host: Add spinlock to protect WP access when queueing TREs (git-fixes). - bus: mhi: host: Drop chan lock before queuing buffers (git-fixes). - ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568). - clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (git-fixes). - clk: qcom: videocc-sm8150: Add missing PLL config property (git-fixes). - clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes). - clk: samsung: Fix kernel-doc comments (git-fixes). - clk: si5341: fix an error code problem in si5341_output_clk_set_rate (git-fixes). - clk: zynqmp: Add a check for NULL pointer (git-fixes). - clk: zynqmp: make bestdiv unsigned (git-fixes). - clocksource: Skip watchdog check for large watchdog intervals (git-fixes). - clocksource: disable watchdog checks on TSC when TSC is watchdog (bsc#1215885). - coresight: etm4x: Add ACPI support in platform driver (bsc#1218779) - coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779) - coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779) - coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779) - coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779) - coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779) - coresight: platform: acpi: Ignore the absence of graph (bsc#1218779) - crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes). - crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes). - crypto: sa2ul - Return crypto_aead_setkey to transfer the error (git-fixes). - crypto: sahara - do not resize req->src when doing hash operations (git-fixes). - crypto: sahara - fix ahash reqsize (git-fixes). - crypto: sahara - fix ahash selftest failure (git-fixes). - crypto: sahara - fix cbc selftest failure (git-fixes). - crypto: sahara - fix processing hash requests with req->nbytes &lt; sg->length (git-fixes). - crypto: sahara - fix processing requests with cryptlen &lt; sg->length (git-fixes). - crypto: sahara - fix wait_for_completion_timeout() error handling (git-fixes). - crypto: sahara - handle zero-length aes requests (git-fixes). - crypto: sahara - improve error handling in sahara_sha_process() (git-fixes). - crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes). - crypto: scomp - fix req->dst buffer overflow (git-fixes). - dma-debug: fix kernel-doc warnings (git-fixes). - dmaengine: fix NULL pointer in channel unregistration function (git-fixes). - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (git-fixes). - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (git-fixes). - dmaengine: idxd: Protect int_handle field in hw descriptor (git-fixes). - dmaengine: ti: k3-udma: Report short packet errors (git-fixes). - doc/README.KSYMS: Add to repo. - drivers/amd/pm: fix a use-after-free in kv_parse_power_table (git-fixes). - drivers: clk: zynqmp: calculate closest mux rate (git-fixes). - drivers: clk: zynqmp: update divider round rate logic (git-fixes). - drm/amd/display: Fix tiled display misalignment (git-fixes). - drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A (git-fixes). - drm/amd/display: add nv12 bounding box (git-fixes). - drm/amd/display: get dprefclk ss info from integration info table (git-fixes). - drm/amd/display: make flip_timestamp_in_us a 64-bit variable (git-fixes). - drm/amd/display: pbn_div need be updated for hotplug event (git-fixes). - drm/amd/display: update dcn315 lpddr pstate latency (git-fixes). - drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (git-fixes). - drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table (git-fixes). - drm/amd/pm: fix a double-free in si_dpm_init (git-fixes). - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' (git-fixes). - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes). - drm/amdgpu/pm: Fix the power source flag error (git-fixes). - drm/amdgpu: Add NULL checks for function pointers (git-fixes). - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (git-fixes). - drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' (git-fixes). - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer (git-fixes). - drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes). - drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' (git-fixes). - drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' (git-fixes). - drm/amdgpu: Let KFD sync with VM fences (git-fixes). - drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' (git-fixes). - drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (git-fixes). - drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes). - drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c (git-fixes). - drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' (git-fixes). - drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' (git-fixes). - drm/amdkfd: Fix lock dependency warning (git-fixes). - drm/amdkfd: Fix lock dependency warning with srcu (git-fixes). - drm/amdkfd: Use resource_size() helper function (git-fixes). - drm/amdkfd: fixes for HMM mem allocation (git-fixes). - drm/bridge: Fix typo in post_disable() description (git-fixes). - drm/bridge: anx7625: Ensure bridge is suspended in disable() (git-fixes). - drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (git-fixes). - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (git-fixes). - drm/bridge: nxp-ptn3460: simplify some error checking (git-fixes). - drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable() (git-fixes). - drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case (git-fixes). - drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer (git-fixes). - drm/bridge: tc358767: Fix return value on error case (git-fixes). - drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function (git-fixes). - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes). - drm/crtc: fix uninitialized variable use (git-fixes). - drm/drv: propagate errors from drm_modeset_register_all() (git-fixes). - drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (git-fixes). - drm/exynos: fix a potential error pointer dereference (git-fixes). - drm/exynos: fix a wrong error checking (git-fixes). - drm/exynos: fix accidental on-stack copy of exynos_drm_plane (git-fixes). - drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (git-fixes). - drm/framebuffer: Fix use of uninitialized variable (git-fixes). - drm/mediatek: Return error if MDP RDMA failed to enable the clock (git-fixes). - drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() (git-fixes). - drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes). - drm/msm/dpu: Set input_sel bit for INTF (git-fixes). - drm/msm/dpu: fix writeback programming for YUV cases (git-fixes). - drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match its functionality (git-fixes). - drm/msm/dsi: Enable runtime PM (git-fixes). - drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (git-fixes). - drm/msm/mdp4: flush vblank event on disable (git-fixes). - drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (git-fixes). - drm/panel-edp: Add override_edid_mode quirk for generic edp (git-fixes). - drm/panel-elida-kd35t133: hold panel in reset for unprepare (git-fixes). - drm/panel: nt35510: fix typo (git-fixes). - drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq (git-fixes). - drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() (git-fixes). - drm/radeon/dpm: fix a memleak in sumo_parse_power_table (git-fixes). - drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (git-fixes). - drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (git-fixes). - drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (git-fixes). - drm/radeon: check return value of radeon_ring_lock() (git-fixes). - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (git-fixes). - drm/tidss: Check for K2G in in dispc_softreset() (git-fixes). - drm/tidss: Fix atomic_flush check (git-fixes). - drm/tidss: Fix dss reset (git-fixes). - drm/tidss: Move reset to the end of dispc_init() (git-fixes). - drm/tidss: Return error value from from softreset (git-fixes). - drm/tilcdc: Fix irq free on unload (git-fixes). - drm: Do not unref the same fb many times by mistake due to deadlock handling (git-fixes). - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (git-fixes). - drm: using mul_u32_u32() requires linux/math64.h (git-fixes). - dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694) - efi/libstub: Disable PCI DMA before grabbing the EFI memory map (git-fixes). - eventfd: prevent underflow for eventfd semaphores (git-fixes). - exfat: fix reporting fs error when reading dir beyond EOF (git-fixes). - exfat: support handle zero-size directory (git-fixes). - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree (git-fixes). - fbdev: Only disable sysfb on the primary device (bsc#1216441) - fbdev: Only disable sysfb on the primary device (bsc#1216441) Update an existing patch to fix bsc#1216441. - fbdev: flush deferred IO before closing (git-fixes). - fbdev: flush deferred work in fb_deferred_io_fsync() (git-fixes). - fbdev: imxfb: fix left margin setting (git-fixes). - fbdev: mmp: Fix typo and wording in code comment (git-fixes). - firewire: core: correct documentation of fw_csr_string() kernel API (git-fixes). - firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (git-fixes). - firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (git-fixes). - fjes: fix memleaks in fjes_hw_setup (git-fixes). - fs/mount_setattr: always cleanup mount_kattr (git-fixes). - fs: Fix error checking for d_hash_and_lookup() (git-fixes). - fs: Move notify_change permission checks into may_setattr (git-fixes). - fs: do not audit the capability check in simple_xattr_list() (git-fixes). - fs: drop peer group ids under namespace lock (git-fixes). - fs: indicate request originates from old mount API (git-fixes). - fs: sendfile handles O_NONBLOCK of out_fd (git-fixes). - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659). - gfs2: Always check inode size of inline inodes (git-fixes). - gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes). - gfs2: Disable page faults during lockless buffered reads (git-fixes). - gfs2: Eliminate ip->i_gh (git-fixes). - gfs2: Eliminate vestigial HIF_FIRST (git-fixes). - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (git-fixes). - gfs2: Introduce flag for glock holder auto-demotion (git-fixes). - gfs2: Move the inode glock locking to gfs2_file_buffered_write (git-fixes). - gfs2: Remove redundant check from gfs2_glock_dq (git-fixes). - gfs2: Switch to wait_event in gfs2_logd (git-fixes). - gfs2: assign rgrp glock before compute_bitstructs (git-fixes). - gfs2: low-memory forced flush fixes (git-fixes). - gfs2: release iopen glock early in evict (git-fixes). - gpio: eic-sprd: Clear interrupt after set the interrupt type (git-fixes). - gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes). - hv_netvsc: rndis_filter needs to select NLS (git-fixes). - hwmon: (corsair-psu) Fix probe when built-in (git-fixes). - hwrng: core - Fix page fault dead lock on mmap-ed hwrng (git-fixes). - i2c: rk3x: fix potential spinlock recursion on poll (git-fixes). - i2c: s3c24xx: fix read transfers in polling mode (git-fixes). - i2c: s3c24xx: fix transferring more than one message in polling mode (git-fixes). - iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes). - iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes). - iio: adc: ad9467: do not ignore error codes (git-fixes). - iio: adc: ad9467: fix reset gpio handling (git-fixes). - ipmi: Use regspacings passed as a module parameter (git-fixes). - kabi, vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895). - kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136) - kabi/severities: ignore _rtl92c_phy_calculate_bit_shift symbol It's an internal function that shouldn't have been exported - kdb: Fix a potential buffer overflow in kdb_local() (git-fixes). - kernel-doc: handle a void function without producing a warning (git-fixes). - kernel-source: Fix description typo - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR (git-fixes). - leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes). - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (git-fixes). - libapi: Add missing linux/types.h header to get the __u64 type on io.h (git-fixes). - md: fix bi_status reporting in md_end_clone_io (bsc#1210443). - media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes). - media: dt-bindings: ov8856: decouple lanes and link frequency from driver (git-fixes). - media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() (git-fixes). - media: imx355: Enable runtime PM before registering async sub-device (git-fixes). - media: ov9734: Enable runtime PM before registering async sub-device (git-fixes). - media: pvrusb2: fix use after free on context disconnection (git-fixes). - media: rkisp1: Disable runtime PM in probe error path (git-fixes). - media: rkisp1: Fix media device memory leak (git-fixes). - media: rkisp1: Read the ID register at probe time instead of streamon (git-fixes). - media: videobuf2-dma-sg: fix vmap callback (git-fixes). - mfd: intel-lpss: Fix the fractional clock divider flags (git-fixes). - misc: fastrpc: Mark all sessions as invalid in cb_remove (git-fixes). - mkspec: Include constraints for both multibuild and plain package always There is no need to check for multibuild flag, the constraints can be always generated for both cases. - mkspec: Use variant in constraints template Constraints are not applied consistently with kernel package variants. Add variant to the constraints template as appropriate, and expand it in mkspec. - mm: fs: initialize fsdata passed to write_begin/write_end interface (git-fixes). - mmc: core: Cancel delayed work before releasing host (git-fixes). - modpost: move __attribute__((format(printf, 2, 3))) to modpost.h (git-fixes). - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (git-fixes). - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (git-fixes). - mtd: rawnand: pl353: Fix kernel doc (git-fixes). - mtd: rawnand: rockchip: Add missing title to a kernel doc comment (git-fixes). - mtd: rawnand: rockchip: Rename a structure (git-fixes). - net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes). - net: usb: ax88179_178a: Bind only to vendor-specific interface (bsc#1218948). - net: usb: ax88179_178a: avoid two consecutive device resets (bsc#1218948). - net: usb: ax88179_178a: move priv to driver_priv (git-fixes). - net: usb: ax88179_178a: remove redundant init code (git-fixes). - net: usb: ax88179_178a: restore state on resume (bsc#1218948). - nfc: nci: free rx_data_reassembly skb on NCI device cleanup (git-fixes). - nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968 bsc#1219349). - nfsd: fix RELEASE_LOCKOWNER (bsc#1218968). - nouveau/tu102: flush all pdbs on vmm flush (git-fixes). - nouveau/vmm: do not set addr on the fail path to avoid warning (git-fixes). - nsfs: add compat ioctl handler (git-fixes). - nvme-loop: always quiesce and cancel commands before destroying admin q (bsc#1211515). - nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes). - nvme-pci: fix sleeping function called from interrupt context (git-fixes). - nvme-rdma: Fix transfer length when write_generate/read_verify are 0 (git-fixes). - nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue() (bsc#1211515). - nvme: fix max_discard_sectors calculation (git-fixes). - nvme: introduce helper function to get ctrl state (git-fixes). - nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515). - nvme: start keep-alive after admin queue setup (bsc#1211515). - nvme: trace: avoid memcpy overflow warning (git-fixes). - nvmet: re-fix tracing strncpy() warning (git-fixes). - of: Fix double free in of_parse_phandle_with_args_map (git-fixes). - of: unittest: Fix of_count_phandle_with_args() expected value message (git-fixes). - parport: parport_serial: Add Brainboxes BAR details (git-fixes). - parport: parport_serial: Add Brainboxes device IDs and geometry (git-fixes). - perf/x86/intel/uncore: Factor out topology_gidnid_map() (bsc#1218958). - perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (bsc#1218958). - perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array (bsc#1219512). - phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (git-fixes). - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (git-fixes). - pinctrl: intel: Revert 'Unexport intel_pinctrl_probe()' (git-fixes). - platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620). - platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620). - platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620). - platform/x86/amd/hsmp: improve the error log (jsc#PED-7620). - platform/x86: ISST: Reduce noise for missing numa information in logs (bsc#1219285). - platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620). - power: supply: bq256xx: fix some problem in bq256xx_hw_init (git-fixes). - power: supply: cw2015: correct time_to_empty units in sysfs (git-fixes). - powerpc/fadump: reset dump area size if fadump memory reserve fails (bsc#1194869). - powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729). - powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes). - powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869). - powerpc/pseries/iommu: enable_ddw incorrectly returns direct mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes). - powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729). - powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (bsc#1194869). - powerpc/pseries: fix potential memory leak in init_cpu_associativity() (bsc#1194869). - powerpc/xive: Fix endian conversion size (bsc#1194869). - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes). - pwm: Fix out-of-bounds access in of_pwm_single_xlate() (git-fixes). - pwm: jz4740: Do not use dev_err_probe() in .request() (git-fixes). - pwm: stm32: Fix enable count for clk in .probe() (git-fixes). - pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (git-fixes). - pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (git-fixes). - r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes). - r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes). - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (git-fixes). - ring-buffer/Documentation: Add documentation on buffer_percent file (git-fixes). - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI (git-fixes). - s390/dasd: fix double module refcount decrement (bsc#1141539). - s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1219006). - s390/vfio-ap: always filter entire AP matrix (git-fixes bsc#1219012). - s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB (git-fixes bsc#1219014). - s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration (git-fixes bsc#1219013). - s390/vfio-ap: unpin pages on gisc registration failure (git-fixes bsc#1218723). - s390: vfio-ap: tighten the NIB validity check (git-fixes). - sched/isolation: add cpu_is_isolated() API (bsc#1217895). - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes). - scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes). - scsi: core: Always send batch on reset or error handling command (git-fixes). - scsi: fnic: Return error if vmalloc() failed (git-fixes). - scsi: hisi_sas: Correct the number of global debugfs registers (git-fixes). - scsi: hisi_sas: Fix normally completed I/O analysed as failed (git-fixes). - scsi: hisi_sas: Fix warnings detected by sparse (git-fixes). - scsi: hisi_sas: Modify v3 HW SATA completion error processing (git-fixes). - scsi: hisi_sas: Modify v3 HW SSP underflow error processing (git-fixes). - scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (git-fixes). - scsi: hisi_sas: Replace with standard error code return value (git-fixes). - scsi: hisi_sas: Rollback some operations if FLR failed (git-fixes). - scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (git-fixes). - scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code (git-fixes). - scsi: ibmvfc: Implement channel queue depth and event buffer accounting (bsc#1209834 ltc#202097). - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (bsc#1209834 ltc#202097). - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param() (git-fixes). - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes). - scsi: lpfc: Change VMID driver load time parameters to read only (bsc#1219582). - scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes (bsc#1219582). - scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC (bsc#1219582). - scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582). - scsi: megaraid_sas: Fix deadlock on firmware crashdump (git-fixes). - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes). - scsi: mpt3sas: Fix an outdated comment (git-fixes). - scsi: mpt3sas: Fix in error path (git-fixes). - scsi: mpt3sas: Fix loop logic (bsc#1219067). - scsi: mpt3sas: Fix loop logic (git-fixes). - scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes). - scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command (git-fixes). - scsi: qla2xxx: Fix system crash due to bad pointer access (git-fixes). - selftests/net: fix grep checking for fib_nexthop_multiprefix (git-fixes). - serial: 8250: omap: Do not skip resource freeing if pm_runtime_resume_and_get() failed (git-fixes). - serial: core: Fix atomicity violation in uart_tiocmget (git-fixes). - serial: imx: Correct clock error message in function probe() (git-fixes). - serial: imx: fix tx statemachine deadlock (git-fixes). - serial: max310x: fail probe if clock crystal is unstable (git-fixes). - serial: max310x: improve crystal stable clock detection (git-fixes). - serial: max310x: set default value when reading clock ready bit (git-fixes). - serial: sc16is7xx: add check for unsupported SPI modes during probe (git-fixes). - serial: sc16is7xx: set safe default SPI clock frequency (git-fixes). - serial: sccnxp: Improve error message if regulator_disable() fails (git-fixes). - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs (git-fixes). - software node: Let args be NULL in software_node_get_reference_args (git-fixes). - spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (git-fixes). - swiotlb-xen: provide the 'max_mapping_size' method (git-fixes). - swiotlb: fix a braino in the alignment check fix (bsc#1216559). - swiotlb: fix slot alignment checks (bsc#1216559). - trace,smp: Add tracepoints around remotelly called functions (bsc#1217895). - tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes). - tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes). - tracing: Add size check when printing trace_marker output (git-fixes). - tracing: Ensure visibility when inserting an element into tracing_map (git-fixes). - tracing: Fix uaf issue when open the hist or hist_debug file (git-fixes). - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing (git-fixes). - ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex (git-fixes). - ubifs: ubifs_link: Fix wrong name len calculating when UBIFS is encrypted (git-fixes). - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (git-fixes). - uio: Fix use-after-free in uio_open (git-fixes). - usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (git-fixes). - usb: cdns3: fix uvc failure work since sg support enabled (git-fixes). - usb: chipidea: wait controller resume finished for wakeup irq (git-fixes). - usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (git-fixes). - usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static (git-fixes). - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes). - usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). - usb: otg numberpad exception (bsc#1218527). - usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() (git-fixes). - usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). - usb: ucsi: Add missing ppm_lock (git-fixes). - usb: ucsi_acpi: Fix command completion handling (git-fixes). - usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (git-fixes). - usr/Kconfig: fix typos of 'its' (git-fixes). - vfs: make freeze_super abort when sync_filesystem returns error (git-fixes). - vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (git-fixes). - virtio-mmio: fix memory leak of vm_dev (git-fixes). - virtio_balloon: Fix endless deflation and inflation on arm64 (git-fixes). - vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895). - vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (git-fixes). - watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes). - watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (git-fixes). - watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused (git-fixes). - watchdog: set cdev owner before adding (git-fixes). - wifi: ath11k: Defer on rproc_get failure (git-fixes). - wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes). - wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes). - wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (git-fixes). - wifi: iwlwifi: pcie: avoid a NULL pointer dereference (git-fixes). - wifi: libertas: stop selecting wext (git-fixes). - wifi: mt76: fix broken precal loading from MTD for mt7915 (git-fixes). - wifi: mt76: mt7921s: fix workqueue problem causes STA association fail (git-fixes). - wifi: mwifiex: configure BSSID consistently when starting AP (git-fixes). - wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (git-fixes). - wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (git-fixes). - wifi: rtlwifi: add calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (git-fixes). - wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes). - x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616). - x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622). - x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623). - x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622). - x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616). - x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615). - x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615). - x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285). - x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM (git-fixes). - x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize hv_nmi_unknown() (git-fixes). - x86/mce: Cleanup mce_usable_address() (jsc#PED-7623). - x86/mce: Define amd_mce_usable_address() (jsc#PED-7623). - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (git-fixes). - xen/events: fix delayed eoi list handling (git-fixes). - xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes). - xhci: cleanup xhci_hub_control port references (git-fixes). - xhci: pass port pointer as parameter to xhci_set_port_power() (git-fixes). - xhci: track port suspend state correctly in unsuccessful resume cases (git-fixes). Important SUSE bug 1065729 SUSE bug 1108281 SUSE bug 1141539 SUSE bug 1174649 SUSE bug 1181674 SUSE bug 1193285 SUSE bug 1194869 SUSE bug 1209834 SUSE bug 1210443 SUSE bug 1211515 SUSE bug 1212091 SUSE bug 1214377 SUSE bug 1215275 SUSE bug 1215885 SUSE bug 1216441 SUSE bug 1216559 SUSE bug 1216702 SUSE bug 1217895 SUSE bug 1217987 SUSE bug 1217988 SUSE bug 1217989 SUSE bug 1218005 SUSE bug 1218447 SUSE bug 1218527 SUSE bug 1218659 SUSE bug 1218713 SUSE bug 1218723 SUSE bug 1218730 SUSE bug 1218738 SUSE bug 1218752 SUSE bug 1218757 SUSE bug 1218768 SUSE bug 1218778 SUSE bug 1218779 SUSE bug 1218804 SUSE bug 1218832 SUSE bug 1218836 SUSE bug 1218916 SUSE bug 1218948 SUSE bug 1218958 SUSE bug 1218968 SUSE bug 1218997 SUSE bug 1219006 SUSE bug 1219012 SUSE bug 1219013 SUSE bug 1219014 SUSE bug 1219053 SUSE bug 1219067 SUSE bug 1219120 SUSE bug 1219128 SUSE bug 1219136 SUSE bug 1219285 SUSE bug 1219349 SUSE bug 1219412 SUSE bug 1219429 SUSE bug 1219434 SUSE bug 1219490 SUSE bug 1219512 SUSE bug 1219568 SUSE bug 1219582 CVE-2021-33631 at SUSE CVE-2021-33631 at NVD CVE-2023-46838 at SUSE CVE-2023-46838 at NVD CVE-2023-47233 at SUSE CVE-2023-47233 at NVD CVE-2023-4921 at SUSE CVE-2023-4921 at NVD CVE-2023-51042 at SUSE CVE-2023-51042 at NVD CVE-2023-51043 at SUSE CVE-2023-51043 at NVD CVE-2023-51780 at SUSE CVE-2023-51780 at NVD CVE-2023-51782 at SUSE CVE-2023-51782 at NVD CVE-2023-6040 at SUSE CVE-2023-6040 at NVD CVE-2023-6356 at SUSE CVE-2023-6356 at NVD CVE-2023-6531 at SUSE CVE-2023-6531 at NVD CVE-2023-6535 at SUSE CVE-2023-6535 at NVD CVE-2023-6536 at SUSE CVE-2023-6536 at NVD CVE-2023-6915 at SUSE CVE-2023-6915 at NVD CVE-2024-0565 at SUSE CVE-2024-0565 at NVD CVE-2024-0641 at SUSE CVE-2024-0641 at NVD CVE-2024-0775 at SUSE CVE-2024-0775 at NVD CVE-2024-1085 at SUSE CVE-2024-1085 at NVD CVE-2024-1086 at SUSE CVE-2024-1086 at NVD cpe:/o:suse:sle-micro:5.5 Security update for salt (Important) SUSE Linux Enterprise Micro 5.5 This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) - CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) Bugs fixed: - Ensure that pillar refresh loads beacons from pillar without restart - Fix the aptpkg.py unit test failure - Prefer unittest.mock to python-mock in test suite - Enable 'KeepAlive' probes for Salt SSH executions (bsc#1211649) - Revert changes to set Salt configured user early in the stack (bsc#1216284) - Align behavior of some modules when using salt-call via symlink (bsc#1215963) - Fix gitfs '__env__' and improve cache cleaning (bsc#1193948) - Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed Important SUSE bug 1193948 SUSE bug 1211649 SUSE bug 1215963 SUSE bug 1216284 SUSE bug 1219430 SUSE bug 1219431 CVE-2024-22231 at SUSE CVE-2024-22231 at NVD CVE-2024-22232 at SUSE CVE-2024-22232 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219429). - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434). - CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128). - CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730). - CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836). - CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702). - CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275). - CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120). - CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053). - CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752). - CVE-2024-0641: Fixed a denial of service vulnerability in tipc_crypto_key_revoke in net/tipc/crypto.c (bsc#1218916). - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832). - CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804). - CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757). - CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447). - CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg() (bsc#1218689). - CVE-2024-24860: Fixed a denial of service caused by a race condition in {min,max}_key_size_set() (bsc#1219608). The following non-security bugs were fixed: - Documentation: RAS: Add index and address translation section (jsc#PED-7618). - ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes). - ACPI: LPSS: Fix the fractional clock divider flags (git-fixes). - ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377) - ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error (git-fixes). - ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377) - ACPI: property: Allow _DSD buffer data only for byte accessors (git-fixes). - ACPI: resource: Add another DMI match for the TongFang GMxXGxx (git-fixes). - ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377) - ACPI: video: check for error while searching for backlight device parent (git-fixes). - ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (git-fixes). - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (git-fixes). - ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models (git-fixes). - ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 (git-fixes). - ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook (git-fixes). - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (git-fixes). - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (git-fixes). - ALSA: hda: Refer to correct stream index at loops (git-fixes). - ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format (git-fixes). - ALSA: oxygen: Fix right channel of capture volume mixer (git-fixes). - ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes). - ASoC: Intel: Skylake: mem leak in skl register function (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (git-fixes). - ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch (git-fixes). - ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136). - ASoC: amd: Add check for acp config flags (bsc#1219136). - ASoC: amd: Add new dmi entries to config entry (bsc#1219136). - ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136). - ASoC: amd: Drop empty platform remove function (bsc#1219136). - ASoC: amd: Update Pink Sardine platform ACP register header (bsc#1219136). - ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION (git-fixes). - ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting Line Out (bsc#1219136). - ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp: Add TDM slots setting support for ACP I2S controller (bsc#1219136). - ASoC: amd: acp: Add TDM support for acp i2s stream (bsc#1219136). - ASoC: amd: acp: Add i2s tdm support in machine driver (bsc#1219136). - ASoC: amd: acp: Add kcontrols and widgets per-codec in common code (bsc#1219136). - ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common (git-fixes). - ASoC: amd: acp: Add new cpu dai's in machine driver (bsc#1219136). - ASoC: amd: acp: Add setbias level for rt5682s codec in machine driver (bsc#1219136). - ASoC: amd: acp: Enable i2s tdm support for skyrim platforms (bsc#1219136). - ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136). - ASoC: amd: acp: Initialize list to store acp_stream during pcm_open (bsc#1219136). - ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136). - ASoC: amd: acp: Modify dai_id macros to be more generic (bsc#1219136). - ASoC: amd: acp: Refactor bit width calculation (bsc#1219136). - ASoC: amd: acp: Refactor dai format implementation (bsc#1219136). - ASoC: amd: acp: Refactor i2s clocks programming sequence (bsc#1219136). - ASoC: amd: acp: add a label to make error path more clean (bsc#1219136). - ASoC: amd: acp: add acp i2s master clock generation for rembrandt platform (bsc#1219136). - ASoC: amd: acp: add pm ops support for acp pci driver (bsc#1219136). - ASoC: amd: acp: add pm ops support for rembrandt platform (bsc#1219136). - ASoC: amd: acp: clean up some inconsistent indentings (bsc#1219136). - ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136). - ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136). - ASoC: amd: acp: export config_acp_dma() and config_pte_for_stream() symbols (bsc#1219136). - ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies (bsc#1219136). - ASoC: amd: acp: move pdm macros to common header file (bsc#1219136). - ASoC: amd: acp: refactor the acp init and de-init sequence (bsc#1219136). - ASoC: amd: acp: rembrandt: Drop if blocks with always false condition (bsc#1219136). - ASoC: amd: acp: remove acp poweroff function (bsc#1219136). - ASoC: amd: acp: remove the redundant acp enable/disable interrupts functions (bsc#1219136). - ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136). - ASoC: amd: acp: store platform device reference created in pci probe call (bsc#1219136). - ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136). - ASoC: amd: acp: store xfer_resolution of the stream (bsc#1219136). - ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136). - ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc() (bsc#1219136). - ASoC: amd: acp: use function devm_kcalloc() instead of devm_kzalloc() (bsc#1219136). - ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136). - ASoC: amd: add Pink Sardine machine driver using dmic (bsc#1219136). - ASoC: amd: add Pink Sardine platform ACP IP register header (bsc#1219136). - ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136). - ASoC: amd: add acp6.2 irq handler (bsc#1219136). - ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136). - ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136). - ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136). - ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136). - ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver (bsc#1219136). - ASoC: amd: create platform device for acp6.2 machine driver (bsc#1219136). - ASoC: amd: enable Pink Sardine acp6.2 drivers build (bsc#1219136). - ASoC: amd: enable Pink sardine platform machine driver build (bsc#1219136). - ASoC: amd: fix ACP version typo mistake (bsc#1219136). - ASoC: amd: fix spelling mistake: 'i.e' -> 'i.e.' (bsc#1219136). - ASoC: amd: ps: Add a module parameter to influence pdm_gain (bsc#1219136). - ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136). - ASoC: amd: ps: Fix uninitialized ret in create_acp64_platform_devs() (bsc#1219136). - ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver (bsc#1219136). - ASoC: amd: ps: Update copyright notice (bsc#1219136). - ASoC: amd: ps: add mutex lock for accessing common registers (bsc#1219136). - ASoC: amd: ps: fix for acp_lock access in pdm driver (bsc#1219136). - ASoC: amd: ps: implement api to retrieve acp device config (bsc#1219136). - ASoC: amd: ps: move irq handler registration (bsc#1219136). - ASoC: amd: ps: refactor acp power on and reset functions (bsc#1219136). - ASoC: amd: ps: refactor platform device creation logic (bsc#1219136). - ASoC: amd: ps: remove the register read and write wrappers (bsc#1219136). - ASoC: amd: ps: remove unused variable (bsc#1219136). - ASoC: amd: ps: update dev index value in irq handler (bsc#1219136). - ASoC: amd: ps: update macros with ps platform naming convention (bsc#1219136). - ASoC: amd: ps: update the acp clock source (bsc#1219136). - ASoC: amd: ps: use acp_lock to protect common registers in pdm driver (bsc#1219136). - ASoC: amd: ps: use static function (bsc#1219136). - ASoC: amd: renoir: Add a module parameter to influence pdm_gain (bsc#1219136). - ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136). - ASoC: amd: update pm_runtime enable sequence (bsc#1219136). - ASoC: amd: vangogh: Add check for acp config flags in vangogh platform (bsc#1219136). - ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136). - ASoC: amd: vangogh: Remove unnecessary init function (bsc#1219136). - ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG (bsc#1219136). - ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136). - ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136). - ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table (bsc#1219136). - ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A42) (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43) (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming Laptop 15-fb0xxx (8A3E) (bsc#1219136). - ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx (8A22) (bsc#1219136). - ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12 (bsc#1219136). - ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13 (bsc#1219136). - ASoC: amd: yc: Add DMI support for new acer/emdoor platforms (bsc#1219136). - ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136). - ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table (bsc#1219136). - ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table (bsc#1219136). - ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table (bsc#1219136). - ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x (bsc#1219136). - ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table (bsc#1219136). - ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table (bsc#1219136). - ASoC: amd: yc: Add a module parameter to influence pdm_gain (bsc#1219136). - ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136). - ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136). - ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL (bsc#1219136). - ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA (bsc#1219136). - ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks (bsc#1219136). - ASoC: codecs: lpass-wsa-macro: fix compander volume hack (git-fixes). - ASoC: codecs: wcd938x: fix headphones volume controls (git-fixes). - ASoC: codecs: wcd938x: handle deferred probe (git-fixes). - ASoC: cs35l33: Fix GPIO name and drop legacy include (git-fixes). - ASoC: cs43130: Fix incorrect frame delay configuration (git-fixes). - ASoC: cs43130: Fix the position of const qualifier (git-fixes). - ASoC: da7219: Support low DC impedance headset (git-fixes). - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 (git-fixes). - ASoC: ops: add correct range check for limiting volume (git-fixes). - ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (git-fixes). - ASoC: rt5650: add mutex to avoid the jack detection failure (git-fixes). - ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes). - ASoC: wm8974: Correct boost mixer inputs (git-fixes). - Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136). - Bluetooth: Fix atomicity violation in {min,max}_key_size_set (git-fixes). - Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes). - Documentation: Begin a RAS section (jsc#PED-7622). - EDAC/amd64: Add MI300 row retirement support (jsc#PED-7618). - EDAC/amd64: Add context struct (jsc#PED-7615). - EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615). - EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616). - EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615). - EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622). - EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615). - EDAC/amd64: Cache and use GPU node map (jsc#PED-7616). - EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615). - EDAC/amd64: Do not set up EDAC PCI control on Family 17h+ (jsc#PED-7615). - EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616). - EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615). - EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615). - EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615). - EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615). - EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615). - EDAC/amd64: Remove early_channel_count() (jsc#PED-7615). - EDAC/amd64: Remove module version string (jsc#PED-7615). - EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615). - EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615). - EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615). - EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615). - EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false positive (jsc#PED-7615). - EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615). - EDAC/amd64: Use new AMD Address Translation Library (jsc#PED-7618). - EDAC/mc: Add new HBM2 memory type (jsc#PED-7616). - EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622). - EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622). - EDAC/thunderx: Fix possible out-of-bounds string access (git-fixes). - HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes). - HID: wacom: Correct behavior when processing some confidence == false touches (git-fixes). - IB/iser: Prevent invalidating wrong MR (git-fixes) - Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID (git-fixes). - Input: atkbd - skip ATKBD_CMD_GETID in translated mode (git-fixes). - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (git-fixes). - Input: atkbd - use ab83 as id when skipping the getid command (git-fixes). - Input: bcm5974 - check endpoint type before starting traffic (git-fixes). - Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes). - Input: xpad - add Razer Wolverine V2 support (git-fixes). - KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (git-fixes). - KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1218997). - KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322). - Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281). - PCI/AER: Configure ECRC only if AER is native (bsc#1218778) - PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes). - PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes). - PCI: keystone: Fix race condition when initializing PHYs (git-fixes). - PM: hibernate: Enforce ordering during image compression/decompression (git-fixes). - RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (jsc#PED-7618). - RAS/AMD/ATL: Add MI300 support (jsc#PED-7618). - RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (jsc#PED-7618). - RAS: Introduce AMD Address Translation Library (jsc#PED-7618). - RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes) - RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes) - RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes) - RDMA/irdma: Add wait for suspend on SQD (git-fixes) - RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes) - RDMA/irdma: Do not modify to SQD on error (git-fixes) - RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes) - RDMA/irdma: Refactor error handling in create CQP (git-fixes) - RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes) - RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes) - RDMA/rtrs-clt: Start hb after path_up (git-fixes) - RDMA/rtrs-srv: Check return values while processing info request (git-fixes) - RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes) - RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes) - RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes) - RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes) - USB: xhci: workaround for grace period (git-fixes). - Update config files: enable ASoC AMD PS drivers (bsc#1219136) - Update patch reference for ax88179 fix (bsc#1218948) - acpi: property: Let args be NULL in __acpi_node_get_property_reference (git-fixes). - aio: fix mremap after fork null-deref (git-fixes). - apparmor: avoid crash when parsed profile name is empty (git-fixes). - arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 (jsc#PED-4729) - arm64: Add a capability for FEAT_ECV (jsc#PED-4729) Use cpu_hwcaps PLACEHOLDER_4 for HAS_ECV. - arm64: alternative: patch alternatives in the vDSO (jsc#PED-4729) - arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes) - arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes) - arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes) - arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes) - arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes) - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes) - arm64: module: move find_section to header (jsc#PED-4729) - arm64: vdso: Fix 'no previous prototype' warning (jsc#PED-4729) - arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729) - arm64: vdso: use SYS_CNTVCTSS_EL0 for gettimeofday (jsc#PED-4729) - asix: Add check for usbnet_get_endpoints (git-fixes). - attr: block mode changes of symlinks (git-fixes). - badblocks: add helper routines for badblock ranges handling (bsc#1174649). - badblocks: add more helper structure and routines in badblocks.h (bsc#1174649). - badblocks: avoid checking invalid range in badblocks_check() (bsc#1174649). - badblocks: improve badblocks_check() for multiple ranges handling (bsc#1174649). - badblocks: improve badblocks_clear() for multiple ranges handling (bsc#1174649). - badblocks: improve badblocks_set() for multiple ranges handling (bsc#1174649). - badblocks: switch to the improved badblock handling code (bsc#1174649). - bpf: Limit the number of kprobes when attaching program to multiple kprobes (git-fixes). - bus: mhi: host: Add alignment check for event ring read pointer (git-fixes). - bus: mhi: host: Add spinlock to protect WP access when queueing TREs (git-fixes). - bus: mhi: host: Drop chan lock before queuing buffers (git-fixes). - ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568). - clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (git-fixes). - clk: qcom: videocc-sm8150: Add missing PLL config property (git-fixes). - clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes). - clk: samsung: Fix kernel-doc comments (git-fixes). - clk: si5341: fix an error code problem in si5341_output_clk_set_rate (git-fixes). - clk: zynqmp: Add a check for NULL pointer (git-fixes). - clk: zynqmp: make bestdiv unsigned (git-fixes). - clocksource: Skip watchdog check for large watchdog intervals (git-fixes). - clocksource: disable watchdog checks on TSC when TSC is watchdog (bsc#1215885). - coresight: etm4x: Add ACPI support in platform driver (bsc#1218779) - coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779) - coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779) - coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779) - coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779) - coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779) - coresight: platform: acpi: Ignore the absence of graph (bsc#1218779) - crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes). - crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes). - crypto: sa2ul - Return crypto_aead_setkey to transfer the error (git-fixes). - crypto: sahara - do not resize req->src when doing hash operations (git-fixes). - crypto: sahara - fix ahash reqsize (git-fixes). - crypto: sahara - fix ahash selftest failure (git-fixes). - crypto: sahara - fix cbc selftest failure (git-fixes). - crypto: sahara - fix processing hash requests with req->nbytes &lt; sg->length (git-fixes). - crypto: sahara - fix processing requests with cryptlen &lt; sg->length (git-fixes). - crypto: sahara - fix wait_for_completion_timeout() error handling (git-fixes). - crypto: sahara - handle zero-length aes requests (git-fixes). - crypto: sahara - improve error handling in sahara_sha_process() (git-fixes). - crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes). - crypto: scomp - fix req->dst buffer overflow (git-fixes). - dma-debug: fix kernel-doc warnings (git-fixes). - dmaengine: fix NULL pointer in channel unregistration function (git-fixes). - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (git-fixes). - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (git-fixes). - dmaengine: idxd: Protect int_handle field in hw descriptor (git-fixes). - dmaengine: ti: k3-udma: Report short packet errors (git-fixes). - doc/README.KSYMS: Add to repo. - docs: Store the old kernel changelog entries in kernel-docs package (bsc#1218713). - drivers/amd/pm: fix a use-after-free in kv_parse_power_table (git-fixes). - drivers: clk: zynqmp: calculate closest mux rate (git-fixes). - drivers: clk: zynqmp: update divider round rate logic (git-fixes). - drm/amd/display: Fix tiled display misalignment (git-fixes). - drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A (git-fixes). - drm/amd/display: add nv12 bounding box (git-fixes). - drm/amd/display: get dprefclk ss info from integration info table (git-fixes). - drm/amd/display: make flip_timestamp_in_us a 64-bit variable (git-fixes). - drm/amd/display: pbn_div need be updated for hotplug event (git-fixes). - drm/amd/display: update dcn315 lpddr pstate latency (git-fixes). - drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (git-fixes). - drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table (git-fixes). - drm/amd/pm: fix a double-free in si_dpm_init (git-fixes). - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' (git-fixes). - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes). - drm/amdgpu/pm: Fix the power source flag error (git-fixes). - drm/amdgpu: Add NULL checks for function pointers (git-fixes). - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (git-fixes). - drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' (git-fixes). - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer (git-fixes). - drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes). - drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' (git-fixes). - drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' (git-fixes). - drm/amdgpu: Let KFD sync with VM fences (git-fixes). - drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' (git-fixes). - drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (git-fixes). - drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes). - drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c (git-fixes). - drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' (git-fixes). - drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' (git-fixes). - drm/amdkfd: Fix lock dependency warning (git-fixes). - drm/amdkfd: Fix lock dependency warning with srcu (git-fixes). - drm/amdkfd: Use resource_size() helper function (git-fixes). - drm/amdkfd: fixes for HMM mem allocation (git-fixes). - drm/bridge: Fix typo in post_disable() description (git-fixes). - drm/bridge: anx7625: Ensure bridge is suspended in disable() (git-fixes). - drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (git-fixes). - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (git-fixes). - drm/bridge: nxp-ptn3460: simplify some error checking (git-fixes). - drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable() (git-fixes). - drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case (git-fixes). - drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer (git-fixes). - drm/bridge: tc358767: Fix return value on error case (git-fixes). - drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function (git-fixes). - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes). - drm/crtc: fix uninitialized variable use (git-fixes). - drm/drv: propagate errors from drm_modeset_register_all() (git-fixes). - drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (git-fixes). - drm/exynos: fix a potential error pointer dereference (git-fixes). - drm/exynos: fix a wrong error checking (git-fixes). - drm/exynos: fix accidental on-stack copy of exynos_drm_plane (git-fixes). - drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (git-fixes). - drm/framebuffer: Fix use of uninitialized variable (git-fixes). - drm/mediatek: Return error if MDP RDMA failed to enable the clock (git-fixes). - drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() (git-fixes). - drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes). - drm/msm/dpu: Set input_sel bit for INTF (git-fixes). - drm/msm/dpu: fix writeback programming for YUV cases (git-fixes). - drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match its functionality (git-fixes). - drm/msm/dsi: Enable runtime PM (git-fixes). - drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (git-fixes). - drm/msm/mdp4: flush vblank event on disable (git-fixes). - drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (git-fixes). - drm/panel-edp: Add override_edid_mode quirk for generic edp (git-fixes). - drm/panel-elida-kd35t133: hold panel in reset for unprepare (git-fixes). - drm/panel: nt35510: fix typo (git-fixes). - drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq (git-fixes). - drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() (git-fixes). - drm/radeon/dpm: fix a memleak in sumo_parse_power_table (git-fixes). - drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (git-fixes). - drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (git-fixes). - drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (git-fixes). - drm/radeon: check return value of radeon_ring_lock() (git-fixes). - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (git-fixes). - drm/tidss: Check for K2G in in dispc_softreset() (git-fixes). - drm/tidss: Fix atomic_flush check (git-fixes). - drm/tidss: Fix dss reset (git-fixes). - drm/tidss: Move reset to the end of dispc_init() (git-fixes). - drm/tidss: Return error value from from softreset (git-fixes). - drm/tilcdc: Fix irq free on unload (git-fixes). - drm: Do not unref the same fb many times by mistake due to deadlock handling (git-fixes). - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (git-fixes). - drm: using mul_u32_u32() requires linux/math64.h (git-fixes). - dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694) - efi/libstub: Disable PCI DMA before grabbing the EFI memory map (git-fixes). - eventfd: prevent underflow for eventfd semaphores (git-fixes). - exfat: fix reporting fs error when reading dir beyond EOF (git-fixes). - exfat: support handle zero-size directory (git-fixes). - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree (git-fixes). - fbdev: Only disable sysfb on the primary device (bsc#1216441) - fbdev: Only disable sysfb on the primary device (bsc#1216441) Update an existing patch to fix bsc#1216441. - fbdev: flush deferred IO before closing (git-fixes). - fbdev: flush deferred work in fb_deferred_io_fsync() (git-fixes). - fbdev: imxfb: fix left margin setting (git-fixes). - fbdev: mmp: Fix typo and wording in code comment (git-fixes). - firewire: core: correct documentation of fw_csr_string() kernel API (git-fixes). - firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (git-fixes). - firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (git-fixes). - fjes: fix memleaks in fjes_hw_setup (git-fixes). - fs/mount_setattr: always cleanup mount_kattr (git-fixes). - fs: Fix error checking for d_hash_and_lookup() (git-fixes). - fs: Move notify_change permission checks into may_setattr (git-fixes). - fs: do not audit the capability check in simple_xattr_list() (git-fixes). - fs: drop peer group ids under namespace lock (git-fixes). - fs: indicate request originates from old mount API (git-fixes). - fs: sendfile handles O_NONBLOCK of out_fd (git-fixes). - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659). - gfs2: Always check inode size of inline inodes (git-fixes). - gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes). - gfs2: Disable page faults during lockless buffered reads (git-fixes). - gfs2: Eliminate ip->i_gh (git-fixes). - gfs2: Eliminate vestigial HIF_FIRST (git-fixes). - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (git-fixes). - gfs2: Introduce flag for glock holder auto-demotion (git-fixes). - gfs2: Move the inode glock locking to gfs2_file_buffered_write (git-fixes). - gfs2: Remove redundant check from gfs2_glock_dq (git-fixes). - gfs2: Switch to wait_event in gfs2_logd (git-fixes). - gfs2: assign rgrp glock before compute_bitstructs (git-fixes). - gfs2: low-memory forced flush fixes (git-fixes). - gfs2: release iopen glock early in evict (git-fixes). - gpio: eic-sprd: Clear interrupt after set the interrupt type (git-fixes). - gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes). - hv_netvsc: rndis_filter needs to select NLS (git-fixes). - hwmon: (corsair-psu) Fix probe when built-in (git-fixes). - hwrng: core - Fix page fault dead lock on mmap-ed hwrng (git-fixes). - i2c: rk3x: fix potential spinlock recursion on poll (git-fixes). - i2c: s3c24xx: fix read transfers in polling mode (git-fixes). - i2c: s3c24xx: fix transferring more than one message in polling mode (git-fixes). - iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes). - iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes). - iio: adc: ad9467: do not ignore error codes (git-fixes). - iio: adc: ad9467: fix reset gpio handling (git-fixes). - ipmi: Use regspacings passed as a module parameter (git-fixes). - kabi, vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895). - kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136) - kdb: Fix a potential buffer overflow in kdb_local() (git-fixes). - kernel-doc: handle a void function without producing a warning (git-fixes). - kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR (git-fixes). - leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes). - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (git-fixes). - libapi: Add missing linux/types.h header to get the __u64 type on io.h (git-fixes). - md: fix bi_status reporting in md_end_clone_io (bsc#1210443). - media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes). - media: dt-bindings: ov8856: decouple lanes and link frequency from driver (git-fixes). - media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() (git-fixes). - media: imx355: Enable runtime PM before registering async sub-device (git-fixes). - media: ov9734: Enable runtime PM before registering async sub-device (git-fixes). - media: pvrusb2: fix use after free on context disconnection (git-fixes). - media: rkisp1: Disable runtime PM in probe error path (git-fixes). - media: rkisp1: Fix media device memory leak (git-fixes). - media: rkisp1: Read the ID register at probe time instead of streamon (git-fixes). - media: videobuf2-dma-sg: fix vmap callback (git-fixes). - mfd: intel-lpss: Fix the fractional clock divider flags (git-fixes). - misc: fastrpc: Mark all sessions as invalid in cb_remove (git-fixes). - mm: fs: initialize fsdata passed to write_begin/write_end interface (git-fixes). - mmc: core: Cancel delayed work before releasing host (git-fixes). - modpost: move __attribute__((format(printf, 2, 3))) to modpost.h (git-fixes). - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (git-fixes). - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (git-fixes). - mtd: rawnand: pl353: Fix kernel doc (git-fixes). - mtd: rawnand: rockchip: Add missing title to a kernel doc comment (git-fixes). - mtd: rawnand: rockchip: Rename a structure (git-fixes). - net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes). - net: usb: ax88179_178a: Bind only to vendor-specific interface (bsc#1218948). - net: usb: ax88179_178a: avoid two consecutive device resets (bsc#1218948). - net: usb: ax88179_178a: move priv to driver_priv (git-fixes). - net: usb: ax88179_178a: remove redundant init code (git-fixes). - net: usb: ax88179_178a: restore state on resume (bsc#1218948). - nfc: nci: free rx_data_reassembly skb on NCI device cleanup (git-fixes). - nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968 bsc#1219349). - nfsd: fix RELEASE_LOCKOWNER (bsc#1218968). - nouveau/tu102: flush all pdbs on vmm flush (git-fixes). - nouveau/vmm: do not set addr on the fail path to avoid warning (git-fixes). - nsfs: add compat ioctl handler (git-fixes). - nvme-loop: always quiesce and cancel commands before destroying admin q (bsc#1211515). - nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes). - nvme-pci: fix sleeping function called from interrupt context (git-fixes). - nvme-rdma: Fix transfer length when write_generate/read_verify are 0 (git-fixes). - nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue() (bsc#1211515). - nvme: fix max_discard_sectors calculation (git-fixes). - nvme: introduce helper function to get ctrl state (git-fixes). - nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515). - nvme: start keep-alive after admin queue setup (bsc#1211515). - nvme: trace: avoid memcpy overflow warning (git-fixes). - nvmet: re-fix tracing strncpy() warning (git-fixes). - of: Fix double free in of_parse_phandle_with_args_map (git-fixes). - of: unittest: Fix of_count_phandle_with_args() expected value message (git-fixes). - parport: parport_serial: Add Brainboxes BAR details (git-fixes). - parport: parport_serial: Add Brainboxes device IDs and geometry (git-fixes). - pci: Drop PCI vmd patches that caused a regression (bsc#1218005) - perf/x86/intel/uncore: Factor out topology_gidnid_map() (bsc#1218958). - perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (bsc#1218958). - perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array (bsc#1219512). - phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (git-fixes). - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (git-fixes). - pinctrl: intel: Revert 'Unexport intel_pinctrl_probe()' (git-fixes). - platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620). - platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620). - platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620). - platform/x86/amd/hsmp: improve the error log (jsc#PED-7620). - platform/x86: ISST: Reduce noise for missing numa information in logs (bsc#1219285). - platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620). - power: supply: bq256xx: fix some problem in bq256xx_hw_init (git-fixes). - power: supply: cw2015: correct time_to_empty units in sysfs (git-fixes). - powerpc/fadump: reset dump area size if fadump memory reserve fails (bsc#1194869). - powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729). - powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes). - powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869). - powerpc/pseries/iommu: enable_ddw incorrectly returns direct mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes). - powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729). - powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (bsc#1194869). - powerpc/pseries: fix potential memory leak in init_cpu_associativity() (bsc#1194869). - powerpc/xive: Fix endian conversion size (bsc#1194869). - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes). - pwm: Fix out-of-bounds access in of_pwm_single_xlate() (git-fixes). - pwm: jz4740: Do not use dev_err_probe() in .request() (git-fixes). - pwm: stm32: Fix enable count for clk in .probe() (git-fixes). - pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (git-fixes). - pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (git-fixes). - r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes). - r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes). - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (git-fixes). - ring-buffer/Documentation: Add documentation on buffer_percent file (git-fixes). - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI (git-fixes). - s390/dasd: fix double module refcount decrement (bsc#1141539). - s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1219006). - s390/vfio-ap: always filter entire AP matrix (git-fixes bsc#1219012). - s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB (git-fixes bsc#1219014). - s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration (git-fixes bsc#1219013). - s390/vfio-ap: unpin pages on gisc registration failure (git-fixes bsc#1218723). - sched/isolation: add cpu_is_isolated() API (bsc#1217895). - scripts/kernel-doc: restore warning for Excess struct/union (git-fixes). - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes). - scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes). - scsi: core: Always send batch on reset or error handling command (git-fixes). - scsi: fnic: Return error if vmalloc() failed (git-fixes). - scsi: hisi_sas: Correct the number of global debugfs registers (git-fixes). - scsi: hisi_sas: Fix normally completed I/O analysed as failed (git-fixes). - scsi: hisi_sas: Fix warnings detected by sparse (git-fixes). - scsi: hisi_sas: Modify v3 HW SATA completion error processing (git-fixes). - scsi: hisi_sas: Modify v3 HW SSP underflow error processing (git-fixes). - scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (git-fixes). - scsi: hisi_sas: Replace with standard error code return value (git-fixes). - scsi: hisi_sas: Rollback some operations if FLR failed (git-fixes). - scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (git-fixes). - scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code (git-fixes). - scsi: ibmvfc: Implement channel queue depth and event buffer accounting (bsc#1209834 ltc#202097). - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (bsc#1209834 ltc#202097). - scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param() (git-fixes). - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes). - scsi: lpfc: Change VMID driver load time parameters to read only (bsc#1219582). - scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes (bsc#1219582). - scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC (bsc#1219582). - scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582). - scsi: megaraid_sas: Fix deadlock on firmware crashdump (git-fixes). - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes). - scsi: mpt3sas: Fix an outdated comment (git-fixes). - scsi: mpt3sas: Fix in error path (git-fixes). - scsi: mpt3sas: Fix loop logic (bsc#1219067). - scsi: mpt3sas: Fix loop logic (git-fixes). - scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes). - scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command (git-fixes). - scsi: qla2xxx: Fix system crash due to bad pointer access (git-fixes). - selftests/net: fix grep checking for fib_nexthop_multiprefix (git-fixes). - serial: 8250: omap: Do not skip resource freeing if pm_runtime_resume_and_get() failed (git-fixes). - serial: core: Fix atomicity violation in uart_tiocmget (git-fixes). - serial: imx: Correct clock error message in function probe() (git-fixes). - serial: imx: fix tx statemachine deadlock (git-fixes). - serial: max310x: fail probe if clock crystal is unstable (git-fixes). - serial: max310x: improve crystal stable clock detection (git-fixes). - serial: max310x: set default value when reading clock ready bit (git-fixes). - serial: sc16is7xx: add check for unsupported SPI modes during probe (git-fixes). - serial: sc16is7xx: set safe default SPI clock frequency (git-fixes). - serial: sccnxp: Improve error message if regulator_disable() fails (git-fixes). - series.conf: the patch is not in git and breaks series_insert.py - shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs (git-fixes). - software node: Let args be NULL in software_node_get_reference_args (git-fixes). - spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (git-fixes). - swiotlb-xen: provide the 'max_mapping_size' method (git-fixes). - swiotlb: fix a braino in the alignment check fix (bsc#1216559). - swiotlb: fix slot alignment checks (bsc#1216559). - trace,smp: Add tracepoints around remotelly called functions (bsc#1217895). - tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes). - tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes). - tracing: Add size check when printing trace_marker output (git-fixes). - tracing: Ensure visibility when inserting an element into tracing_map (git-fixes). - tracing: Fix uaf issue when open the hist or hist_debug file (git-fixes). - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing (git-fixes). - tracing: Increase trace array ref count on enable and filter files (bsc#1219490). - ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex (git-fixes). - ubifs: ubifs_link: Fix wrong name len calculating when UBIFS is encrypted (git-fixes). - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (git-fixes). - uio: Fix use-after-free in uio_open (git-fixes). - usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (git-fixes). - usb: cdns3: fix uvc failure work since sg support enabled (git-fixes). - usb: chipidea: wait controller resume finished for wakeup irq (git-fixes). - usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (git-fixes). - usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static (git-fixes). - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes). - usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). - usb: otg numberpad exception (bsc#1218527). - usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() (git-fixes). - usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). - usb: ucsi: Add missing ppm_lock (git-fixes). - usb: ucsi_acpi: Fix command completion handling (git-fixes). - usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (git-fixes). - usr/Kconfig: fix typos of 'its' (git-fixes). - vfs: make freeze_super abort when sync_filesystem returns error (git-fixes). - vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (git-fixes). - virtio-mmio: fix memory leak of vm_dev (git-fixes). - virtio_balloon: Fix endless deflation and inflation on arm64 (git-fixes). - vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895). - vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (git-fixes). - watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes). - watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (git-fixes). - watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused (git-fixes). - watchdog: set cdev owner before adding (git-fixes). - wifi: ath11k: Defer on rproc_get failure (git-fixes). - wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes). - wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes). - wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (git-fixes). - wifi: iwlwifi: pcie: avoid a NULL pointer dereference (git-fixes). - wifi: libertas: stop selecting wext (git-fixes). - wifi: mt76: fix broken precal loading from MTD for mt7915 (git-fixes). - wifi: mt76: mt7921s: fix workqueue problem causes STA association fail (git-fixes). - wifi: mwifiex: configure BSSID consistently when starting AP (git-fixes). - wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (git-fixes). - wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (git-fixes). - wifi: rtlwifi: add calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (git-fixes). - wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (git-fixes). - wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes). - x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616). - x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622). - x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623). - x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622). - x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616). - x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615). - x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615). - x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285). - x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM (git-fixes). - x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize hv_nmi_unknown() (git-fixes). - x86/mce: Cleanup mce_usable_address() (jsc#PED-7623). - x86/mce: Define amd_mce_usable_address() (jsc#PED-7623). - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (git-fixes). - xen/events: fix delayed eoi list handling (git-fixes). - xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes). - xhci: cleanup xhci_hub_control port references (git-fixes). - xhci: pass port pointer as parameter to xhci_set_port_power() (git-fixes). - xhci: track port suspend state correctly in unsuccessful resume cases (git-fixes). Important SUSE bug 1065729 SUSE bug 1108281 SUSE bug 1141539 SUSE bug 1174649 SUSE bug 1181674 SUSE bug 1193285 SUSE bug 1194869 SUSE bug 1209834 SUSE bug 1210443 SUSE bug 1211515 SUSE bug 1212091 SUSE bug 1214377 SUSE bug 1215275 SUSE bug 1215885 SUSE bug 1216441 SUSE bug 1216559 SUSE bug 1216702 SUSE bug 1217895 SUSE bug 1217987 SUSE bug 1217988 SUSE bug 1217989 SUSE bug 1218005 SUSE bug 1218447 SUSE bug 1218527 SUSE bug 1218659 SUSE bug 1218689 SUSE bug 1218713 SUSE bug 1218723 SUSE bug 1218730 SUSE bug 1218752 SUSE bug 1218757 SUSE bug 1218768 SUSE bug 1218778 SUSE bug 1218779 SUSE bug 1218804 SUSE bug 1218832 SUSE bug 1218836 SUSE bug 1218916 SUSE bug 1218948 SUSE bug 1218958 SUSE bug 1218968 SUSE bug 1218997 SUSE bug 1219006 SUSE bug 1219012 SUSE bug 1219013 SUSE bug 1219014 SUSE bug 1219053 SUSE bug 1219067 SUSE bug 1219120 SUSE bug 1219128 SUSE bug 1219136 SUSE bug 1219285 SUSE bug 1219349 SUSE bug 1219412 SUSE bug 1219429 SUSE bug 1219434 SUSE bug 1219490 SUSE bug 1219512 SUSE bug 1219568 SUSE bug 1219582 SUSE bug 1219608 CVE-2021-33631 at SUSE CVE-2021-33631 at NVD CVE-2023-46838 at SUSE CVE-2023-46838 at NVD CVE-2023-47233 at SUSE CVE-2023-47233 at NVD CVE-2023-4921 at SUSE CVE-2023-4921 at NVD CVE-2023-51042 at SUSE CVE-2023-51042 at NVD CVE-2023-51043 at SUSE CVE-2023-51043 at NVD CVE-2023-51780 at SUSE CVE-2023-51780 at NVD CVE-2023-51782 at SUSE CVE-2023-51782 at NVD CVE-2023-6040 at SUSE CVE-2023-6040 at NVD CVE-2023-6356 at SUSE CVE-2023-6356 at NVD CVE-2023-6531 at SUSE CVE-2023-6531 at NVD CVE-2023-6535 at SUSE CVE-2023-6535 at NVD CVE-2023-6536 at SUSE CVE-2023-6536 at NVD CVE-2023-6915 at SUSE CVE-2023-6915 at NVD CVE-2024-0340 at SUSE CVE-2024-0340 at NVD CVE-2024-0565 at SUSE CVE-2024-0565 at NVD CVE-2024-0641 at SUSE CVE-2024-0641 at NVD CVE-2024-0775 at SUSE CVE-2024-0775 at NVD CVE-2024-1085 at SUSE CVE-2024-1085 at NVD CVE-2024-1086 at SUSE CVE-2024-1086 at NVD CVE-2024-24860 at SUSE CVE-2024-24860 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). Moderate SUSE bug 1219243 CVE-2024-0727 at SUSE CVE-2024-0727 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576). Moderate SUSE bug 1219576 CVE-2024-25062 at SUSE CVE-2024-25062 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libssh2_org (Important) SUSE Linux Enterprise Micro 5.5 This update for libssh2_org fixes the following issues: - Always add the KEX pseudo-methods 'ext-info-c' and 'kex-strict-c-v00@openssh.com' when configuring custom method list. [bsc#1218971, CVE-2023-48795] * The strict-kex extension is announced in the list of available KEX methods. However, when the default KEX method list is modified or replaced, the extension is not added back automatically. Important SUSE bug 1218971 CVE-2023-48795 at SUSE CVE-2023-48795 at NVD cpe:/o:suse:sle-micro:5.5 Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 fixes the following issues: abseil-cpp was updated to: Update to 20230802.1: * Add StdcppWaiter to the end of the list of waiter implementations Update to 20230802.0 What's New: * Added the nullability library for designating the expected nullability of pointers. Currently these serve as annotations only, but it is expected that compilers will one day be able to use these annotations for diagnostic purposes. * Added the prefetch library as a portable layer for moving data into caches before it is read. * Abseil's hash tables now detect many more programming errors in debug and sanitizer builds. * Abseil's synchronization objects now differentiate absolute waits (when passed an absl::Time) from relative waits (when passed an absl::Duration) when the underlying platform supports differentiating these cases. This only makes a difference when system clocks are adjusted. * Abseil's flag parsing library includes additional methods that make it easier to use when another library also expects to be able to parse flags. * absl::string_view is now available as a smaller target, @com_google_absl//absl/strings:string_view, so that users may use this library without depending on the much larger @com_google_absl//absl/strings target. Update to 20230125.3 Details can be found on: https://github.com/abseil/abseil-cpp/releases/tag/20230125.3 Update to 20230125.2 What's New: The Abseil logging library has been released. This library provides facilities for writing short text messages about the status of a program to stderr, disk files, or other sinks (via an extension API). See the logging library documentation for more information. An extension point, AbslStringify(), allows user-defined types to seamlessly work with Abseil's string formatting functions like absl::StrCat() and absl::StrFormat(). A library for computing CRC32C checksums has been added. Floating-point parsing now uses the Eisel-Lemire algorithm, which provides a significant speed improvement. The flags library now provides suggestions for the closest flag(s) in the case of misspelled flags. Using CMake to install Abseil now makes the installed artifacts (in particular absl/base/options.h) reflect the compiled ABI. Breaking Changes: Abseil now requires at least C++14 and follows Google's Foundational C++ Support Policy. See this table for a list of currently supported versions compilers, platforms, and build tools. The legacy spellings of the thread annotation macros/functions (e.g. GUARDED_BY()) have been removed by default in favor of the ABSL_ prefixed versions (e.g. ABSL_GUARDED_BY()) due to clashes with other libraries. The compatibility macro ABSL_LEGACY_THREAD_ANNOTATIONS can be defined on the compile command-line to temporarily restore these spellings, but this compatibility macro will be removed in the future. Known Issues The Abseil logging library in this release is not a feature-complete replacement for glog yet. VLOG and DFATAL are examples of features that have not yet been released. Update to version 20220623.0 What's New: * Added absl::AnyInvocable, a move-only function type. * Added absl::CordBuffer, a type for buffering data for eventual inclusion an absl::Cord, which is useful for writing zero-copy code. * Added support for command-line flags of type absl::optional<T>. Breaking Changes: * CMake builds now use the flag ABSL_BUILD_TESTING (default: OFF) to control whether or not unit tests are built. * The ABSL_DEPRECATED macro now works with the GCC compiler. GCC users that are experiencing new warnings can use -Wno-deprecated-declatations silence the warnings or use -Wno-error=deprecated-declarations to see warnings but not fail the build. * ABSL_CONST_INIT uses the C++20 keyword constinit when available. Some compilers are more strict about where this keyword must appear compared to the pre-C++20 implementation. * Bazel builds now depend on the bazelbuild/bazel-skylib repository. See Abseil's WORKSPACE file for an example of how to add this dependency. Other: * This will be the last release to support C++11. Future releases will require at least C++14. grpc was updated to 1.60: Update to release 1.60 * Implemented dualstack IPv4 and IPv6 backend support, as per draft gRFC A61. xDS support currently guarded by GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS env var. * Support for setting proxy for addresses. * Add v1 reflection. update to 1.59.3: * Security - Revocation: Crl backport to 1.59. (#34926) Update to release 1.59.2 * Fixes for CVE-2023-44487 Update to version 1.59.1: * C++: Fix MakeCordFromSlice memory bug (gh#grpc/grpc#34552). Update to version 1.59.0: * xds ssa: Remove environment variable protection for stateful affinity (gh#grpc/grpc#34435). * c-ares: fix spin loop bug when c-ares gives up on a socket that still has data left in its read buffer (gh#grpc/grpc#34185). * Deps: Adding upb as a submodule (gh#grpc/grpc#34199). * EventEngine: Update Cancel contract on closure deletion timeline (gh#grpc/grpc#34167). * csharp codegen: Handle empty base_namespace option value to fix gh#grpc/grpc#34113 (gh#grpc/grpc#34137). * Ruby: - replace strdup with gpr_strdup (gh#grpc/grpc#34177). - drop ruby 2.6 support (gh#grpc/grpc#34198). Update to release 1.58.1 * Reintroduced c-ares 1.14 or later support Update to release 1.58 * ruby extension: remove unnecessary background thread startup wait logic that interferes with forking Update to release 1.57 (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148) * EventEngine: Change GetDNSResolver to return absl::StatusOr<std::unique_ptr<DNSResolver>>. * Improve server handling of file descriptor exhaustion. * Add a channel argument to set DSCP on streams. Update to release 1.56.2 * Improve server handling of file descriptor exhaustion Update to release 1.56.0 (CVE-2023-32731, bsc#1212180) * core: Add support for vsock transport. * EventEngine: Change TXT lookup result type to std::vector<std::string>. * C++/Authz: support customizable audit functionality for authorization policy. Update to release 1.54.1 * Bring declarations and definitions to be in sync Update to release 1.54 (CVE-2023-32732, bsc#1212182) * XDS: enable XDS federation by default * TlsCreds: Support revocation of intermediate in chain Update to release 1.51.1 * Only a macOS/aarch64-related change Update to release 1.51 * c-ares DNS resolver: fix logical race between resolution timeout/cancellation and fd readability. * Remove support for pthread TLS Update to release 1.50.0 * Core - Derive EventEngine from std::enable_shared_from_this. (#31060) - Revert 'Revert '[chttp2] fix stream leak with queued flow control update and absence of writes (#30907)' (#30991)'. (#30992) - [chttp2] fix stream leak with queued flow control update and absence of writes. (#30907) - Remove gpr_codegen. (#30899) - client_channel: allow LB policy to communicate update errors to resolver. (#30809) - FaultInjection: Fix random number generation. (#30623) * C++ - OpenCensus Plugin: Add measure and views for started RPCs. (#31034) * C# - Grpc.Tools: Parse warnings from libprotobuf (fix #27502). (#30371) - Grpc.Tools add support for env variable GRPC_PROTOC_PLUGIN (fix #27099). (#30411) - Grpc.Tools document AdditionalImportDirs. (#30405) - Fix OutputOptions and GrpcOutputOptions (issue #25950). (#30410) Update to release 1.49.1 * All - Update protobuf to v21.6 on 1.49.x. (#31028) * Ruby - Backport 'Fix ruby windows ucrt build #31051' to 1.49.x. (#31053) Update to release 1.49.0 * Core - Backport: 'stabilize the C2P resolver URI scheme' to v1.49.x. (#30654) - Bump core version. (#30588) - Update OpenCensus to HEAD. (#30567) - Update protobuf submodule to 3.21.5. (#30548) - Update third_party/protobuf to 3.21.4. (#30377) - [core] Remove GRPC_INITIAL_METADATA_CORKED flag. (#30443) - HTTP2: Fix keepalive time throttling. (#30164) - Use AnyInvocable in EventEngine APIs. (#30220) * Python - Add type stub generation support to grpcio-tools. (#30498) Update to release 1.48.1 * Backport EventEngine Forkables Update to release 1.48.0 * C++14 is now required * xDS: Workaround to get gRPC clients working with istio Update to release 1.46.3 * backport: xds: use federation env var to guard new-style resource name parsing (#29725) #29727 Update to release 1.46 * Added HTTP/1.1 support in httpcli * HTTP2: Add graceful goaway Update to release 1.45.2 * Various fixes related to XDS * HTTP2: Should not run cancelling logic on servers when receiving GOAWAY Update to release 1.45.1 * Switched to epoll1 as a default polling engine for Linux Update to version 1.45.0: * Core: - Backport 'Include ADS stream error in XDS error updates (#29014)' to 1.45.x [gh#grpc/grpc#29121]. - Bump core version to 23.0.0 for upcoming release [gh#grpc/grpc#29026]. - Fix memory leak in HTTP request security handshake cancellation [gh#grpc/grpc#28971]. - CompositeChannelCredentials: Comparator implementation [gh#grpc/grpc#28902]. - Delete custom iomgr [gh#grpc/grpc#28816]. - Implement transparent retries [gh#grpc/grpc#28548]. - Uniquify channel args keys [gh#grpc/grpc#28799]. - Set trailing_metadata_available for recv_initial_metadata ops when generating a fake status [gh#grpc/grpc#28827]. - Eliminate gRPC insecure build [gh#grpc/grpc#25586]. - Fix for a racy WorkSerializer shutdown [gh#grpc/grpc#28769]. - InsecureCredentials: singleton object [gh#grpc/grpc#28777]. - Add http cancel api [gh#grpc/grpc#28354]. - Memory leak fix on windows in grpc_tcp_create() [gh#grpc/grpc#27457]. - xDS: Rbac filter updates [gh#grpc/grpc#28568]. * C++ - Bump the minimum gcc to 5 [gh#grpc/grpc#28786]. - Add experimental API for CRL checking support to gRPC C++ TlsCredentials [gh#grpc/grpc#28407]. Update to release 1.44.0 * Add a trace to list which filters are contained in a channel stack. * Remove grpc_httpcli_context. * xDS: Add support for RBAC HTTP filter. * API to cancel grpc_resolve_address. Update to version 1.43.2: * Fix google-c2p-experimental issue (gh#grpc/grpc#28692). Changes from version 1.43.0: * Core: - Remove redundant work serializer usage in c-ares windows code (gh#grpc/grpc#28016). - Support RDS updates on the server (gh#grpc/grpc#27851). - Use WorkSerializer in XdsClient to propagate updates in a synchronized manner (gh#grpc/grpc#27975). - Support Custom Post-handshake Verification in TlsCredentials (gh#grpc/grpc#25631). - Reintroduce the EventEngine default factory (gh#grpc/grpc#27920). - Assert Android API >= v21 (gh#grpc/grpc#27943). - Add support for abstract unix domain sockets (gh#grpc/grpc#27906). * C++: - OpenCensus: Move metadata storage to arena (gh#grpc/grpc#27948). * [C#] Add nullable type attributes to Grpc.Core.Api (gh#grpc/grpc#27887). - Update package name libgrpc++1 to libgrpc++1_43 in keeping with updated so number. Update to release 1.41.0 * xDS: Remove environmental variable guard for security. * xDS Security: Use new way to fetch certificate provider plugin instance config. * xDS server serving status: Use a struct to allow more fields to be added in the future. Update to release 1.39.1 * Fix C# protoc plugin argument parsing on 1.39.x Update to version 1.39.0: * Core - Initialize tcp_posix for CFStream when needed (gh#grpc/grpc#26530). - Update boringssl submodule (gh#grpc/grpc#26520). - Fix backup poller races (gh#grpc/grpc#26446). - Use default port 443 in HTTP CONNECT request (gh#grpc/grpc#26331). * C++ - New iomgr implementation backed by the EventEngine API (gh#grpc/grpc#26026). - async_unary_call: add a Destroy method, called by std::default_delete (gh#grpc/grpc#26389). - De-experimentalize C++ callback API (gh#grpc/grpc#25728). * PHP: stop reading composer.json file just to read the version string (gh#grpc/grpc#26156). * Ruby: Set XDS user agent in ruby via macros (gh#grpc/grpc#26268). Update to release 1.38.0 * Invalidate ExecCtx now before computing timeouts in all repeating timer events using a WorkSerializer or combiner. * Fix use-after-unref bug in fault_injection_filter * New gRPC EventEngine Interface * Allow the AWS_DEFAULT_REGION environment variable * s/OnServingStatusChange/OnServingStatusUpdate/ Update to release 1.37.1 * Use URI form of address for channelz listen node * Implementation CSDS (xDS Config Dump) * xDS status notifier * Remove CAS loops in global subchannel pool and simplify subchannel refcounting Update to release 1.36.4 * A fix for DNS SRV lookups on Windows Update to 1.36.1: * Core: * Remove unnecessary internal pollset set in c-ares DNS resolver * Support Default Root Certs in Tls Credentials * back-port: add env var protection for google-c2p resolver * C++: * Move third party identity C++ api out of experimental namespace * refactor!: change error_details functions to templates * Support ServerContext for callback API * PHP: * support for PSM security * fixed segfault on reused call object * fixed phpunit 8 warnings * Python: * Implement Python Client and Server xDS Creds Update to version 1.34.1: * Backport 'Lazily import grpc_tools when using runtime stub/message generation' to 1.34.x (gh#grpc/grpc#25011). * Backport 'do not use <PublicSign>true</PublicSign> on non-windows' to 1.34.x (gh#grpc/grpc#24995). Update to version 1.34.0: * Core: - Protect xds security code with the environment variable 'GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT' (gh#grpc/grpc#24782). - Add support for 'unix-abstract:' URIs to support abstract unix domain sockets (gh#grpc/grpc#24500). - Increment Index when parsing not plumbed SAN fields (gh#grpc/grpc#24601). - Revert 'Revert 'Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS'' (gh#grpc/grpc#24518). - xds: Set status code to INVALID_ARGUMENT when NACKing (gh#grpc/grpc#24516). - Include stddef.h in address_sorting.h (gh#grpc/grpc#24514). - xds: Add support for case_sensitive option in RouteMatch (gh#grpc/grpc#24381). * C++: - Fix --define=grpc_no_xds=true builds (gh#grpc/grpc#24503). - Experimental support and tests for CreateCustomInsecureChannelWithInterceptorsFromFd (gh#grpc/grpc#24362). Update to release 1.33.2 * Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS. * Expose Cronet error message to the application layer. * Remove grpc_channel_ping from surface API. * Do not send BDP pings if there is no receive side activity. Update to version 1.33.1 * Core - Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS (gh#grpc/grpc#24063). - Expose Cronet error message to the application layer (gh#grpc/grpc#24083). - Remove grpc_channel_ping from surface API (gh#grpc/grpc#23894). - Do not send BDP pings if there is no receive side activity (gh#grpc/grpc#22997). * C++ - Makefile: only support building deps from submodule (gh#grpc/grpc#23957). - Add new subpackages - libupb and upb-devel. Currently, grpc sources include also upb sources. Before this change, libupb and upb-devel used to be included in a separate package - upb. Update to version 1.32.0: * Core - Remove stream from stalled lists on remove_stream (gh#grpc/grpc#23984). - Do not cancel RPC if send metadata size if larger than peer's limit (gh#grpc/grpc#23806). - Don't consider receiving non-OK status as an error for HTTP2 (gh#grpc/grpc#19545). - Keepalive throttling (gh#grpc/grpc#23313). - Include the target_uri in 'target uri is not valid' error messages (gh#grpc/grpc#23782). - Fix 'cannot send compressed message large than 1024B' in cronet_transport (gh#grpc/grpc#23219). - Receive SETTINGS frame on clients before declaring subchannel READY (gh#grpc/grpc#23636). - Enabled GPR_ABSEIL_SYNC (gh#grpc/grpc#23372). - Experimental xDS v3 support (gh#grpc/grpc#23281). * C++ - Upgrade bazel used for all tests to 2.2.0 (gh#grpc/grpc#23902). - Remove test targets and test helper libraries from Makefile (gh#grpc/grpc#23813). - Fix repeated builds broken by re2's cmake (gh#grpc/grpc#23587). - Log the peer address of grpc_cli CallMethod RPCs to stderr (gh#grpc/grpc#23557). opencensus-proto was updated to 0.3.0+git.20200721: - Update to version 0.3.0+git.20200721: * Bump version to 0.3.0 * Generate Go types using protocolbuffers/protobuf-go (#218) * Load proto_library() rule. (#216) - Update to version 0.2.1+git.20190826: * Remove grpc_java dependency and java_proto rules. (#214) * Add C++ targets, especially for gRPC services. (#212) * Upgrade bazel and dependencies to latest. (#211) * Bring back bazel cache to make CI faster. (#210) * Travis: don't require sudo for bazel installation. (#209) - Update to version 0.2.1: * Add grpc-gateway for metrics service. (#205) * Pin bazel version in travis builds (#207) * Update gen-go files (#199) * Add Web JS as a LibraryInfo.Language option (#198) * Set up Python packaging for PyPI release. (#197) * Add tracestate to links. (#191) * Python proto file generator and generated proto files (#196) * Ruby proto file generator and generated proto files (#192) * Add py_proto_library() rules for envoy/api. (#194) * Gradle: Upgrade dependency versions. (#193) * Update release versions for readme. (#189) * Start 0.3.0 development cycle * Update gen-go files. (#187) * Revert 'Start 0.3.0 development cycle (#167)' (#183) * Revert optimization for metric descriptor and bucket options for now. (#184) * Constant sampler: add option to always follow the parent's decision. (#182) * Document that all maximum values must be specified. (#181) * Fix typo in bucket bounds. (#178) * Restrict people who can approve reviews. This is to ensure code quality. (#177) * Use bazel cache to make CI faster. (#176) * Add grpc generated files to the idea plugin. (#175) * Add Resource to Span (#174) * time is required (#170) * Upgrade protobuf dependency to v3.6.1.3. (#173) * assume Ok Status when not set (#171) * Minor comments fixes (#160) * Start 0.3.0 development cycle (#167) * Update gen-go files. (#162) * Update releasing instruction. (#163) * Fix Travis build. (#165) * Add OpenApi doc for trace agent grpc-gateway (#157) * Add command to generate OpenApi/Swagger doc for grpc-gateway (#156) * Update gen-go files (#155) * Add trace export grpc-gateway config (#77) * Fix bazel build after bazel upgrade (#154) * README: Add gitter, javadoc and godoc badge. (#151) * Update release versions for README. (#150) * Start 0.2.0 development cycle * Add resource and metrics_service proto to mkgogen. Re-generate gen-go files. (#147) * Add resource to protocol (#137) * Fix generating the javadoc. (#144) * Metrics/TimeSeries: start time should not be included while end time should. (#142) * README: Add instructions on using opencensus_proto with Bazel. (#140) * agent/README: update package info. (#138) * Agent: Add metrics service. (#136) * Tracing: Add default limits to TraceConfig. (#133) * Remove a stale TODO. (#134) * README: Add a note about go_proto_library rules. (#135) * add golang bazel build support (#132) * Remove exporter protos from mkgogen. (#128) * Update README and RELEASING. (#130) * Change histogram buckets definition to be OpenMetrics compatible. (#121) * Remove exporter/v1 protos. (#124) * Clean up the README for Agent proto. (#126) * Change Quantiles to ValuesAtPercentile. (#122) * Extend the TraceService service to support export/config for multiple Applications. (#119) * Add specifications on Agent implementation details. (#112) * Update gitignore (#118) * Remove maven support. Not used. (#116) * Add gauge distribution. (#117) * Add support for Summary type and value. (#110) * Add Maven status and instructions on adding dependencies. (#115) * Bump version to 0.0.3-SNAPSHOT * Bump version to 0.0.2 * Update gen-go files. (#114) * Gradle: Add missing source and javadoc rules. (#113) * Add support for float attributes. (#98) * Change from mean to sum in distribution. (#109) * Bump version to v0.0.2-SNAPSHOT * Bump version to v0.0.1 * Add releasing instructions in RELEASING.md. (#106) * Add Gradle build rules for generating gRPC service and releasing to Maven. (#102) * Re-organize proto directory structure. (#103) * Update gen-go files. (#101) * Add a note about interceptors of other libraries. (#94) * agent/common/v1: use exporter_version, core_library_version in LibraryInfo (#100) * opencensus/proto: add default Agent port to README (#97) * Update the message names for Config RPC. (#93) * Add details about agent protocol in the README. (#88) * Update gen-go files. (#92) * agent/trace/v1: fix signature for Config and comments too (#91) * Update gen-go files. (#86) * Make tracestate a list instead of a map to preserve ordering. (#84) * Allow MetricDescriptor to be sent only the first time. (#78) * Update mkgogen.sh. (#85) * Add agent trace service proto definitions. (#79) * Update proto and gen-go package names. (#83) * Add agent/common proto and BUILD. (#81) * Add trace_config.proto. (#80) * Build exporters with maven. (#76) * Make clear that cumulative int/float can go only up. (#75) * Add tracestate field to the Span proto. (#74) * gradle wrapper --gradle-version 4.9 (#72) * Change from multiple types of timeseries to have one. (#71) * Move exemplars in the Bucket. (#70) * Update gen-go files. (#69) * Move metrics in the top level directory. (#68) * Remove Range from Distribution. No backend supports this. (#67) * Remove unused MetricSet message. (#66) * Metrics: Add Exemplar to DistributionValue. (#62) * Gauge vs Cumulative. (#65) * Clarifying comment about bucket boundaries. (#64) * Make MetricDescriptor.Type capture the type of the value as well. (#63) * Regenerate the Go artifacts (#61) * Add export service proto (#60) - Initial version 20180523 protobuf was updated to 25.1: update to 25.1: * Raise warnings for deprecated python syntax usages * Add support for extensions in CRuby, JRuby, and FFI Ruby * Add support for options in CRuby, JRuby and FFI (#14594) update to 25.0: * Implement proto2/proto3 with editions * Defines Protobuf compiler version strings as macros and separates out suffix string definition. * Add utf8_validation feature back to the global feature set. * Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode. * Merge the protobuf and upb Bazel repos * Editions: Introduce functionality to protoc for generating edition feature set defaults. * Editions: Migrate edition strings to enum in C++ code. * Create a reflection helper for ExtensionIdentifier. * Editions: Provide an API for C++ generators to specify their features. * Editions: Refactor feature resolution to use an intermediate message. * Publish extension declarations with declaration verifications. * Editions: Stop propagating partially resolved feature sets to plugins. * Editions: Migrate string_field_validation to a C++ feature * Editions: Include defaults for any features in the generated pool. * Protoc: parser rejects explicit use of map_entry option * Protoc: validate that reserved range start is before end * Protoc: support identifiers as reserved names in addition to string literals (only in editions) * Drop support for Bazel 5. * Allow code generators to specify whether or not they support editions. C++: * Set `PROTOBUF_EXPORT` on `InternalOutOfLineDeleteMessageLite()` * Update stale checked-in files * Apply PROTOBUF_NOINLINE to declarations of some functions that want it. * Implement proto2/proto3 with editions * Make JSON UTF-8 boundary check inclusive of the largest possible UTF-8 character. * Reduce `Map::size_type` to 32-bits. Protobuf containers can't have more than that * Defines Protobuf compiler version strings as macros and separates out suffix string definition. * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated oneof accessors. * Fix bug in reflection based Swap of map fields. * Add utf8_validation feature back to the global feature set. * Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode. * Add prefetching to arena allocations. * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated repeated and map field accessors. * Editions: Migrate edition strings to enum in C++ code. * Create a reflection helper for ExtensionIdentifier. * Editions: Provide an API for C++ generators to specify their features. * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated string field accessors. * Editions: Refactor feature resolution to use an intermediate message. * Fixes for 32-bit MSVC. * Publish extension declarations with declaration verifications. * Export the constants in protobuf's any.h to support DLL builds. * Implement AbslStringify for the Descriptor family of types. * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated message field accessors. * Editions: Stop propagating partially resolved feature sets to plugins. * Editions: Migrate string_field_validation to a C++ feature * Editions: Include defaults for any features in the generated pool. * Introduce C++ feature for UTF8 validation. * Protoc: validate that reserved range start is before end * Remove option to disable the table-driven parser in protoc. * Lock down ctype=CORD in proto file. * Support split repeated fields. * In OSS mode omit some extern template specializations. * Allow code generators to specify whether or not they support editions. Java: * Implement proto2/proto3 with editions * Remove synthetic oneofs from Java gencode field accessor tables. * Timestamps.parse: Add error handling for invalid hours/minutes in the timezone offset. * Defines Protobuf compiler version strings as macros and separates out suffix string definition. * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated oneof accessors. * Add missing debugging version info to Protobuf Java gencode when multiple files are generated. * Fix a bad cast in putBuilderIfAbsent when already present due to using the result of put() directly (which is null if it currently has no value) * Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode. * Fix a NPE in putBuilderIfAbsent due to using the result of put() directly (which is null if it currently has no value) * Update Kotlin compiler to escape package names * Add MapFieldBuilder and change codegen to generate it and the put{field}BuilderIfAbsent method. * Introduce recursion limit in Java text format parsing * Consider the protobuf.Any invalid if typeUrl.split('/') returns an empty array. * Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated. * Fixed Python memory leak in map lookup. * Loosen upb for json name conflict check in proto2 between json name and field * Defines Protobuf compiler version strings as macros and separates out suffix string definition. * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated oneof accessors. * Ensure Timestamp.ToDatetime(tz) has correct offset * Do not check required field for upb python MergeFrom * Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode. * Merge the protobuf and upb Bazel repos * Comparing a proto message with an object of unknown returns NotImplemented * Emit __slots__ in pyi output as a tuple rather than a list for --pyi_out. * Fix a bug that strips options from descriptor.proto in Python. * Raise warings for message.UnknownFields() usages and navigate to the new add * Add protobuf python keyword support in path for stub generator. * Add tuple support to set Struct * ### Python C-Extension (Default) * Comparing a proto message with an object of unknown returns NotImplemented * Check that ffi-compiler loads before using it to define tasks. UPB (Python/PHP/Ruby C-Extension): * Include .inc files directly instead of through a filegroup * Loosen upb for json name conflict check in proto2 between json name and field * Add utf8_validation feature back to the global feature set. * Do not check required field for upb python MergeFrom * Merge the protobuf and upb Bazel repos * Added malloc_trim() calls to Python allocator so RSS will decrease when memory is freed * Upb: fix a Python memory leak in ByteSize() * Support ASAN detection on clang * Upb: bugfix for importing a proto3 enum from within a proto2 file * Expose methods needed by Ruby FFI using UPB_API * Fix `PyUpb_Message_MergeInternal` segfault - Build with source and target levels 8 * fixes build with JDK21 - Install the pom file with the new %%mvn_install_pom macro - Do not install the pom-only artifacts, since the %%mvn_install_pom macro resolves the variables at the install time update to 23.4: * Add dllexport_decl for generated default instance. * Deps: Update Guava to 32.0.1 update to 23.3: C++: * Regenerate stale files * Use the same ABI for static and shared libraries on non- Windows platforms * Add a workaround for GCC constexpr bug Objective-C: * Regenerate stale files UPB (Python/PHP/Ruby C-Extension) * Fixed a bug in `upb_Map_Delete()` that caused crashes in map.delete(k) for Ruby when string-keyed maps were in use. Compiler: * Add missing header to Objective-c generator * Add a workaround for GCC constexpr bug Java: * Rollback of: Simplify protobuf Java message builder by removing methods that calls the super class only. Csharp: * [C#] Replace regex that validates descriptor names update to 22.5: C++: * Add missing cstdint header * Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700) * Avoid using string(JOIN..., which requires cmake 3.12 * Explicitly include GTest package in examples * Bump Abseil submodule to 20230125.3 (#12660) update to 22.4: C++: * Fix libprotoc: export useful symbols from .so Python: * Fix bug in _internal_copy_files where the rule would fail in downstream repositories. Other: * Bump utf8_range to version with working pkg-config (#12584) * Fix declared dependencies for pkg-config * Update abseil dependency and reorder dependencies to ensure we use the version specified in protobuf_deps. * Turn off clang::musttail on i386 update to v22.3 UPB (Python/PHP/Ruby C-Extension): * Remove src prefix from proto import * Fix .gitmodules to use the correct absl branch * Remove erroneous dependency on googletest update to 22.2: Java: * Add version to intra proto dependencies and add kotlin stdlib dependency * Add $ back for osgi header * Remove $ in pom files update to 22.1: * Add visibility of plugin.proto to python directory * Strip 'src' from file name of plugin.proto * Add OSGi headers to pom files. * Remove errorprone dependency from kotlin protos. * Version protoc according to the compiler version number. - update to 22.0: * This version includes breaking changes to: Cpp. Please refer to the migration guide for information: https://protobuf.dev/support/migration/#compiler-22 * [Cpp] Migrate to Abseil's logging library. * [Cpp] `proto2::Map::value_type` changes to `std::pair`. * [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream, and DefaultFieldComparator classes. * [Cpp] Add a dependency on Abseil (#10416) * [Cpp] Remove all autotools usage (#10132) * [Cpp] Add C++20 reserved keywords * [Cpp] Dropped C++11 Support * [Cpp] Delete Arena::Init * [Cpp] Replace JSON parser with new implementation * [Cpp] Make RepeatedField::GetArena non-const in order to support split RepeatedFields. * long list of bindings specific fixes see https://github.com/protocolbuffers/protobuf/releases/tag/v22.0 update to v21.12: * Python: * Fix broken enum ranges (#11171) * Stop requiring extension fields to have a sythetic oneof (#11091) * Python runtime 4.21.10 not works generated code can not load valid proto. update to 21.11: * Python: * Add license file to pypi wheels (#10936) * Fix round-trip bug (#10158) update to 21.10:: * Java: * Use bit-field int values in buildPartial to skip work on unset groups of fields. (#10960) * Mark nested builder as clean after clear is called (#10984) update to 21.9: * Ruby: * Replace libc strdup usage with internal impl to restore musl compat (#10818) * Auto capitalize enums name in Ruby (#10454) (#10763) * Other: * Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721) * C++: * 21.x No longer define no_threadlocal on OpenBSD (#10743) * Java: * Mark default instance as immutable first to avoid race during static initialization of default instances (#10771) * Refactoring java full runtime to reuse sub-message builders and prepare to migrate parsing logic from parse constructor to builder. * Move proto wireformat parsing functionality from the private 'parsing constructor' to the Builder class. * Change the Lite runtime to prefer merging from the wireformat into mutable messages rather than building up a new immutable object before merging. This way results in fewer allocations and copy operations. * Make message-type extensions merge from wire-format instead of building up instances and merging afterwards. This has much better performance. * Fix TextFormat parser to build up recurring (but supposedly not repeated) sub-messages directly from text rather than building a new sub-message and merging the fully formed message into the existing field. update to 21.6: C++: * Reduce memory consumption of MessageSet parsing update to 21.5: PHP: * Added getContainingOneof and getRealContainingOneof to descriptor. * fix PHP readonly legacy files for nested messages Python: * Fixed comparison of maps in Python. - update to 21.4: * Reduce the required alignment of ArenaString from 8 to 4 - update to 21.3: * C++: * Add header search paths to Protobuf-C++.podspec (#10024) * Fixed Visual Studio constinit errors (#10232) * Fix #9947: make the ABI compatible between debug and non-debug builds (#10271) * UPB: * Allow empty package names (fixes behavior regression in 4.21.0) * Fix a SEGV bug when comparing a non-materialized sub-message (#10208) * Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name) * for x in mapping now yields keys rather than values, to match Python conventions and the behavior of the old library. * Lookup operations now correctly reject unhashable types as map keys. * We implement repr() to use the same format as dict. * Fix maps to use the ScalarMapContainer class when appropriate * Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717) * PHP: * Add 'readonly' as a keyword for PHP and add previous classnames to descriptor pool (#10041) * Python: * Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118) * Bazel: * Add back a filegroup for :well_known_protos (#10061) Update to 21.2: - C++: - cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614) - Escape GetObject macro inside protoc-generated code (#9739) - Update CMake configuration to add a dependency on Abseil (#9793) - Fix cmake install targets (#9822) - Use __constinit only in GCC 12.2 and up (#9936) - Java: - Update protobuf_version.bzl to separate protoc and per-language java … (#9900) - Python: - Increment python major version to 4 in version.json for python upb (#9926) - The C extension module for Python has been rewritten to use the upb library. - This is expected to deliver significant performance benefits, especially when parsing large payloads. There are some minor breaking changes, but these should not impact most users. For more information see: https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates - PHP: - [PHP] fix PHP build system (#9571) - Fix building packaged PHP extension (#9727) - fix: reserve 'ReadOnly' keyword for PHP 8.1 and add compatibility (#9633) - fix: phpdoc syntax for repeatedfield parameters (#9784) - fix: phpdoc for repeatedfield (#9783) - Change enum string name for reserved words (#9780) - chore: [PHP] fix phpdoc for MapField keys (#9536) - Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996) - Ruby: - Allow pre-compiled binaries for ruby 3.1.0 (#9566) - Implement respond_to? in RubyMessage (#9677) - [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722) - Do not use range based UTF-8 validation in truffleruby (#9769) - Improve range handling logic of RepeatedField (#9799) - Other: - Fix invalid dependency manifest when using descriptor_set_out (#9647) - Remove duplicate java generated code (#9909) - Update to 3.20.1: - PHP: - Fix building packaged PHP extension (#9727) - Fixed composer.json to only advertise compatibility with PHP 7.0+. (#9819) - Ruby: - Disable the aarch64 build on macOS until it can be fixed. (#9816) - Other: - Fix versioning issues in 3.20.0 - Update to 3.20.1: - Ruby: - Dropped Ruby 2.3 and 2.4 support for CI and releases. (#9311) - Added Ruby 3.1 support for CI and releases (#9566). - Message.decode/encode: Add recursion_limit option (#9218/#9486) - Allocate with xrealloc()/xfree() so message allocation is visible to the - Ruby GC. In certain tests this leads to much lower memory usage due to more - frequent GC runs (#9586). - Fix conversion of singleton classes in Ruby (#9342) - Suppress warning for intentional circular require (#9556) - JSON will now output shorter strings for double and float fields when possible - without losing precision. - Encoding and decoding of binary format will now work properly on big-endian - systems. - UTF-8 verification was fixed to properly reject surrogate code points. - Unknown enums for proto2 protos now properly implement proto2's behavior of - putting such values in unknown fields. - Java: - Revert 'Standardize on Array copyOf' (#9400) - Resolve more java field accessor name conflicts (#8198) - Fix parseFrom to only throw InvalidProtocolBufferException - InvalidProtocolBufferException now allows arbitrary wrapped Exception types. - Fix bug in FieldSet.Builder.mergeFrom - Flush CodedOutputStream also flushes underlying OutputStream - When oneof case is the same and the field type is Message, merge the - subfield. (previously it was replaced.)’ - Add @CheckReturnValue to some protobuf types - Report original exceptions when parsing JSON - Add more info to @deprecated javadoc for set/get/has methods - Fix initialization bug in doc comment line numbers - Fix comments for message set wire format. - Kotlin: - Add test scope to kotlin-test for protobuf-kotlin-lite (#9518) - Add orNull extensions for optional message fields. - Add orNull extensions to all proto3 message fields. - Python: - Dropped support for Python < 3.7 (#9480) - Protoc is now able to generate python stubs (.pyi) with --pyi_out - Pin multibuild scripts to get manylinux1 wheels back (#9216) - Fix type annotations of some Duration and Timestamp methods. - Repeated field containers are now generic in field types and could be used in type annotations. - Protobuf python generated codes are simplified. Descriptors and message classes' definitions are now dynamic created in internal/builder.py. - Insertion Points for messages classes are discarded. - has_presence is added for FieldDescriptor in python - Loosen indexing type requirements to allow valid index() implementations rather than only PyLongObjects. - Fix the deepcopy bug caused by not copying message_listener. - Added python JSON parse recursion limit (default 100) - Path info is added for python JSON parse errors - Pure python repeated scalar fields will not able to pickle. Convert to list first. - Timestamp.ToDatetime() now accepts an optional tzinfo parameter. If specified, the function returns a timezone-aware datetime in the given time zone. If omitted or None, the function returns a timezone-naive UTC datetime (as previously). - Adds client_streaming and server_streaming fields to MethodDescriptor. - Add 'ensure_ascii' parameter to json_format.MessageToJson. This allows smaller JSON serializations with UTF-8 or other non-ASCII encodings. - Added experimental support for directly assigning numpy scalars and array. - Improve the calculation of public_dependencies in DescriptorPool. - [Breaking Change] Disallow setting fields to numpy singleton arrays or repeated fields to numpy multi-dimensional arrays. Numpy arrays should be indexed or flattened explicitly before assignment. - Compiler: - Migrate IsDefault(const std::string*) and UnsafeSetDefault(const std::string*) - Implement strong qualified tags for TaggedPtr - Rework allocations to power-of-two byte sizes. - Migrate IsDefault(const std::string*) and UnsafeSetDefault(const std::string*) - Implement strong qualified tags for TaggedPtr - Make TaggedPtr Set...() calls explicitly spell out the content type. - Check for parsing error before verifying UTF8. - Enforce a maximum message nesting limit of 32 in the descriptor builder to - guard against stack overflows - Fixed bugs in operators for RepeatedPtrIterator - Assert a maximum map alignment for allocated values - Fix proto1 group extension protodb parsing error - Do not log/report the same descriptor symbol multiple times if it contains - more than one invalid character. - Add UnknownFieldSet::SerializeToString and SerializeToCodedStream. - Remove explicit default pointers and deprecated API from protocol compiler - Arenas: - Change Repeated*Field to reuse memory when using arenas. - Implements pbarenaz for profiling proto arenas - Introduce CreateString() and CreateArenaString() for cleaner semantics - Fix unreferenced parameter for MSVC builds - Add UnsafeSetAllocated to be used for one-of string fields. - Make Arena::AllocateAligned() a public function. - Determine if ArenaDtor related code generation is necessary in one place. - Implement on demand register ArenaDtor for InlinedStringField - C++: - Enable testing via CTest (#8737) - Add option to use external GTest in CMake (#8736) - CMake: Set correct sonames for libprotobuf-lite.so and libprotoc.so (#8635) (#9529) - Add cmake option protobuf_INSTALL to not install files (#7123) - CMake: Allow custom plugin options e.g. to generate mocks (#9105) - CMake: Use linker version scripts (#9545) - Manually *struct Cord fields to work better with arenas. - Manually destruct map fields. - Generate narrower code - Fix #9378 by removing - shadowed cached_size field - Remove GetPointer() and explicit nullptr defaults. - Add proto_h flag for speeding up large builds - Add missing overload for reference wrapped fields. - Add MergedDescriptorDatabase::FindAllFileNames() - RepeatedField now defines an iterator type instead of using a pointer. - Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and GOOGLE_PROTOBUF_HAS_ARENAS. - PHP: - Fix: add missing reserved classnames (#9458) - PHP 8.1 compatibility (#9370) - C#: - Fix trim warnings (#9182) - Fixes NullReferenceException when accessing FieldDescriptor.IsPacked (#9430) - Add ToProto() method to all descriptor classes (#9426) - Add an option to preserve proto names in JsonFormatter (#6307) - Objective-C: - Add prefix_to_proto_package_mappings_path option. (#9498) - Rename proto_package_to_prefix_mappings_path to package_to_prefix_mappings_path. (#9552) - Add a generation option to control use of forward declarations in headers. (#9568) - update to 3.19.4: Python: * Make libprotobuf symbols local on OSX to fix issue #9395 (#9435) Ruby: * Fixed a data loss bug that could occur when the number of optional fields in a message is an exact multiple of 32 PHP: * Fixed a data loss bug that could occur when the number of optional fields in a message is an exact multiple of 32. - Update to 3.19.3: C++: * Make proto2::Message::DiscardUnknownFields() non-virtual * Separate RepeatedPtrField into its own header file * For default floating point values of 0, consider all bits significant * Fix shadowing warnings * Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment Java: * Improve performance characteristics of UnknownFieldSet parsing * For default floating point values of 0, consider all bits significant * Annotate //java/com/google/protobuf/util/... with nullness annotations * Use ArrayList copy constructor Bazel: * Ensure that release archives contain everything needed for Bazel * Align dependency handling with Bazel best practices Javascript: * Fix ReferenceError: window is not defined when getting the global object Ruby: * Fix memory leak in MessageClass.encode * Override Map.clone to use Map's dup method * Ruby: build extensions for arm64-darwin * Add class method Timestamp.from_time to ruby well known types * Adopt pure ruby DSL implementation for JRuby * Add size to Map class * Fix for descriptor_pb.rb: google/protobuf should be required first Python: * Proto2 DecodeError now includes message name in error message * Make MessageToDict convert map keys to strings * Add python-requires in setup.py * Add python 3.10 - Update to 3.17.3: C++ * Introduce FieldAccessListener. * Stop emitting boilerplate {Copy/Merge}From in each ProtoBuf class * Provide stable versions of SortAndUnique(). * Make sure to cache proto3 optional message fields when they are cleared. * Expose UnsafeArena methods to Reflection. * Use std::string::empty() rather than std::string::size() > 0. * [Protoc] C++ Resolved an issue where NO_DESTROY and CONSTINIT are in incorrect order (#8296) * Fix PROTOBUF_CONSTINIT macro redefinition (#8323) * Delete StringPiecePod (#8353) * Create a CMake option to control whether or not RTTI is enabled (#8347) * Make util::Status more similar to absl::Status (#8405) * The ::pb namespace is no longer exposed due to conflicts. * Allow MessageDifferencer::TreatAsSet() (and friends) to override previous calls instead of crashing. * Reduce the size of generated proto headers for protos with string or bytes fields. * Move arena() operation on uncommon path to out-of-line routine * For iterator-pair function parameter types, take both iterators by value. * Code-space savings and perhaps some modest performance improvements in * RepeatedPtrField. * Eliminate nullptr check from every tag parse. * Remove unused _$name$cached_byte_size fields. * Serialize extension ranges together when not broken by a proto field in the middle. * Do out-of-line allocation and deallocation of string object in ArenaString. * Streamline ParseContext::ParseMessage to avoid code bloat and improve performance. * New member functions RepeatedField::Assign, RepeatedPtrField::{Add, Assign}. on an error path. * util::DefaultFieldComparator will be final in a future version of protobuf. * Subclasses should inherit from SimpleFieldComparator instead. Kotlin * Introduce support for Kotlin protos (#8272) * Restrict extension setter and getter operators to non-nullable T. Java * Fixed parser to check that we are at a proper limit when a sub-message has finished parsing. * updating GSON and Guava to more recent versions (#8524) * Reduce the time spent evaluating isExtensionNumber by storing the extension ranges in a TreeMap for faster queries. This is particularly relevant for protos which define a large number of extension ranges, for example when each tag is defined as an extension. * Fix java bytecode estimation logic for optional fields. * Optimize Descriptor.isExtensionNumber. * deps: update JUnit and Truth (#8319) * Detect invalid overflow of byteLimit and return InvalidProtocolBufferException as documented. * Exceptions thrown while reading from an InputStream in parseFrom are now included as causes. * Support potentially more efficient proto parsing from RopeByteStrings. * Clarify runtime of ByteString.Output.toStringBuffer(). * Added UnsafeByteOperations to protobuf-lite (#8426) Python: * Add MethodDescriptor.CopyToProto() (#8327) * Remove unused python_protobuf.{cc,h} (#8513) * Start publishing python aarch64 manylinux wheels normally (#8530) * Fix constness issue detected by MSVC standard conforming mode (#8568) * Make JSON parsing match C++ and Java when multiple fields from the same oneof are present and all but one is null. * Fix some constness / char literal issues being found by MSVC standard conforming mode (#8344) * Switch on 'new' buffer API (#8339) * Enable crosscompiling aarch64 python wheels under dockcross manylinux docker image (#8280) * Fixed a bug in text format where a trailing colon was printed for repeated field. * When TextFormat encounters a duplicate message map key, replace the current one instead of merging. Ruby: * Add support for proto3 json_name in compiler and field definitions (#8356) * Fixed memory leak of Ruby arena objects. (#8461) * Fix source gem compilation (#8471) * Fix various exceptions in Ruby on 64-bit Windows (#8563) * Fix crash when calculating Message hash values on 64-bit Windows (#8565) General: * Support M1 (#8557) Update to 3.15.8: - Fixed memory leak of Ruby arena objects (#8461) Update to 3.15.7: C++: * Remove the ::pb namespace (alias) (#8423) Ruby: * Fix unbounded memory growth for Ruby <2.7 (#8429) * Fixed message equality in cases where the message type is different (#8434) update to 3.15.6: Ruby: * Fixed bug in string comparison logic (#8386) * Fixed quadratic memory use in array append (#8379) * Fixed SEGV when users pass nil messages (#8363) * Fixed quadratic memory usage when appending to arrays (#8364) * Ruby <2.7 now uses WeakMap too, which prevents memory leaks. (#8341) * Fix for FieldDescriptor.get(msg) (#8330) * Bugfix for Message.[] for repeated or map fields (#8313) PHP: * read_property() handler is not supposed to return NULL (#8362) Protocol Compiler * Optional fields for proto3 are enabled by default, and no longer require the --experimental_allow_proto3_optional flag. C++: * Do not disable RTTI by default in the CMake build (#8377) * Create a CMake option to control whether or not RTTI is enabled (#8361) * Fix PROTOBUF_CONSTINIT macro redefinition (#8323) * MessageDifferencer: fixed bug when using custom ignore with multiple unknown fields * Use init_seg in MSVC to push initialization to an earlier phase. * Runtime no longer triggers -Wsign-compare warnings. * Fixed -Wtautological-constant-out-of-range-compare warning. * DynamicCastToGenerated works for nullptr input for even if RTTI is disabled * Arena is refactored and optimized. * Clarified/specified that the exact value of Arena::SpaceAllocated() is an implementation detail users must not rely on. It should not be used in unit tests. * Change the signature of Any::PackFrom() to return false on error. * Add fast reflection getter API for strings. * Constant initialize the global message instances * Avoid potential for missed wakeup in UnknownFieldSet * Now Proto3 Oneof fields have 'has' methods for checking their presence in C++. * Bugfix for NVCC * Return early in _InternalSerialize for empty maps. * Adding functionality for outputting map key values in proto path logging output (does not affect comparison logic) and stop printing 'value' in the path. The modified print functionality is in the MessageDifferencer::StreamReporter. * Fixed https://github.com/protocolbuffers/protobuf/issues/8129 * Ensure that null char symbol, package and file names do not result in a crash. * Constant initialize the global message instances * Pretty print 'max' instead of numeric values in reserved ranges. * Removed remaining instances of std::is_pod, which is deprecated in C++20. * Changes to reduce code size for unknown field handling by making uncommon cases out of line. * Fix std::is_pod deprecated in C++20 (#7180) * Fix some -Wunused-parameter warnings (#8053) * Fix detecting file as directory on zOS issue #8051 (#8052) * Don't include sys/param.h for _BYTE_ORDER (#8106) * remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS (#8154) * Fix TextFormatMapTest.DynamicMessage issue#5136 (#8159) * Fix for compiler warning issue#8145 (#8160) * fix: support deprecated enums for GCC < 6 (#8164) * Fix some warning when compiling with Visual Studio 2019 on x64 target (#8125) Python: * Provided an override for the reverse() method that will reverse the internal collection directly instead of using the other methods of the BaseContainer. * MessageFactory.CreateProtoype can be overridden to customize class creation. * Fix PyUnknownFields memory leak (#7928) * Add macOS big sur compatibility (#8126) JavaScript * Generate `getDescriptor` methods with `*` as their `this` type. * Enforce `let/const` for generated messages. * js/binary/utils.js: Fix jspb.utils.joinUnsignedDecimalString to work with negative bitsLow and low but non-zero bitsHigh parameter. (#8170) PHP: * Added support for PHP 8. (#8105) * unregister INI entries and fix invalid read on shutdown (#8042) * Fix PhpDoc comments for message accessors to include '|null'. (#8136) * fix: convert native PHP floats to single precision (#8187) * Fixed PHP to support field numbers >=2**28. (#8235) * feat: add support for deprecated fields to PHP compiler (#8223) * Protect against stack overflow if the user derives from Message. (#8248) * Fixed clone for Message, RepeatedField, and MapField. (#8245) * Updated upb to allow nonzero offset minutes in JSON timestamps. (#8258) Ruby: * Added support for Ruby 3. (#8184) * Rewrote the data storage layer to be based on upb_msg objects from the upb library. This should lead to much better parsing performance, particularly for large messages. (#8184). * Fill out JRuby support (#7923) * [Ruby] Fix: (SIGSEGV) gRPC-Ruby issue on Windows. memory alloc infinite recursion/run out of memory (#8195) * Fix jruby support to handle messages nested more than 1 level deep (#8194) Java: * Avoid possible UnsupportedOperationException when using CodedInputSteam with a direct ByteBuffer. * Make Durations.comparator() and Timestamps.comparator() Serializable. * Add more detailed error information for dynamic message field type validation failure * Removed declarations of functions declared in java_names.h from java_helpers.h. * Now Proto3 Oneof fields have 'has' methods for checking their presence in Java. * Annotates Java proto generated *_FIELD_NUMBER constants. * Add -assumevalues to remove JvmMemoryAccessor on Android. C#: * Fix parsing negative Int32Value that crosses segment boundary (#8035) * Change ByteString to use memory and support unsafe create without copy (#7645) * Optimize MapField serialization by removing MessageAdapter (#8143) * Allow FileDescriptors to be parsed with extension registries (#8220) * Optimize writing small strings (#8149) - Updated URL to https://github.com/protocolbuffers/protobuf Update to v3.14.0 Protocol Compiler: * The proto compiler no longer requires a .proto filename when it is not generating code. * Added flag `--deterministic_output` to `protoc --encode=...`. * Fixed deadlock when using google.protobuf.Any embedded in aggregate options. C++: * Arenas are now unconditionally enabled. cc_enable_arenas no longer has any effect. * Removed inlined string support, which is incompatible with arenas. * Fix a memory corruption bug in reflection when mixing optional and non-optional fields. * Make SpaceUsed() calculation more thorough for map fields. * Add stack overflow protection for text format with unknown field values. * FieldPath::FollowAll() now returns a bool to signal if an out-of-bounds error was encountered. * Performance improvements for Map. * Minor formatting fix when dumping a descriptor to .proto format with DebugString. * UBSAN fix in RepeatedField * When running under ASAN, skip a test that makes huge allocations. * Fixed a crash that could happen when creating more than 256 extensions in a single message. * Fix a crash in BuildFile when passing in invalid descriptor proto. * Parser security fix when operating with CodedInputStream. * Warn against the use of AllowUnknownExtension. * Migrated to C++11 for-range loops instead of index-based loops where possible. This fixes a lot of warnings when compiling with -Wsign-compare. * Fix segment fault for proto3 optional * Adds a CMake option to build `libprotoc` separately Java * Bugfix in mergeFrom() when a oneof has multiple message fields. * Fix RopeByteString.RopeInputStream.read() returning -1 when told to read 0 bytes when not at EOF. * Redefine remove(Object) on primitive repeated field Lists to avoid autoboxing. * Support '\u' escapes in textformat string literals. * Trailing empty spaces are no longer ignored for FieldMask. * Fix FieldMaskUtil.subtract to recursively remove mask. * Mark enums with `@java.lang.Deprecated` if the proto enum has option `deprecated = true;`. * Adding forgotten duration.proto to the lite library Python: * Print google.protobuf.NullValue as null instead of 'NULL_VALUE' when it is used outside WKT Value/Struct. * Fix bug occurring when attempting to deep copy an enum type in python 3. * Add a setuptools extension for generating Python protobufs * Remove uses of pkg_resources in non-namespace packages * [bazel/py] Omit google/__init__.py from the Protobuf runtime * Removed the unnecessary setuptools package dependency for Python package * Fix PyUnknownFields memory leak PHP: * Added support for '==' to the PHP C extension * Added `==` operators for Map and Array * Native C well-known types * Optimized away hex2bin() call in generated code * New version of upb, and a new hash function wyhash in third_party * add missing hasOneof method to check presence of oneof fields Go: * Update go_package options to reference google.golang.org/protobuf module. C#: * annotate ByteString.CopyFrom(ReadOnlySpan<byte>) as SecuritySafeCritical * Fix C# optional field reflection when there are regular fields too * Fix parsing negative Int32Value that crosses segment boundary Javascript: * JS: parse (un)packed fields conditionally Update to version 3.13.0 PHP: * The C extension is completely rewritten. The new C extension has significantly better parsing performance and fixes a handful of conformance issues. It will also make it easier to add support for more features like proto2 and proto3 presence. * The new C extension does not support PHP 5.x. PHP 5.x users can still use pure-PHP. C++: * Removed deprecated unsafe arena string accessors * Enabled heterogeneous lookup for std::string keys in maps. * Removed implicit conversion from StringPiece to std::string * Fix use-after-destroy bug when the Map is allocated in the arena. * Improved the randomness of map ordering * Added stack overflow protection for text format with unknown fields * Use std::hash for proto maps to help with portability. * Added more Windows macros to proto whitelist. * Arena constructors for map entry messages are now marked 'explicit' (for regular messages they were already explicit). * Fix subtle aliasing bug in RepeatedField::Add * Fix mismatch between MapEntry ByteSize and Serialize with respect to unset fields. Python: * JSON format conformance fixes: * Reject lowercase t for Timestamp json format. * Print full_name directly for extensions (no camelCase). * Reject boolean values for integer fields. * Reject NaN, Infinity, -Infinity that is not quoted. * Base64 fixes for bytes fields: accept URL-safe base64 and missing padding. * Bugfix for fields/files named 'async' or 'await'. * Improved the error message when AttributeError is returned from __getattr__ in EnumTypeWrapper. Java: * Fixed a bug where setting optional proto3 enums with setFooValue() would not mark the value as present. * Add Subtract function to FieldMaskUtil. C#: * Dropped support for netstandard1.0 (replaced by support for netstandard1.1). This was required to modernize the parsing stack to use the `Span<byte>` type internally * Add `ParseFrom(ReadOnlySequence<byte>)` method to enable GC friendly parsing with reduced allocations and buffer copies * Add support for serialization directly to a `IBufferWriter<byte>` or to a `Span<byte>` to enable GC friendly serialization. The new API is available as extension methods on the `IMessage` type * Add `GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make generated code compatible with old C# compilers (pre-roslyn compilers from .NET framework and old versions of mono) that do not support ref structs. Users that are still on a legacy stack that does not support C# 7.2 compiler might need to use the new define in their projects to be able to build the newly generated code * Due to the major overhaul of parsing and serialization internals, it is recommended to regenerate your generated code to achieve the best performance (the legacy generated code will still work, but might incur a slight performance penalty). Update to version 3.12.3; notable changes since 3.11.4: Protocol Compiler: * [experimental] Singular, non-message typed fields in proto3 now support presence tracking. This is enabled by adding the 'optional' field label and passing the --experimental_allow_proto3_optional flag to protoc. * For usage info, see docs/field_presence.md. * During this experimental phase, code generators should update to support proto3 presence, see docs/implementing_proto3_presence.md for instructions. * Allow duplicate symbol names when multiple descriptor sets are passed on the command-line, to match the behavior when multiple .proto files are passed. * Deterministic `protoc --descriptor_set_out` (#7175) Objective-C: * Tweak the union used for Extensions to support old generated code. #7573 * Fix for the :protobuf_objc target in the Bazel BUILD file. (#7538) * [experimental] ObjC Proto3 optional support (#7421) * Block subclassing of generated classes (#7124) * Use references to Obj C classes instead of names in descriptors. (#7026) * Revisit how the WKTs are bundled with ObjC. (#7173) C++: * Simplified the template export macros to fix the build for mingw32. (#7539) * [experimental] Added proto3 presence support. * New descriptor APIs to support proto3 presence. * Enable Arenas by default on all .proto files. * Documented that users are not allowed to subclass Message or MessageLite. * Mark generated classes as final; inheriting from protos is strongly discouraged. * Add stack overflow protection for text format with unknown fields. * Add accessors for map key and value FieldDescriptors. * Add FieldMaskUtil::FromFieldNumbers(). * MessageDifferencer: use ParsePartial() on Any fields so the diff does not fail when there are missing required fields. * ReflectionOps::Merge(): lookup messages in the right factory, if it can. * Added Descriptor::WellKnownTypes enum and Descriptor::well_known_type() accessor as an easier way of determining if a message is a Well-Known Type. * Optimized RepeatedField::Add() when it is used in a loop. * Made proto move/swap more efficient. * De-virtualize the GetArena() method in MessageLite. * Improves performance of json_stream_parser.cc by factor 1000 (#7230) * bug: #7076 undefine Windows OUT and OPTIONAL macros (#7087) * Fixed a bug in FieldDescriptor::DebugString() that would erroneously print an 'optional' label for a field in a oneof. * Fix bug in parsing bool extensions that assumed they are always 1 byte. * Fix off-by-one error in FieldOptions::ByteSize() when extensions are present. * Clarified the comments to show an example of the difference between Descriptor::extension and DescriptorPool::FindAllExtensions. * Add a compiler option 'code_size' to force optimize_for=code_size on all protos where this is possible. Ruby: * Re-add binary gems for Ruby 2.3 and 2.4. These are EOL upstream, however many people still use them and dropping support will require more coordination. * [experimental] Implemented proto3 presence for Ruby. (#7406) * Stop building binary gems for ruby <2.5 (#7453) * Fix for wrappers with a zero value (#7195) * Fix for JSON serialization of 0/empty-valued wrapper types (#7198) * Call 'Class#new' over rb_class_new_instance in decoding (#7352) * Build extensions for Ruby 2.7 (#7027) * assigning 'nil' to submessage should clear the field. (#7397) Java: * [experimental] Added proto3 presence support. * Mark java enum _VALUE constants as @Deprecated if the enum field is deprecated * reduce <clinit> size for enums with allow_alias set to true. * Sort map fields alphabetically by the field's key when printing textproto. * Fixed a bug in map sorting that appeared in -rc1 and -rc2 (#7508). * TextFormat.merge() handles Any as top level type. * Throw a descriptive IllegalArgumentException when calling getValueDescriptor() on enum special value UNRECOGNIZED instead of ArrayIndexOutOfBoundsException. * Fixed an issue with JsonFormat.printer() where setting printingEnumsAsInts() would override the configuration passed into includingDefaultValueFields(). * Implement overrides of indexOf() and contains() on primitive lists returned for repeated fields to avoid autoboxing the list contents. * Add overload to FieldMaskUtil.fromStringList that accepts a descriptor. * [bazel] Move Java runtime/toolchains into //java (#7190) Python: * [experimental] Added proto3 presence support. * [experimental] fast import protobuf module, only works with cpp generated code linked in. * Truncate 'float' fields to 4 bytes of precision in setters for pure-Python implementation (C++ extension was already doing this). * Fixed a memory leak in C++ bindings. * Added a deprecation warning when code tries to create Descriptor objects directly. * Fix unintended comparison between bytes and string in descriptor.py. * Avoid printing excess digits for float fields in TextFormat. * Remove Python 2.5 syntax compatibility from the proto compiler generated _pb2.py module code. * Drop 3.3, 3.4 and use single version docker images for all python tests (#7396) JavaScript: * Fix js message pivot selection (#6813) PHP: * Persistent Descriptor Pool (#6899) * Implement lazy loading of php class for proto messages (#6911) * Correct @return in Any.unpack docblock (#7089) * Ignore unknown enum value when ignore_unknown specified (#7455) C#: * [experimental] Add support for proto3 presence fields in C# (#7382) * Mark GetOption API as obsolete and expose the 'GetOptions()' method on descriptors instead (#7491) * Remove Has/Clear members for C# message fields in proto2 (#7429) * Enforce recursion depth checking for unknown fields (#7132) * Fix conformance test failures for Google.Protobuf (#6910) * Cleanup various bits of Google.Protobuf (#6674) * Fix latest ArgumentException for C# extensions (#6938) * Remove unnecessary branch from ReadTag (#7289) Other: * Add a proto_lang_toolchain for javalite (#6882) * [bazel] Update gtest and deprecate //external:{gtest,gtest_main} (#7237) * Add application note for explicit presence tracking. (#7390) * Howto doc for implementing proto3 presence in a code generator. (#7407) Update to version 3.11.4; notable changes since 3.9.2: * C++: Make serialization method naming consistent * C++: Moved ShutdownProtobufLibrary() to message_lite.h. For backward compatibility a declaration is still available in stubs/common.h, but users should prefer message_lite.h * C++: Removed non-namespace macro EXPECT_OK() * C++: Removed mathlimits.h from stubs in favor of using std::numeric_limits from C++11 * C++: Support direct pickling of nested messages * C++: Disable extension code gen for C# * C++: Switch the proto parser to the faster MOMI parser * C++: Unused imports of files defining descriptor extensions will now be reported * C++: Add proto2::util::RemoveSubranges to remove multiple subranges in linear time * C++: Support 32 bit values for ProtoStreamObjectWriter to Struct * C++: Removed the internal-only header coded_stream_inl.h and the internal-only methods defined there * C++: Enforced no SWIG wrapping of descriptor_database.h (other headers already had this restriction) * C++: Implementation of the equivalent of the MOMI parser for serialization. This removes one of the two serialization routines, by making the fast array serialization routine completely general. SerializeToCodedStream can now be implemented in terms of the much much faster array serialization. The array serialization regresses slightly, but when array serialization is not possible this wins big * C++: Add move constructor for Reflection's SetString * Java: Remove the usage of MethodHandle, so that Android users prior to API version 26 can use protobuf-java * Java: Publish ProGuard config for javalite * Java: Include unknown fields when merging proto3 messages in Java lite builders * Java: Have oneof enums implement a separate interface (other than EnumLite) for clarity * Java: Opensource Android Memory Accessors * Java: Change ProtobufArrayList to use Object[] instead of ArrayList for 5-10% faster parsing * Java: Make a copy of JsonFormat.TypeRegistry at the protobuf top level package. This will eventually replace JsonFormat.TypeRegistry * Java: Add Automatic-Module-Name entries to the Manifest * Python: Add float_precision option in json format printer * Python: Optionally print bytes fields as messages in unknown fields, if possible * Python: Experimental code gen (fast import protobuf module) which only work with cpp generated code linked in * Python: Add descriptor methods in descriptor_pool are deprecated * Python: Added delitem for Python extension dict * JavaScript: Remove guard for Symbol iterator for jspb.Map * JavaScript: Remove deprecated boolean option to getResultBase64String() * JavaScript: Change the parameter types of binaryReaderFn in ExtensionFieldBinaryInfo to (number, ?, ?) * JavaScript: Create dates.ts and time_of_days.ts to mirror Java versions. This is a near-identical conversion of c.g.type.util.{Dates,TimeOfDays} respectively * JavaScript: Migrate moneys to TypeScript * PHP: Increase php7.4 compatibility * PHP: Implement lazy loading of php class for proto messages * Ruby: Support hashes for struct initializers * C#: Experimental proto2 support is now officially available * C#: Change _Extensions property to normal body rather than expression * Objective C: Remove OSReadLittle* due to alignment requirements * Other: Override CocoaPods module to lowercase * further bugfixes and optimisations - Install LICENSE - Drop protobuf-libs as it is just workaround for rpmlint issue * python bindings now require recent python-google-apputils * Released memory allocated by InitializeDefaultRepeatedFields() and GetEmptyString(). Some memory sanitizers reported them * Updated DynamicMessage.setField() to handle repeated enum * Fixed a bug that caused NullPointerException to be thrown when converting manually constructed FileDescriptorProto to * Added oneofs(unions) feature. Fields in the same oneof will * Files, services, enums, messages, methods and enum values * Added Support for list values, including lists of mesaages, * Added SwapFields() in reflection API to swap a subset of * Repeated primitive extensions are now packable. The it is possible to switch a repeated extension field to * writeTo() method in ByteString can now write a substring to * java_generate_equals_and_hash can now be used with the * A new C++-backed extension module (aka 'cpp api v2') that replaces the old ('cpp api v1') one. Much faster than the pure Python code. This one resolves many bugs and is mosh reqires it python-abseil was udpated: version update to 1.4.0 New: (testing) Added @flagsaver.as_parsed: this allows saving/restoring flags using string values as if parsed from the command line and will also reflect other flag states after command line parsing, e.g. .present is set. Changed: (logging) If no log dir is specified logging.find_log_dir() now falls back to tempfile.gettempdir() instead of /tmp/. Fixed: (flags) Additional kwargs (e.g. short_name=) to DEFINE_multi_enum_class are now correctly passed to the underlying Flag object. version update to 1.2.0 * Fixed a crash in Python 3.11 when `TempFileCleanup.SUCCESS` is used. * `Flag` instances now raise an error if used in a bool context. This prevents the occasional mistake of testing an instance for truthiness rather than testing `flag.value`. * `absl-py` no longer depends on `six`. Update to version 1.0.0 * absl-py no longer supports Python 2.7, 3.4, 3.5. All versions have reached end-of-life for more than a year now. * New releases will be tagged as vX.Y.Z instead of pypi-vX.Y.Z in the git repo going forward. - Release notes for 0.15.0 * (testing) #128: When running bazel with its --test_filter= flag, it now treats the filters as unittest's -k flag in Python 3.7+. - Release notes for 0.14.1 * Top-level LICENSE file is now exported in bazel. - Release notes for 0.14.0 * #171: Creating argparse_flags.ArgumentParser with argument_default= no longer raises an exception when other absl.flags flags are defined. * #173: absltest now correctly sets up test filtering and fail fast flags when an explicit argv= parameter is passed to absltest.main. - Release notes for 0.13.0 * (app) Type annotations for public app interfaces. * (testing) Added new decorator @absltest.skipThisClass to indicate a class contains shared functionality to be used as a base class for other TestCases, and therefore should be skipped. * (app) Annotated the flag_parser paramteter of run as keyword-only. This keyword-only constraint will be enforced at runtime in a future release. * (app, flags) Flag validations now include all errors from disjoint flag sets, instead of fail fast upon first error from all validators. Multiple validators on the same flag still fails fast. - Release notes for 0.12.0 * (flags) Made EnumClassSerializer and EnumClassListSerializer public. * (flags) Added a required: Optional[bool] = False parameter to DEFINE_* functions. * (testing) flagsaver overrides can now be specified in terms of FlagHolder. * (testing) parameterized.product: Allows testing a method over cartesian product of parameters values, specified as a sequences of values for each parameter or as kwargs-like dicts of parameter values. * (testing) Added public flag holders for --test_srcdir and --test_tmpdir. Users should use absltest.TEST_SRCDIR.value and absltest.TEST_TMPDIR.value instead of FLAGS.test_srcdir and FLAGS.test_tmpdir. * (flags) Made CsvListSerializer respect its delimiter argument. - Add Provides python-absl-py python-grpcuio was updated: - Update to version 1.60.0: * No python specfic changes. - Update to version 1.59.2: * No python specific changes. - Update to version 1.59.0: * [Python 3.12] Support Python 3.12 (gh#grpc/grpc#34398). * [Python 3.12] Deprecate distutil (gh#grpc/grpc#34186). - Update to version 1.58.0: * [Bazel] Enable grpcio-reflection to be used via Bazel (gh#grpc/grpc#31013). * [packaging] Publish xds-protos as part of the standard package pipeline (gh#grpc/grpc#33797). - Update to version 1.57.0: (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148) * [posix] Enable systemd sockets for libsystemd>=233 (gh#grpc/grpc#32671). * [python O11Y] Initial Implementation (gh#grpc/grpc#32974). - Build with LTO (don't set _lto_cflags to %nil). - No need to pass '-std=c++17' to build CFLAGS. - Update to version 1.56.2: * [WRR] backport (gh#grpc/grpc#33694) to 1.56 (gh#grpc/grpc#33698) * [backport][iomgr][EventEngine] Improve server handling of file descriptor exhaustion (gh#grpc/grpc#33667) - Switch build to pip/wheel. - Use system abseil with '-std=c++17' to prevent undefined symbol eg. with python-grpcio-tools (_ZN3re23RE213GlobalReplaceEPNSt7__ cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKS0_N4absl12lts_ 2023012511string_viewE) - Upstream only supports python >= 3.7, so adjust BuildRequires accordingly. - Add %{?sle15_python_module_pythons} - Update to version 1.56.0: (CVE-2023-32731, bsc#1212180) * [aio types] Fix some grpc.aio python types (gh#grpc/grpc#32475). - Update to version 1.55.0: * [EventEngine] Disable EventEngine polling in gRPC Python (gh#grpc/grpc#33279) (gh#grpc/grpc#33320). * [Bazel Python3.11] Update Bazel dependencies for Python 3.11 (gh#grpc/grpc#33318) (gh#grpc/grpc#33319). - Drop Requires: python-six; not required any more. - Switch Suggests to Recommends. - Update to version 1.54.0: (CVE-2023-32732, bsc#1212182) * Fix DeprecationWarning when calling asyncio.get_event_loop() (gh#grpc/grpc#32533). * Remove references to deprecated syntax field (gh#grpc/grpc#32497). - Update to version 1.51.1: * No Linux specific changes. - Changes from version 1.51.0: * Fix lack of cooldown between poll attempts (gh#grpc/grpc#31550). * Remove enum and future (gh#grpc/grpc#31381). * [Remove Six] Remove dependency on six (gh#grpc/grpc#31340). * Update xds-protos package to pull in protobuf 4.X (gh#grpc/grpc#31113). - Update to version 1.50.0: * Support Python 3.11. [gh#grpc/grpc#30818]. - Update to version 1.49.1 * Support Python 3.11. (#30818) * Add type stub generation support to grpcio-tools. (#30498) - Update to version 1.48.0: * [Aio] Ensure Core channel closes when deallocated [gh#grpc/grpc#29797]. * [Aio] Fix the wait_for_termination return value [gh#grpc/grpc#29795]. - update to 1.46.3: * backport: xds: use federation env var to guard new-style resource name parsing * This release contains refinements, improvements, and bug fixes. - Update to version 1.46.0: * Add Python GCF Distribtest [gh#grpc/grpc#29303]. * Add Python Reflection Client [gh#grpc/grpc#29085]. * Revert 'Fix prefork handler register's default behavior' [gh#grpc/grpc#29229]. * Fix prefork handler register's default behavior [gh#grpc/grpc#29103]. * Fix fetching CXX variable in setup.py [gh#grpc/grpc#28873]. - Update to version 1.45.0: * Reimplement Gevent Integration [gh#grpc/grpc#28276]. * Support musllinux binary wheels on x64 and x86 [gh#grpc/grpc#28092]. * Increase the Python protobuf requirement to >=3.12.0 [gh#grpc/grpc#28604]. - Build with system re2; add BuildRequires: pkgconfig(re2). - Update to version 1.44.0: * Add python async example for hellostreamingworld using generator (gh#grpc/grpc#27343). * Disable __wrap_memcpy hack for Python builds (gh#grpc/grpc#28410). * Bump Bazel Python Cython dependency to 0.29.26 (gh#grpc/grpc#28398). * Fix libatomic linking on Raspberry Pi OS Bullseye (gh#grpc/grpc#28041). * Allow generated proto sources in remote repositories for py_proto_library (gh#grpc/grpc#28103). - Update to version 1.43.0: * [Aio] Validate the input type for set_trailing_metadata and abort (gh#grpc/grpc#27958). - update to 1.41.1: * This is release 1.41.0 (goat) of gRPC Core. - Update to version 1.41.0: * Add Python 3.10 support and drop 3.5 (gh#grpc/grpc#26074). * [Aio] Remove custom IO manager support (gh#grpc/grpc#27090). - Update to version 1.39.0: * Python AIO: Match continuation typing on Interceptors (gh#grpc/grpc#26500). * Workaround #26279 by publishing manylinux_2_24 wheels instead of manylinux2014 on aarch64 (gh#grpc/grpc#26430). * Fix zlib unistd.h import problem (gh#grpc/grpc#26374). * Handle gevent exception in gevent poller (gh#grpc/grpc#26058). - Update to version 1.38.1: * Backport gh#grpc/grpc#26430 and gh#grpc/grpc#26435 to v1.38.x (gh#grpc/grpc#26436). - Update to version 1.38.0: * Add grpcio-admin Python package (gh#grpc/grpc#26166). * Add CSDS API to Python (gh#grpc/grpc#26114). * Expose code and details from context on the server side (gh#grpc/grpc#25457). * Explicitly import importlib.abc; required on Python 3.10. Fixes #26062 (gh#grpc/grpc#26083). * Fix potential deadlock on the GIL in AuthMetdataPlugin (gh#grpc/grpc#26009). * Introduce new Python package 'xds_protos' (gh#grpc/grpc#25975). * Remove async mark for set_trailing_metadata interface (gh#grpc/grpc#25814). - Update to version 1.37.1: * No user visible changes. - Changes from version 1.37.0: * Clarify Guarantees about grpc.Future Interface (gh#grpc/grpc#25383). * [Aio] Add time_remaining method to ServicerContext (gh#grpc/grpc#25719). * Standardize all environment variable boolean configuration in python's setup.py (gh#grpc/grpc#25444). * Fix Signal Safety Issue (gh#grpc/grpc#25394). - Update to version 1.36.1: * Core: back-port: add env var protection for google-c2p resolver (gh#grpc/grpc#25569). - Update to version 1.35.0: * Implement Python Client and Server xDS Creds. (gh#grpc/grpc#25365) * Add %define _lto_cflags %{nil} (bsc#1182659) (rh#1893533) * Link roots.pem to ca-bundle.pem from ca-certificates package - Update to version 1.34.1: * Backport 'Lazily import grpc_tools when using runtime stub/message generation' to 1.34.x (gh#grpc/grpc#25011). - Update to version 1.34.0: * Incur setuptools as an dependency for grpcio_tools (gh#grpc/grpc#24752). * Stop the spamming log generated by ctrl-c for AsyncIO server (gh#grpc/grpc#24718). * [gRPC Easy] Make Well-Known Types Available to Runtime Protos (gh#grpc/grpc#24478). * Bump MACOSX_DEPLOYMENT_TARGET to 10.10 for Python (gh#grpc/grpc#24480). * Make Python 2 an optional dependency for Bazel build (gh#grpc/grpc#24407). * [Linux] [macOS] Support pre-compiled Python 3.9 wheels (gh#grpc/grpc#24356). - Update to version 1.33.2: * [Backport] Implement grpc.Future interface in SingleThreadedRendezvous (gh#grpc/grpc#24574). - Update to version 1.33.1: * [Backport] Make Python 2 an optional dependency for Bazel build (gh#grpc/grpc#24452). * Allow asyncio API to be imported as grpc.aio. (gh#grpc/grpc#24289). * [gRPC Easy] Fix import errors on Windows (gh#grpc/grpc#24124). * Make version check for importlib.abc in grpcio-tools more stringent (gh#grpc/grpc#24098). Added re2 package in version 2024-02-01. Moderate SUSE bug 1133277 SUSE bug 1182659 SUSE bug 1203378 SUSE bug 1208794 SUSE bug 1212180 SUSE bug 1212182 SUSE bug 1214148 SUSE bug 1215334 CVE-2023-32731 at SUSE CVE-2023-32731 at NVD CVE-2023-32732 at SUSE CVE-2023-32732 at NVD CVE-2023-33953 at SUSE CVE-2023-33953 at NVD CVE-2023-44487 at SUSE CVE-2023-44487 at NVD CVE-2023-4785 at SUSE CVE-2023-4785 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character (bsc#1210638). Moderate SUSE bug 1210638 CVE-2023-27043 at SUSE CVE-2023-27043 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker (Important) SUSE Linux Enterprise Micro 5.5 This update for docker fixes the following issues: Vendor latest buildkit v0.11 including bugfixes for the following: * CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation (bsc#1219438). * CVE-2024-23652: Fixed arbitrary deletion of files (bsc#1219268). * CVE-2024-23651: Fixed race condition in mount (bsc#1219267). Important SUSE bug 1219267 SUSE bug 1219268 SUSE bug 1219438 CVE-2024-23651 at SUSE CVE-2024-23651 at NVD CVE-2024-23652 at SUSE CVE-2024-23652 at NVD CVE-2024-23653 at SUSE CVE-2024-23653 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2023-52356: Fixed segfault in TIFFReadRGBATileExt() (bsc#1219213). Moderate SUSE bug 1219213 CVE-2023-52356 at SUSE CVE-2023-52356 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssh (Important) SUSE Linux Enterprise Micro 5.5 This update for openssh fixes the following issues: - CVE-2023-51385: Limit the use of shell metacharacters in host- and user names to avoid command injection. (bsc#1218215) Important SUSE bug 1218215 CVE-2023-51385 at SUSE CVE-2023-51385 at NVD cpe:/o:suse:sle-micro:5.5 Security update for mozilla-nss (Important) SUSE Linux Enterprise Micro 5.5 This update for mozilla-nss fixes the following issues: Update to NSS 3.90.2: - CVE-2023-5388: Fixed timing attack against RSA decryption in TLS (bsc#1216198) Important SUSE bug 1216198 CVE-2023-5388 at SUSE CVE-2023-5388 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libssh2_org (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libssh2_org fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity (Terrapin Attack) (bsc#1218127). Moderate SUSE bug 1218127 CVE-2023-48795 at SUSE CVE-2023-48795 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust (bsc#1218862). - CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data (bsc#1218865). Moderate SUSE bug 1218862 SUSE bug 1218865 CVE-2024-0553 at SUSE CVE-2024-0553 at NVD CVE-2024-0567 at SUSE CVE-2024-0567 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tar (Low) SUSE Linux Enterprise Micro 5.5 This update for tar fixes the following issues: - CVE-2023-39804: Fixed extension attributes in PAX archives incorrect hanling (bsc#1217969). Low SUSE bug 1217969 CVE-2023-39804 at SUSE CVE-2023-39804 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openvswitch3 (Important) SUSE Linux Enterprise Micro 5.5 This update for openvswitch3 fixes the following issues: - CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload (bsc#1219465). Important SUSE bug 1219465 CVE-2023-3966 at SUSE CVE-2023-3966 at NVD cpe:/o:suse:sle-micro:5.5 Security update for wpa_supplicant (Important) SUSE Linux Enterprise Micro 5.5 This update for wpa_supplicant fixes the following issues: - CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975). Important SUSE bug 1219975 CVE-2023-52160 at SUSE CVE-2023-52160 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (Important) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues: Update to 550.54.14: * Added vGPU Host and vGPU Guest support. For vGPU Host, please refer to the README.vgpu packaged in the vGPU Host Package for more details. Security issues fixed: * CVE-2024-0074: A user could trigger a NULL ptr dereference. * CVE-2024-0075: A user could overwrite the end of a buffer, leading to crashes or code execution. * CVE-2022-42265: A unprivileged user could trigger an integer overflow which could lead to crashes or code execution. - create /run/udev/static_node-tags/uaccess/nvidia${devid} symlinks also during modprobing the nvidia module; this changes the issue of not having access to /dev/nvidia${devid}, when gfxcard has been replaced by a different gfx card after installing the driver - provide nvidia-open-driver-G06-kmp (jsc#PED-7117) This makes it easy to replace the package from nVidia's CUDA repository with this presigned package Important SUSE bug 1220552 CVE-2022-42265 at SUSE CVE-2022-42265 at NVD CVE-2024-0074 at SUSE CVE-2024-0074 at NVD CVE-2024-0075 at SUSE CVE-2024-0075 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2023-46839: Fixed memory access through PCI device with phantom functions (XSA-449) (bsc#1218851). - CVE-2023-46840: Fixed Failure to quarantine devices in !HVM builds (XSA-450) (bsc#1219080). - CVE-2023-46841: Fixed shadow stack vs exceptions from emulation stubs (XSA-451) (bsc#1219885). Moderate SUSE bug 1027519 SUSE bug 1218851 SUSE bug 1219080 SUSE bug 1219885 CVE-2023-46839 at SUSE CVE-2023-46839 at NVD CVE-2023-46840 at SUSE CVE-2023-46840 at NVD CVE-2023-46841 at SUSE CVE-2023-46841 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-25162: Fixed a potential use after free (bsc#1220409). - CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). - CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) - CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). - CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). - CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827). - CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). - CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). - CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). - CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). - CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). - CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). - CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). - CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). - CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). - CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) - CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) - CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) - CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). - CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). - CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). - CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). - CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). - CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). - CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927). - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). - CVE-2024-26586: Fixed stack corruption (bsc#1220243). - CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). - CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). - CVE-2024-26593: Fixed block process call transactions (bsc#1220009). - CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). - CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). - CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). - CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: - acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes). - acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes). - acpi: extlog: fix null pointer dereference check (git-fixes). - acpi: resource: add asus model s5402za to quirks (git-fixes). - acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes). - acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes). - acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes). - acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes). - acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes). - acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes). - add reference to recently released cve - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes). - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes). - afs: hide silly-rename files from userspace (git-fixes). - afs: increase buffer size in afs_update_volume_status() (git-fixes). - ahci: asm1166: correct count of reported ports (git-fixes). - alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes). - alsa: firewire-lib: fix to check cycle continuity (git-fixes). - alsa: hda/conexant: add quirk for sws js201d (git-fixes). - alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes). - alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes). - alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git-fixes). - alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes). - alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes). - alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes). - alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes). - alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes). - alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes). - alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes). - alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes). - alsa: usb-audio: check presence of valid altsetting control (git-fixes). - alsa: usb-audio: ignore clock selector errors for single connection (git-fixes). - alsa: usb-audio: more relaxed check of midi jack names (git-fixes). - alsa: usb-audio: sort quirk table entries (git-fixes). - arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443) - arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443) - arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443) - arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround. - arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break. - arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break - arm64: irq: set the correct node for shadow call stack (git-fixes) - arm64: irq: set the correct node for vmap stack (git-fixes) - arm64: rename arm64_workaround_2966298 (bsc#1219443) - arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git-fixes) - asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes). - asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes). - asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes). - asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes). - atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). - bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes). - bluetooth: enforce validation on max value of connection interval (git-fixes). - bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes). - bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes). - bluetooth: hci_sync: check the correct flag before starting a scan (git-fixes). - bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes). - bluetooth: l2cap: fix possible multiple reject send (git-fixes). - bluetooth: qca: fix wrong event type for patch config command (git-fixes). - bpf: fix verification of indirect var-off stack access (git-fixes). - bpf: guard stack limits against 32bit overflow (git-fixes). - bpf: minor logging improvement (bsc#1220257). - bus: moxtet: add spi device table (git-fixes). - cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267). - can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes). - crypto: api - disallow identical driver names (git-fixes). - crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes). - crypto: octeontx2 - fix cptvf driver cleanup (git-fixes). - crypto: stm32/crc32 - fix parsing list of devices (git-fixes). - dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes). - dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes). - dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes). - dmaengine: fsl-qdma: init irq after reg initialization (git-fixes). - dmaengine: ptdma: use consistent dma masks (git-fixes). - dmaengine: shdma: increase size of 'dev_id' (git-fixes). - dmaengine: ti: edma: add some null pointer checks to the edma_probe (git-fixes). - driver core: fix device_link_flag_is_sync_state_only() (git-fixes). - drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes). - drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes). - drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes). - drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes). - drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes). - drm/amd/display: preserve original aspect ratio in create stream (git-fixes). - drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes). - drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes). - drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes). - drm/buddy: fix range bias (git-fixes). - drm/crtc: fix uninitialized variable use even harder (git-fixes). - drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes). - drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes). - drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git-fixes). - drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes). - drm/prime: support page array >= 4gb (git-fixes). - drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes). - drm/ttm: fix an invalid freeing on already freed page in error path (git-fixes). - drop bcm5974 input patch causing a regression (bsc#1220030) - efi/capsule-loader: fix incorrect allocation size (git-fixes). - efi: do not add memblocks for soft-reserved memory (git-fixes). - efi: runtime: fix potential overflow of soft-reserved region size (git-fixes). - fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes). - fbdev: savage: error out if pixclock equals zero (git-fixes). - fbdev: sis: error out if pixclock equals zero (git-fixes). - firewire: core: send bus reset promptly on gap count error (git-fixes). - fs: dlm: fix build with config_ipv6 disabled (git-fixes). - fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes). - gpio: 74x164: enable output pins after registers are reset (git-fixes). - gpio: fix resource unwinding order in error path (git-fixes). - gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes). - gpiolib: fix the error path order in gpiochip_add_data_with_key() (git-fixes). - hid: apple: add 2021 magic keyboard fn key mapping (git-fixes). - hid: apple: add support for the 2021 magic keyboard (git-fixes). - hid: wacom: do not register input devices until after hid_hw_start (git-fixes). - hid: wacom: generic: avoid reporting a serial of '0' to userspace (git-fixes). - hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). - hwmon: (coretemp) enlarge per package core count limit (git-fixes). - hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes). - hwmon: (coretemp) fix out-of-bounds memory access (git-fixes). - i2c: i801: fix block process call transactions (git-fixes). - i2c: i801: remove i801_set_block_buffer_mode (git-fixes). - i2c: imx: add timer for handling the stop condition (git-fixes). - i2c: imx: when being a target, mark the last read as processed (git-fixes). - i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes). - ib/hfi1: fix a memleak in init_credit_return (git-fixes) - ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes) - iio: accel: bma400: fix a compilation problem (git-fixes). - iio: adc: ad7091r: set alert bit in config register (git-fixes). - iio: core: fix memleak in iio_device_register_sysfs (git-fixes). - iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git-fixes). - iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes). - input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes). - input: xpad - add lenovo legion go controllers (git-fixes). - irqchip/gic-v3-its: fix gicv4.1 vpe affinity update (git-fixes). - irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes). - jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes). - jfs: fix array-index-out-of-bounds in dinewext (git-fixes). - jfs: fix slab-out-of-bounds read in dtsearch (git-fixes). - jfs: fix uaf in jfs_evict_inode (git-fixes). - kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes). - kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839). - kvm: s390: fix setting of fpc register (git-fixes bsc#1220392). - kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393). - kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). - kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git-fixes). - lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes). - leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes). - lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423). - lib/stackdepot: add refcount for records (jsc-ped#7423). - lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423). - lib/stackdepot: move stack_record struct definition into the header (jsc-ped#7423). - libsubcmd: fix memory leak in uniq() (git-fixes). - media: ddbridge: fix an error code problem in ddb_probe (git-fixes). - media: ir_toy: fix a memleak in irtoy_tx (git-fixes). - media: rc: bpf attach/detach requires write permission (git-fixes). - media: rockchip: rga: fix swizzling for rgb formats (git-fixes). - media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes). - mfd: syscon: fix null pointer dereference in of_syscon_register() (git-fixes). - mm,page_owner: display all stacks and their count (jsc-ped#7423). - mm,page_owner: filter out stacks by a threshold (jsc-ped#7423). - mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423). - mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423). - mm,page_owner: update documentation regarding page_owner_stacks (jsc-ped#7423). - mm/hwpoison: fix unpoison_memory() (bsc#1218663). - mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663). - mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663). - mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes). - mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes). - mmc: core: use mrq.sbc in close-ended ffu (git-fixes). - mmc: mmc_spi: remove custom dma mapped buffers (git-fixes). - mmc: sdhci-xenon: add timeout for phy init complete (git-fixes). - mmc: sdhci-xenon: fix phy init clock stability (git-fixes). - mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes). - modpost: trim leading spaces when processing source files list (git-fixes). - mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes). - net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). - netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003). - nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes). - nilfs2: replace warn_ons for invalid dat metadata block requests (git-fixes). - nouveau/svm: fix kvcalloc() argument order (git-fixes). - nouveau: fix function cast warnings (git-fixes). - ntfs: check overflow when iterating attr_records (git-fixes). - ntfs: fix use-after-free in ntfs_attr_find() (git-fixes). - nvme-fabrics: fix i/o connect error handling (git-fixes). - nvme-host: fix the updating of the firmware version (git-fixes). - pci/aer: decode requester id when no error info found (git-fixes). - pci: add no pm reset quirk for nvidia spectrum devices (git-fixes). - pci: add pci_header_type_mfd definition (bsc#1220021). - pci: fix 64gt/s effective data rate calculation (git-fixes). - pci: only override amd usb controller if required (git-fixes). - pci: switchtec: fix stdev_release() crash after surprise hot remove (git-fixes). - platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes). - platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes). - platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes). - pm: core: remove unnecessary (void *) conversions (git-fixes). - pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes). - pnp: acpi: fix fortify warning (git-fixes). - power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes). - powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869). - powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869). - powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348). - powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869). - powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348). - powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869). - powerpc/watchpoints: annotate atomic context in more places (bsc#1194869). - powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869). - powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869). - powerpc: do not include lppaca.h in paca.h (bsc#1194869). - pstore/ram: fix crash when setting number of cpus to an odd number (git-fixes). - ras/amd/atl: add mi300 row retirement support (jsc#ped-7618). - ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes). - ras: introduce a fru memory poison manager (jsc#ped-7618). - rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes) - rdma/bnxt_re: return error for srq resize (git-fixes) - rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934). - rdma/core: get ib width and speed from netdev (bsc#1219934). - rdma/irdma: add ae for too many rnrs (git-fixes) - rdma/irdma: fix kasan issue with tasklet (git-fixes) - rdma/irdma: set the cq read threshold for gen 1 (git-fixes) - rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes) - rdma/qedr: fix qedr_create_user_qp error flow (git-fixes) - rdma/srpt: fix function pointer cast warnings (git-fixes) - rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes) - refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io (bsc#1216776, bsc#1220277) - regulator: core: only increment use_count when enable_count changes (git-fixes). - regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes). - revert 'drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz' (git-fixes). - revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes). - revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes). - rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. - s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840). - s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317). - sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes). - scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes). - scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes). - scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141). - scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes). - scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106). - scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106). - scsi: isci: fix an error code problem in isci_io_request_build() (git-fixes). - scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021). - scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021). - scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021). - scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021). - scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021). - scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021). - scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021). - scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021). - scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021). - scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021). - scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021). - scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021). - scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021). - scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021). - scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021). - scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021). - scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021). - scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021). - scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021). - scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes). - scsi: revert 'scsi: fcoe: fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141). - serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes). - spi-mxs: fix chipselect glitch (git-fixes). - spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git-fixes). - spi: ppc4xx: drop write-only variable (git-fixes). - spi: sh-msiof: avoid integer overflow in constants (git-fixes). - staging: iio: ad5933: fix type mismatch regression (git-fixes). - supported.conf: remove external flag from ibm supported modules. (bsc#1209412) - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). - tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes). - topology/sysfs: add format parameter to macro defining 'show' functions for proc (jsc#ped-7618). - topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618). - tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes). - ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes). - usb: cdns3: fix memory double free when handle zero packet (git-fixes). - usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git-fixes). - usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes). - usb: cdns3: put the cdns set active part outside the spin lock (git-fixes). - usb: cdns: readd old api (git-fixes). - usb: cdnsp: blocked some cdns3 specific code (git-fixes). - usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes). - usb: dwc3: gadget: do not disconnect if not started (git-fixes). - usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes). - usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes). - usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes). - usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes). - usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git-fixes). - usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes). - usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). - usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes). - usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes). - usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes). - usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). - usb: gadget: f_hid: fix report descriptor allocation (git-fixes). - usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes). - usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes). - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes). - usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git-fixes). - usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes). - usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes). - usb: gadget: udc: handle gadget_connect failure during bind operation (git-fixes). - usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527). - usb: hub: replace hardcoded quirk value with bit() macro (git-fixes). - usb: roles: do not get/set_role() when usb_role_switch is unregistered (git-fixes). - usb: roles: fix null pointer issue when put module's reference (git-fixes). - usb: serial: cp210x: add id for imst im871a-usb (git-fixes). - usb: serial: option: add fibocom fm101-gl variant (git-fixes). - usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes). - watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git-fixes). - wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes). - wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes). - wifi: cfg80211: fix missing interfaces when dumping (git-fixes). - wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes). - wifi: iwlwifi: fix some error codes (git-fixes). - wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes). - wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git-fixes). - wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes). - wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes). - wifi: nl80211: reject iftype change with mesh id change (git-fixes). - wifi: rt2x00: restart beacon queue when hardware reset (git-fixes). - wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes). - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes). - wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes). - x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). - x86/bugs: add asm helpers for executing verw (git-fixes). - x86/bugs: use alternative() instead of mds_user_clear static key (git-fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk. - x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618). - x86/entry_32: add verw just before userspace transition (git-fixes). - x86/entry_64: add verw just before userspace transition (git-fixes). - x86/mm: fix memory encryption features advertisement (bsc#1206453). - xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes). - xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes). Important SUSE bug 1194869 SUSE bug 1206453 SUSE bug 1209412 SUSE bug 1213456 SUSE bug 1216776 SUSE bug 1217927 SUSE bug 1218195 SUSE bug 1218216 SUSE bug 1218450 SUSE bug 1218527 SUSE bug 1218663 SUSE bug 1218915 SUSE bug 1219126 SUSE bug 1219127 SUSE bug 1219141 SUSE bug 1219146 SUSE bug 1219295 SUSE bug 1219443 SUSE bug 1219653 SUSE bug 1219827 SUSE bug 1219835 SUSE bug 1219839 SUSE bug 1219840 SUSE bug 1219934 SUSE bug 1220003 SUSE bug 1220009 SUSE bug 1220021 SUSE bug 1220030 SUSE bug 1220106 SUSE bug 1220140 SUSE bug 1220187 SUSE bug 1220238 SUSE bug 1220240 SUSE bug 1220241 SUSE bug 1220243 SUSE bug 1220250 SUSE bug 1220251 SUSE bug 1220253 SUSE bug 1220254 SUSE bug 1220255 SUSE bug 1220257 SUSE bug 1220267 SUSE bug 1220277 SUSE bug 1220317 SUSE bug 1220326 SUSE bug 1220328 SUSE bug 1220330 SUSE bug 1220335 SUSE bug 1220344 SUSE bug 1220348 SUSE bug 1220350 SUSE bug 1220364 SUSE bug 1220392 SUSE bug 1220393 SUSE bug 1220398 SUSE bug 1220409 SUSE bug 1220444 SUSE bug 1220457 SUSE bug 1220459 SUSE bug 1220649 SUSE bug 1220796 SUSE bug 1220825 CVE-2019-25162 at SUSE CVE-2019-25162 at NVD CVE-2021-46923 at SUSE CVE-2021-46923 at NVD CVE-2021-46924 at SUSE CVE-2021-46924 at NVD CVE-2021-46932 at SUSE CVE-2021-46932 at NVD CVE-2023-28746 at SUSE CVE-2023-28746 at NVD CVE-2023-5197 at SUSE CVE-2023-5197 at NVD CVE-2023-52340 at SUSE CVE-2023-52340 at NVD CVE-2023-52429 at SUSE CVE-2023-52429 at NVD CVE-2023-52439 at SUSE CVE-2023-52439 at NVD CVE-2023-52443 at SUSE CVE-2023-52443 at NVD CVE-2023-52445 at SUSE CVE-2023-52445 at NVD CVE-2023-52447 at SUSE CVE-2023-52447 at NVD CVE-2023-52448 at SUSE CVE-2023-52448 at NVD CVE-2023-52449 at SUSE CVE-2023-52449 at NVD CVE-2023-52451 at SUSE CVE-2023-52451 at NVD CVE-2023-52452 at SUSE CVE-2023-52452 at NVD CVE-2023-52456 at SUSE CVE-2023-52456 at NVD CVE-2023-52457 at SUSE CVE-2023-52457 at NVD CVE-2023-52463 at SUSE CVE-2023-52463 at NVD CVE-2023-52464 at SUSE CVE-2023-52464 at NVD CVE-2023-52475 at SUSE CVE-2023-52475 at NVD CVE-2023-52478 at SUSE CVE-2023-52478 at NVD CVE-2023-6817 at SUSE CVE-2023-6817 at NVD CVE-2024-0607 at SUSE CVE-2024-0607 at NVD CVE-2024-1151 at SUSE CVE-2024-1151 at NVD CVE-2024-23849 at SUSE CVE-2024-23849 at NVD CVE-2024-23850 at SUSE CVE-2024-23850 at NVD CVE-2024-23851 at SUSE CVE-2024-23851 at NVD CVE-2024-25744 at SUSE CVE-2024-25744 at NVD CVE-2024-26585 at SUSE CVE-2024-26585 at NVD CVE-2024-26586 at SUSE CVE-2024-26586 at NVD CVE-2024-26589 at SUSE CVE-2024-26589 at NVD CVE-2024-26591 at SUSE CVE-2024-26591 at NVD CVE-2024-26593 at SUSE CVE-2024-26593 at NVD CVE-2024-26595 at SUSE CVE-2024-26595 at NVD CVE-2024-26598 at SUSE CVE-2024-26598 at NVD CVE-2024-26602 at SUSE CVE-2024-26602 at NVD CVE-2024-26603 at SUSE CVE-2024-26603 at NVD CVE-2024-26622 at SUSE CVE-2024-26622 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Moderate) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: Security issues fixed: - qsort: harden handling of degenerated / non transient compare function (bsc#1218866) Other issues fixed: - getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163) - aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113) Moderate SUSE bug 1217445 SUSE bug 1217589 SUSE bug 1218866 cpe:/o:suse:sle-micro:5.5 Security update for sudo (Important) SUSE Linux Enterprise Micro 5.5 This update for sudo fixes the following issues: - CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134). Important SUSE bug 1221134 SUSE bug 1221151 CVE-2023-42465 at SUSE CVE-2023-42465 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). - CVE-2022-48566: Make compare_digest more constant-time (bsc#1214691). Important SUSE bug 1214691 SUSE bug 1219666 CVE-2022-48566 at SUSE CVE-2022-48566 at NVD CVE-2023-6597 at SUSE CVE-2023-6597 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-25162: Fixed a potential use after free (bsc#1220409). - CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). - CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) - CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). - CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). - CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). - CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827). - CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). - CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). - CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). - CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). - CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). - CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). - CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). - CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). - CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). - CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) - CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) - CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) - CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). - CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). - CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). - CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). - CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). - CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). - CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927). - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). - CVE-2024-26586: Fixed stack corruption (bsc#1220243). - CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). - CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). - CVE-2024-26593: Fixed block process call transactions (bsc#1220009). - CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). - CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). - CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). - CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: - acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes). - acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes). - acpi: extlog: fix null pointer dereference check (git-fixes). - acpi: resource: add asus model s5402za to quirks (git-fixes). - acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes). - acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes). - acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes). - acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes). - acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes). - acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes). - add reference to recently released cve - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes). - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes). - afs: hide silly-rename files from userspace (git-fixes). - afs: increase buffer size in afs_update_volume_status() (git-fixes). - ahci: asm1166: correct count of reported ports (git-fixes). - alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes). - alsa: firewire-lib: fix to check cycle continuity (git-fixes). - alsa: hda/conexant: add quirk for sws js201d (git-fixes). - alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes). - alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes). - alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git-fixes). - alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes). - alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes). - alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes). - alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes). - alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes). - alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes). - alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes). - alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes). - alsa: usb-audio: check presence of valid altsetting control (git-fixes). - alsa: usb-audio: ignore clock selector errors for single connection (git-fixes). - alsa: usb-audio: more relaxed check of midi jack names (git-fixes). - alsa: usb-audio: sort quirk table entries (git-fixes). - arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443) - arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443) - arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443) - arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround. - arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break. - arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break - arm64: irq: set the correct node for shadow call stack (git-fixes) - arm64: irq: set the correct node for vmap stack (git-fixes) - arm64: rename arm64_workaround_2966298 (bsc#1219443) - arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git-fixes) - asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes). - asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes). - asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes). - asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes). - atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). - bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes). - bluetooth: enforce validation on max value of connection interval (git-fixes). - bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes). - bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes). - bluetooth: hci_sync: check the correct flag before starting a scan (git-fixes). - bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes). - bluetooth: l2cap: fix possible multiple reject send (git-fixes). - bluetooth: qca: fix wrong event type for patch config command (git-fixes). - bpf: fix verification of indirect var-off stack access (git-fixes). - bpf: guard stack limits against 32bit overflow (git-fixes). - bpf: minor logging improvement (bsc#1220257). - bus: moxtet: add spi device table (git-fixes). - cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267). - can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes). - crypto: api - disallow identical driver names (git-fixes). - crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes). - crypto: octeontx2 - fix cptvf driver cleanup (git-fixes). - crypto: stm32/crc32 - fix parsing list of devices (git-fixes). - dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes). - dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes). - dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes). - dmaengine: fsl-qdma: init irq after reg initialization (git-fixes). - dmaengine: ptdma: use consistent dma masks (git-fixes). - dmaengine: shdma: increase size of 'dev_id' (git-fixes). - dmaengine: ti: edma: add some null pointer checks to the edma_probe (git-fixes). - driver core: fix device_link_flag_is_sync_state_only() (git-fixes). - drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes). - drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes). - drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes). - drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes). - drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes). - drm/amd/display: preserve original aspect ratio in create stream (git-fixes). - drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes). - drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes). - drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes). - drm/buddy: fix range bias (git-fixes). - drm/crtc: fix uninitialized variable use even harder (git-fixes). - drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes). - drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes). - drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git-fixes). - drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes). - drm/prime: support page array >= 4gb (git-fixes). - drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes). - drm/ttm: fix an invalid freeing on already freed page in error path (git-fixes). - drop bcm5974 input patch causing a regression (bsc#1220030) - efi/capsule-loader: fix incorrect allocation size (git-fixes). - efi: do not add memblocks for soft-reserved memory (git-fixes). - efi: runtime: fix potential overflow of soft-reserved region size (git-fixes). - fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes). - fbdev: savage: error out if pixclock equals zero (git-fixes). - fbdev: sis: error out if pixclock equals zero (git-fixes). - firewire: core: send bus reset promptly on gap count error (git-fixes). - fs: dlm: fix build with config_ipv6 disabled (git-fixes). - fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes). - gpio: 74x164: enable output pins after registers are reset (git-fixes). - gpio: fix resource unwinding order in error path (git-fixes). - gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes). - gpiolib: fix the error path order in gpiochip_add_data_with_key() (git-fixes). - hid: apple: add 2021 magic keyboard fn key mapping (git-fixes). - hid: apple: add support for the 2021 magic keyboard (git-fixes). - hid: wacom: do not register input devices until after hid_hw_start (git-fixes). - hid: wacom: generic: avoid reporting a serial of '0' to userspace (git-fixes). - hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). - hwmon: (coretemp) enlarge per package core count limit (git-fixes). - hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes). - hwmon: (coretemp) fix out-of-bounds memory access (git-fixes). - i2c: i801: fix block process call transactions (git-fixes). - i2c: i801: remove i801_set_block_buffer_mode (git-fixes). - i2c: imx: add timer for handling the stop condition (git-fixes). - i2c: imx: when being a target, mark the last read as processed (git-fixes). - i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes). - ib/hfi1: fix a memleak in init_credit_return (git-fixes) - ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes) - iio: accel: bma400: fix a compilation problem (git-fixes). - iio: adc: ad7091r: set alert bit in config register (git-fixes). - iio: core: fix memleak in iio_device_register_sysfs (git-fixes). - iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git-fixes). - iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes). - input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes). - input: xpad - add lenovo legion go controllers (git-fixes). - irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes). - jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes). - jfs: fix array-index-out-of-bounds in dinewext (git-fixes). - jfs: fix slab-out-of-bounds read in dtsearch (git-fixes). - jfs: fix uaf in jfs_evict_inode (git-fixes). - kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes). - kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839). - kvm: s390: fix setting of fpc register (git-fixes bsc#1220392). - kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393). - kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). - kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git-fixes). - lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes). - leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes). - lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423). - lib/stackdepot: add refcount for records (jsc-ped#7423). - lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423). - lib/stackdepot: move stack_record struct definition into the header (jsc-ped#7423). - libsubcmd: fix memory leak in uniq() (git-fixes). - media: ddbridge: fix an error code problem in ddb_probe (git-fixes). - media: ir_toy: fix a memleak in irtoy_tx (git-fixes). - media: rc: bpf attach/detach requires write permission (git-fixes). - media: rockchip: rga: fix swizzling for rgb formats (git-fixes). - media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes). - mfd: syscon: fix null pointer dereference in of_syscon_register() (git-fixes). - mm,page_owner: display all stacks and their count (jsc-ped#7423). - mm,page_owner: filter out stacks by a threshold (jsc-ped#7423). - mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423). - mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423). - mm,page_owner: update documentation regarding page_owner_stacks (jsc-ped#7423). - mm/hwpoison: fix unpoison_memory() (bsc#1218663). - mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663). - mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663). - mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes). - mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes). - mmc: core: use mrq.sbc in close-ended ffu (git-fixes). - mmc: mmc_spi: remove custom dma mapped buffers (git-fixes). - mmc: sdhci-xenon: add timeout for phy init complete (git-fixes). - mmc: sdhci-xenon: fix phy init clock stability (git-fixes). - mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes). - modpost: trim leading spaces when processing source files list (git-fixes). - mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes). - net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). - netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003). - nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes). - nilfs2: replace warn_ons for invalid dat metadata block requests (git-fixes). - nouveau/svm: fix kvcalloc() argument order (git-fixes). - nouveau: fix function cast warnings (git-fixes). - ntfs: check overflow when iterating attr_records (git-fixes). - ntfs: fix use-after-free in ntfs_attr_find() (git-fixes). - nvme-fabrics: fix i/o connect error handling (git-fixes). - nvme-host: fix the updating of the firmware version (git-fixes). - pci/aer: decode requester id when no error info found (git-fixes). - pci: add no pm reset quirk for nvidia spectrum devices (git-fixes). - pci: add pci_header_type_mfd definition (bsc#1220021). - pci: fix 64gt/s effective data rate calculation (git-fixes). - pci: only override amd usb controller if required (git-fixes). - pci: switchtec: fix stdev_release() crash after surprise hot remove (git-fixes). - platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes). - platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes). - platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes). - pm: core: remove unnecessary (void *) conversions (git-fixes). - pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes). - pnp: acpi: fix fortify warning (git-fixes). - power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes). - powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869). - powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869). - powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348). - powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869). - powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348). - powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869). - powerpc/watchpoints: annotate atomic context in more places (bsc#1194869). - powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869). - powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869). - powerpc: do not include lppaca.h in paca.h (bsc#1194869). - pstore/ram: fix crash when setting number of cpus to an odd number (git-fixes). - ras/amd/atl: add mi300 row retirement support (jsc#ped-7618). - ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes). - ras: introduce a fru memory poison manager (jsc#ped-7618). - rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes) - rdma/bnxt_re: return error for srq resize (git-fixes) - rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934). - rdma/core: get ib width and speed from netdev (bsc#1219934). - rdma/irdma: add ae for too many rnrs (git-fixes) - rdma/irdma: fix kasan issue with tasklet (git-fixes) - rdma/irdma: set the cq read threshold for gen 1 (git-fixes) - rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes) - rdma/qedr: fix qedr_create_user_qp error flow (git-fixes) - rdma/srpt: fix function pointer cast warnings (git-fixes) - rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes) - refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io. (bsc#1216776, bsc#1220277) - regulator: core: only increment use_count when enable_count changes (git-fixes). - regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes). - revert 'drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz' (git-fixes). - revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes). - revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes). - rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. - s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840). - s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317). - sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes). - scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes). - scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes). - scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141). - scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes). - scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106). - scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106). - scsi: isci: fix an error code problem in isci_io_request_build() (git-fixes). - scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021). - scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021). - scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021). - scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021). - scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021). - scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021). - scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021). - scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021). - scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021). - scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021). - scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021). - scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021). - scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021). - scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021). - scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021). - scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021). - scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021). - scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021). - scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021). - scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes). - scsi: revert 'scsi: fcoe: fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141). - serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes). - spi-mxs: fix chipselect glitch (git-fixes). - spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git-fixes). - spi: ppc4xx: drop write-only variable (git-fixes). - spi: sh-msiof: avoid integer overflow in constants (git-fixes). - staging: iio: ad5933: fix type mismatch regression (git-fixes). - supported.conf: remove external flag from ibm supported modules. (bsc#1209412) - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). - tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes). - topology/sysfs: add format parameter to macro defining 'show' functions for proc (jsc#ped-7618). - topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618). - tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes). - ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes). - usb: cdns3: fix memory double free when handle zero packet (git-fixes). - usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git-fixes). - usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes). - usb: cdns3: put the cdns set active part outside the spin lock (git-fixes). - usb: cdns: readd old api (git-fixes). - usb: cdnsp: blocked some cdns3 specific code (git-fixes). - usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes). - usb: dwc3: gadget: do not disconnect if not started (git-fixes). - usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes). - usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes). - usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes). - usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes). - usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git-fixes). - usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes). - usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). - usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes). - usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes). - usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes). - usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). - usb: gadget: f_hid: fix report descriptor allocation (git-fixes). - usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes). - usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes). - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes). - usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git-fixes). - usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes). - usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes). - usb: gadget: udc: handle gadget_connect failure during bind operation (git-fixes). - usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527). - usb: hub: replace hardcoded quirk value with bit() macro (git-fixes). - usb: roles: do not get/set_role() when usb_role_switch is unregistered (git-fixes). - usb: roles: fix null pointer issue when put module's reference (git-fixes). - usb: serial: cp210x: add id for imst im871a-usb (git-fixes). - usb: serial: option: add fibocom fm101-gl variant (git-fixes). - usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes). - watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git-fixes). - wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes). - wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes). - wifi: cfg80211: fix missing interfaces when dumping (git-fixes). - wifi: cfg80211: fix rcu dereference in __cfg80211_bss_update (git-fixes). - wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes). - wifi: iwlwifi: fix some error codes (git-fixes). - wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes). - wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git-fixes). - wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes). - wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes). - wifi: nl80211: reject iftype change with mesh id change (git-fixes). - wifi: rt2x00: restart beacon queue when hardware reset (git-fixes). - wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes). - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes). - wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes). - x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). - x86/bugs: add asm helpers for executing verw (git-fixes). - x86/bugs: use alternative() instead of mds_user_clear static key (git-fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk. - x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618). - x86/entry_32: add verw just before userspace transition (git-fixes). - x86/entry_64: add verw just before userspace transition (git-fixes). - x86/mm: fix memory encryption features advertisement (bsc#1206453). - xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes). - xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes). Important SUSE bug 1194869 SUSE bug 1206453 SUSE bug 1209412 SUSE bug 1213456 SUSE bug 1216776 SUSE bug 1217927 SUSE bug 1218195 SUSE bug 1218216 SUSE bug 1218450 SUSE bug 1218527 SUSE bug 1218663 SUSE bug 1218915 SUSE bug 1219126 SUSE bug 1219127 SUSE bug 1219141 SUSE bug 1219146 SUSE bug 1219295 SUSE bug 1219443 SUSE bug 1219653 SUSE bug 1219827 SUSE bug 1219835 SUSE bug 1219839 SUSE bug 1219840 SUSE bug 1219934 SUSE bug 1220003 SUSE bug 1220009 SUSE bug 1220021 SUSE bug 1220030 SUSE bug 1220106 SUSE bug 1220140 SUSE bug 1220187 SUSE bug 1220238 SUSE bug 1220240 SUSE bug 1220241 SUSE bug 1220243 SUSE bug 1220250 SUSE bug 1220251 SUSE bug 1220253 SUSE bug 1220254 SUSE bug 1220255 SUSE bug 1220257 SUSE bug 1220267 SUSE bug 1220277 SUSE bug 1220317 SUSE bug 1220326 SUSE bug 1220328 SUSE bug 1220330 SUSE bug 1220335 SUSE bug 1220344 SUSE bug 1220348 SUSE bug 1220350 SUSE bug 1220364 SUSE bug 1220392 SUSE bug 1220393 SUSE bug 1220398 SUSE bug 1220409 SUSE bug 1220444 SUSE bug 1220457 SUSE bug 1220459 SUSE bug 1220649 SUSE bug 1220796 SUSE bug 1220825 CVE-2019-25162 at SUSE CVE-2019-25162 at NVD CVE-2021-46923 at SUSE CVE-2021-46923 at NVD CVE-2021-46924 at SUSE CVE-2021-46924 at NVD CVE-2021-46932 at SUSE CVE-2021-46932 at NVD CVE-2023-28746 at SUSE CVE-2023-28746 at NVD CVE-2023-5197 at SUSE CVE-2023-5197 at NVD CVE-2023-52340 at SUSE CVE-2023-52340 at NVD CVE-2023-52429 at SUSE CVE-2023-52429 at NVD CVE-2023-52439 at SUSE CVE-2023-52439 at NVD CVE-2023-52443 at SUSE CVE-2023-52443 at NVD CVE-2023-52445 at SUSE CVE-2023-52445 at NVD CVE-2023-52447 at SUSE CVE-2023-52447 at NVD CVE-2023-52448 at SUSE CVE-2023-52448 at NVD CVE-2023-52449 at SUSE CVE-2023-52449 at NVD CVE-2023-52451 at SUSE CVE-2023-52451 at NVD CVE-2023-52452 at SUSE CVE-2023-52452 at NVD CVE-2023-52456 at SUSE CVE-2023-52456 at NVD CVE-2023-52457 at SUSE CVE-2023-52457 at NVD CVE-2023-52463 at SUSE CVE-2023-52463 at NVD CVE-2023-52464 at SUSE CVE-2023-52464 at NVD CVE-2023-52475 at SUSE CVE-2023-52475 at NVD CVE-2023-52478 at SUSE CVE-2023-52478 at NVD CVE-2023-6817 at SUSE CVE-2023-6817 at NVD CVE-2024-0607 at SUSE CVE-2024-0607 at NVD CVE-2024-1151 at SUSE CVE-2024-1151 at NVD CVE-2024-23849 at SUSE CVE-2024-23849 at NVD CVE-2024-23850 at SUSE CVE-2024-23850 at NVD CVE-2024-23851 at SUSE CVE-2024-23851 at NVD CVE-2024-25744 at SUSE CVE-2024-25744 at NVD CVE-2024-26585 at SUSE CVE-2024-26585 at NVD CVE-2024-26586 at SUSE CVE-2024-26586 at NVD CVE-2024-26589 at SUSE CVE-2024-26589 at NVD CVE-2024-26591 at SUSE CVE-2024-26591 at NVD CVE-2024-26593 at SUSE CVE-2024-26593 at NVD CVE-2024-26595 at SUSE CVE-2024-26595 at NVD CVE-2024-26598 at SUSE CVE-2024-26598 at NVD CVE-2024-26602 at SUSE CVE-2024-26602 at NVD CVE-2024-26603 at SUSE CVE-2024-26603 at NVD CVE-2024-26622 at SUSE CVE-2024-26622 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Moderate) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c (bsc#1214686). - CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c (bsc#1213590). - CVE-2023-40745: Fixed integer overflow in tiffcp.c (bsc#1214687). Moderate SUSE bug 1213590 SUSE bug 1214686 SUSE bug 1214687 SUSE bug 1221187 CVE-2023-38288 at SUSE CVE-2023-38288 at NVD CVE-2023-40745 at SUSE CVE-2023-40745 at NVD CVE-2023-41175 at SUSE CVE-2023-41175 at NVD cpe:/o:suse:sle-micro:5.5 Security update for krb5 (Important) SUSE Linux Enterprise Micro 5.5 This update for krb5 fixes the following issues: - CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). - CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). - CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). Important SUSE bug 1220770 SUSE bug 1220771 SUSE bug 1220772 CVE-2024-26458 at SUSE CVE-2024-26458 at NVD CVE-2024-26461 at SUSE CVE-2024-26461 at NVD CVE-2024-26462 at SUSE CVE-2024-26462 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-Jinja2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-Jinja2 fixes the following issues: - CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method (bsc#1238879) Moderate SUSE bug 1238879 CVE-2025-27516 at SUSE CVE-2025-27516 at NVD cpe:/o:suse:sle-micro:5.5 Security update for google-guest-agent (Important) SUSE Linux Enterprise Micro 5.5 This update for google-guest-agent fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) Important SUSE bug 1239197 CVE-2025-22868 at SUSE CVE-2025-22868 at NVD cpe:/o:suse:sle-micro:5.5 Security update for google-osconfig-agent (Important) SUSE Linux Enterprise Micro 5.5 This update for google-osconfig-agent fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) Important SUSE bug 1239197 CVE-2025-22868 at SUSE CVE-2025-22868 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Moderate) SUSE Linux Enterprise Micro 5.5 This update for helm fixes the following issues: - CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238688). Other fixes: - Updated to version 3.17.2 - Updated to 0.37.0 for x/net Moderate SUSE bug 1238688 CVE-2025-22870 at SUSE CVE-2025-22870 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330). Important SUSE bug 1239330 CVE-2024-6104 at SUSE CVE-2024-6104 at NVD CVE-2025-22869 at SUSE CVE-2025-22869 at NVD CVE-2025-27144 at SUSE CVE-2025-27144 at NVD cpe:/o:suse:sle-micro:5.5 Security update for skopeo (Moderate) SUSE Linux Enterprise Micro 5.5 This update for skopeo fixes the following issues: - CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238685). Moderate SUSE bug 1238685 CVE-2025-22870 at SUSE CVE-2025-22870 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Low) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307). Low SUSE bug 1233307 CVE-2024-11168 at SUSE CVE-2024-11168 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker, docker-stable (Important) SUSE Linux Enterprise Micro 5.5 This update for docker, docker-stable fixes the following issues: - CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239185). - CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239322). Other fixes: - Make container-selinux requirement conditional on selinux-policy (bsc#1237367) Important SUSE bug 1237367 SUSE bug 1239185 SUSE bug 1239322 CVE-2024-23650 at SUSE CVE-2024-23650 at NVD CVE-2024-29018 at SUSE CVE-2024-29018 at NVD CVE-2024-41110 at SUSE CVE-2024-41110 at NVD CVE-2025-22868 at SUSE CVE-2025-22868 at NVD CVE-2025-22869 at SUSE CVE-2025-22869 at NVD cpe:/o:suse:sle-micro:5.5 Security update for apparmor (Moderate) SUSE Linux Enterprise Micro 5.5 This update for apparmor fixes the following issues: - Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin (bsc#1234452). Moderate SUSE bug 1234452 cpe:/o:suse:sle-micro:5.5 Security update for libxslt (Important) SUSE Linux Enterprise Micro 5.5 This update for libxslt fixes the following issues: - CVE-2023-40403: Fixed sensitive information disclosure during processing web content (bsc#1238591) - CVE-2024-55549: Fixed use-after-free in xsltGetInheritedNsList (bsc#1239637) - CVE-2025-24855: Fixed use-after-free in numbers.c (bsc#1239625) Important SUSE bug 1238591 SUSE bug 1239625 SUSE bug 1239637 CVE-2023-40403 at SUSE CVE-2023-40403 at NVD CVE-2024-55549 at SUSE CVE-2024-55549 at NVD CVE-2025-24855 at SUSE CVE-2025-24855 at NVD cpe:/o:suse:sle-micro:5.5 Security update for google-guest-agent (Important) SUSE Linux Enterprise Micro 5.5 This update for google-guest-agent fixes the following issues: - CVE-2024-45337: golang.org/x/crypto/ssh: Fixed misuse of ServerConfig.PublicKeyCallback leading to authorization bypass (bsc#1234563). Other fixes: - Updated to version 20250327.01 (bsc#1239763, bsc#1239866) * Remove error messages from gce_workload_cert_refresh and metadata script runner (#527) - from version 20250327.00 * Update guest-logging-go dependency (#526) * Add 'created-by' metadata, and pass it as option to logging library (#508) * Revert 'oslogin: Correctly handle newlines at the end of modified files (#520)' (#523) * Re-enable disabled services if the core plugin was enabled (#522) * Enable guest services on package upgrade (#519) * oslogin: Correctly handle newlines at the end of modified files (#520) * Fix core plugin path (#518) * Fix package build issues (#517) * Fix dependencies ran go mod tidy -v (#515) * Fix debian build path (#514) * Bundle compat metadata script runner binary in package (#513) * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512) * Update startup/shutdown services to launch compat manager (#503) * Bundle new gce metadata script runner binary in agent package (#502) * Revert 'Revert bundling new binaries in the package (#509)' (#511) - from version 20250326.00 * Re-enable disabled services if the core plugin was enabled (#521) - from version 20250324.00 * Enable guest services on package upgrade (#519) * oslogin: Correctly handle newlines at the end of modified files (#520) * Fix core plugin path (#518) * Fix package build issues (#517) * Fix dependencies ran go mod tidy -v (#515) * Fix debian build path (#514) * Bundle compat metadata script runner binary in package (#513) * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512) * Update startup/shutdown services to launch compat manager (#503) * Bundle new gce metadata script runner binary in agent package (#502) * Revert 'Revert bundling new binaries in the package (#509)' (#511) * Revert bundling new binaries in the package (#509) * Fix typo in windows build script (#501) * Include core plugin binary for all packages (#500) * Start packaging compat manager (#498) * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492) * scripts: introduce a wrapper to locally build deb package (#490) * Introduce compat-manager systemd unit (#497) - from version 20250317.00 * Revert 'Revert bundling new binaries in the package (#509)' (#511) * Revert bundling new binaries in the package (#509) * Fix typo in windows build script (#501) * Include core plugin binary for all packages (#500) * Start packaging compat manager (#498) * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492) * scripts: introduce a wrapper to locally build deb package (#490) * Introduce compat-manager systemd unit (#497) - from version 20250312.00 * Revert bundling new binaries in the package (#509) * Fix typo in windows build script (#501) * Include core plugin binary for all packages (#500) * Update crypto library to fix CVE-2024-45337 (#499) * Start packaging compat manager (#498) * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492) * scripts: introduce a wrapper to locally build deb package (#490) * Introduce compat-manager systemd unit (#497) - from version 20250305.00 * Revert bundling new binaries in the package (#509) * Fix typo in windows build script (#501) * Include core plugin binary for all packages (#500) * Start packaging compat manager (#498) * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492) * scripts: introduce a wrapper to locally build deb package (#490) * Introduce compat-manager systemd unit (#497) - from version 20250304.01 * Fix typo in windows build script (#501) - from version 20250214.01 * Include core plugin binary for all packages (#500) - from version 20250214.00 * Update crypto library to fix CVE-2024-45337 (#499) - from version 20250212.00 * Start packaging compat manager (#498) * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492) - from version 20250211.00 * scripts: introduce a wrapper to locally build deb package (#490) * Introduce compat-manager systemd unit (#497) - from version 20250207.00 * vlan: toggle vlan configuration in debian packaging (#495) * vlan: move config out of unstable section (#494) * Add clarification to comments regarding invalid NICs and the `invalid` tag. (#493) * Include interfaces in lists even if it has an invalid MAC. (#489) * Fix windows package build failures (#491) * vlan: don't index based on the vlan ID (#486) * Revert PR #482 (#488) * Remove Amy and Zach from OWNERS (#487) * Skip interfaces in interfaceNames() instead of erroring if there is an (#482) * Fix Debian packaging if guest agent manager is not checked out (#485) - from version 20250204.02 * force concourse to move version forward. - from version 20250204.01 * vlan: toggle vlan configuration in debian packaging (#495) - from version 20250204.00 * vlan: move config out of unstable section (#494) * Add clarification to comments regarding invalid NICs and the `invalid` tag. (#493) - from version 20250203.01 * Include interfaces in lists even if it has an invalid MAC. (#489) - from version 20250203.00 * Fix windows package build failures (#491) * vlan: don't index based on the vlan ID (#486) * Revert PR #482 (#488) * Remove Amy and Zach from OWNERS (#487) * Skip interfaces in interfaceNames() instead of erroring if there is an (#482) * Fix Debian packaging if guest agent manager is not checked out (#485) - from version 20250122.00 * networkd(vlan): remove the interface in addition to config (#468) * Implement support for vlan dynamic removal, update dhclient to remove only if configured (#465) * Update logging library (#479) * Remove Pat from owners file. (#478) Important SUSE bug 1234563 SUSE bug 1239763 SUSE bug 1239866 CVE-2024-45337 at SUSE CVE-2024-45337 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918). - CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919). - CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207). - CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276). - CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074). - CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894). - CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895). - CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528). - CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076). - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239095). - CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109). - CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029). - CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073). - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911). - CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115). The following non-security bugs were fixed: - ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530). - RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016). - RDMA/mana_ib: Use v2 version of cfg_rx_steer_req to enable RX coalescing (bsc#1239016). - Revert 'gfs2: Fix inode height consistency check (git-fixes). - btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968). - btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968). - btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968). - btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969). - btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969). - cifs: Add a laundromat thread for cached directories (git-fixes). - cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (git-fixes). - gfs2: Fix inode height consistency check (git-fixes). - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() (bsc#1239126). - mm: zswap: move allocations during CPU init outside the lock (git-fixes). - net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016). - net: mana: Allow variable size indirection table (bsc#1239016). - net: mana: Avoid open coded arithmetic (bsc#1239016). - net: mana: Support holes in device list reply msg (bsc#1240133). - sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743). - smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes). - smb3: do not start laundromat thread when dir leases disabled (git-fixes). - smb3: retrying on failed server close (git-fixes). - smb: client: destroy cfid_put_wq on module exit (git-fixes). - smb: client: disable directory caching when dir_cache_timeout is zero (git-fixes). - smb: client: do not start laundromat thread on nohandlecache (git-fixes). - smb: client: make laundromat a delayed worker (git-fixes). - smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896). - tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870). Important SUSE bug 1065729 SUSE bug 1180814 SUSE bug 1183682 SUSE bug 1190336 SUSE bug 1190768 SUSE bug 1190786 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1194904 SUSE bug 1195823 SUSE bug 1196444 SUSE bug 1197158 SUSE bug 1197174 SUSE bug 1197227 SUSE bug 1197246 SUSE bug 1197302 SUSE bug 1197331 SUSE bug 1197472 SUSE bug 1197661 SUSE bug 1197926 SUSE bug 1198019 SUSE bug 1198021 SUSE bug 1198240 SUSE bug 1198577 SUSE bug 1198660 SUSE bug 1199657 SUSE bug 1200045 SUSE bug 1200571 SUSE bug 1200807 SUSE bug 1200809 SUSE bug 1200810 SUSE bug 1200824 SUSE bug 1200825 SUSE bug 1200871 SUSE bug 1200872 SUSE bug 1201193 SUSE bug 1201218 SUSE bug 1201323 SUSE bug 1201381 SUSE bug 1201610 SUSE bug 1202672 SUSE bug 1202711 SUSE bug 1202712 SUSE bug 1202771 SUSE bug 1202774 SUSE bug 1202778 SUSE bug 1202781 SUSE bug 1203699 SUSE bug 1203769 SUSE bug 1204171 SUSE bug 1205205 SUSE bug 1205701 SUSE bug 1206048 SUSE bug 1206049 SUSE bug 1206451 SUSE bug 1207034 SUSE bug 1207186 SUSE bug 1207361 SUSE bug 1207593 SUSE bug 1207640 SUSE bug 1207878 SUSE bug 1209262 SUSE bug 1209547 SUSE bug 1209788 SUSE bug 1209980 SUSE bug 1210050 SUSE bug 1210647 SUSE bug 1211263 SUSE bug 1213167 SUSE bug 1218450 SUSE bug 1221651 SUSE bug 1225428 SUSE bug 1225742 SUSE bug 1229312 SUSE bug 1231375 SUSE bug 1231432 SUSE bug 1231854 SUSE bug 1232299 SUSE bug 1232743 SUSE bug 1233479 SUSE bug 1233557 SUSE bug 1233749 SUSE bug 1234074 SUSE bug 1234894 SUSE bug 1234895 SUSE bug 1234896 SUSE bug 1235528 SUSE bug 1235599 SUSE bug 1235870 SUSE bug 1237029 SUSE bug 1237521 SUSE bug 1237530 SUSE bug 1237718 SUSE bug 1237721 SUSE bug 1237722 SUSE bug 1237723 SUSE bug 1237724 SUSE bug 1237725 SUSE bug 1237726 SUSE bug 1237727 SUSE bug 1237728 SUSE bug 1237729 SUSE bug 1237730 SUSE bug 1237733 SUSE bug 1237734 SUSE bug 1237735 SUSE bug 1237736 SUSE bug 1237737 SUSE bug 1237738 SUSE bug 1237739 SUSE bug 1237740 SUSE bug 1237742 SUSE bug 1237743 SUSE bug 1237744 SUSE bug 1237745 SUSE bug 1237746 SUSE bug 1237748 SUSE bug 1237749 SUSE bug 1237751 SUSE bug 1237752 SUSE bug 1237753 SUSE bug 1237755 SUSE bug 1237759 SUSE bug 1237761 SUSE bug 1237763 SUSE bug 1237766 SUSE bug 1237767 SUSE bug 1237768 SUSE bug 1237774 SUSE bug 1237775 SUSE bug 1237778 SUSE bug 1237779 SUSE bug 1237780 SUSE bug 1237782 SUSE bug 1237783 SUSE bug 1237784 SUSE bug 1237785 SUSE bug 1237786 SUSE bug 1237787 SUSE bug 1237788 SUSE bug 1237789 SUSE bug 1237790 SUSE bug 1237792 SUSE bug 1237794 SUSE bug 1237795 SUSE bug 1237797 SUSE bug 1237798 SUSE bug 1237799 SUSE bug 1237807 SUSE bug 1237808 SUSE bug 1237809 SUSE bug 1237810 SUSE bug 1237812 SUSE bug 1237813 SUSE bug 1237814 SUSE bug 1237815 SUSE bug 1237816 SUSE bug 1237817 SUSE bug 1237818 SUSE bug 1237820 SUSE bug 1237821 SUSE bug 1237823 SUSE bug 1237824 SUSE bug 1237826 SUSE bug 1237827 SUSE bug 1237829 SUSE bug 1237831 SUSE bug 1237835 SUSE bug 1237836 SUSE bug 1237837 SUSE bug 1237839 SUSE bug 1237840 SUSE bug 1237845 SUSE bug 1237846 SUSE bug 1237868 SUSE bug 1237872 SUSE bug 1237892 SUSE bug 1237903 SUSE bug 1237904 SUSE bug 1237916 SUSE bug 1237918 SUSE bug 1237922 SUSE bug 1237925 SUSE bug 1237926 SUSE bug 1237927 SUSE bug 1237928 SUSE bug 1237929 SUSE bug 1237931 SUSE bug 1237932 SUSE bug 1237933 SUSE bug 1237937 SUSE bug 1237939 SUSE bug 1237940 SUSE bug 1237941 SUSE bug 1237942 SUSE bug 1237946 SUSE bug 1237951 SUSE bug 1237952 SUSE bug 1237954 SUSE bug 1237955 SUSE bug 1237957 SUSE bug 1237958 SUSE bug 1237959 SUSE bug 1237960 SUSE bug 1237961 SUSE bug 1237962 SUSE bug 1237963 SUSE bug 1237965 SUSE bug 1237966 SUSE bug 1237967 SUSE bug 1237968 SUSE bug 1237969 SUSE bug 1237970 SUSE bug 1237971 SUSE bug 1237972 SUSE bug 1237973 SUSE bug 1237975 SUSE bug 1237976 SUSE bug 1237978 SUSE bug 1237979 SUSE bug 1237980 SUSE bug 1237982 SUSE bug 1237983 SUSE bug 1237984 SUSE bug 1237986 SUSE bug 1237987 SUSE bug 1237990 SUSE bug 1237992 SUSE bug 1237996 SUSE bug 1237997 SUSE bug 1237998 SUSE bug 1237999 SUSE bug 1238000 SUSE bug 1238003 SUSE bug 1238004 SUSE bug 1238005 SUSE bug 1238006 SUSE bug 1238007 SUSE bug 1238009 SUSE bug 1238010 SUSE bug 1238011 SUSE bug 1238012 SUSE bug 1238013 SUSE bug 1238014 SUSE bug 1238016 SUSE bug 1238017 SUSE bug 1238018 SUSE bug 1238019 SUSE bug 1238021 SUSE bug 1238022 SUSE bug 1238024 SUSE bug 1238025 SUSE bug 1238030 SUSE bug 1238032 SUSE bug 1238036 SUSE bug 1238037 SUSE bug 1238041 SUSE bug 1238046 SUSE bug 1238047 SUSE bug 1238048 SUSE bug 1238069 SUSE bug 1238071 SUSE bug 1238077 SUSE bug 1238079 SUSE bug 1238080 SUSE bug 1238083 SUSE bug 1238084 SUSE bug 1238085 SUSE bug 1238086 SUSE bug 1238089 SUSE bug 1238090 SUSE bug 1238091 SUSE bug 1238092 SUSE bug 1238096 SUSE bug 1238097 SUSE bug 1238099 SUSE bug 1238103 SUSE bug 1238105 SUSE bug 1238106 SUSE bug 1238107 SUSE bug 1238108 SUSE bug 1238110 SUSE bug 1238111 SUSE bug 1238112 SUSE bug 1238113 SUSE bug 1238114 SUSE bug 1238115 SUSE bug 1238116 SUSE bug 1238118 SUSE bug 1238120 SUSE bug 1238122 SUSE bug 1238123 SUSE bug 1238125 SUSE bug 1238126 SUSE bug 1238127 SUSE bug 1238128 SUSE bug 1238131 SUSE bug 1238134 SUSE bug 1238135 SUSE bug 1238138 SUSE bug 1238139 SUSE bug 1238140 SUSE bug 1238142 SUSE bug 1238144 SUSE bug 1238146 SUSE bug 1238147 SUSE bug 1238149 SUSE bug 1238150 SUSE bug 1238153 SUSE bug 1238155 SUSE bug 1238156 SUSE bug 1238157 SUSE bug 1238158 SUSE bug 1238160 SUSE bug 1238162 SUSE bug 1238166 SUSE bug 1238167 SUSE bug 1238168 SUSE bug 1238169 SUSE bug 1238170 SUSE bug 1238171 SUSE bug 1238172 SUSE bug 1238175 SUSE bug 1238176 SUSE bug 1238177 SUSE bug 1238178 SUSE bug 1238179 SUSE bug 1238180 SUSE bug 1238181 SUSE bug 1238183 SUSE bug 1238184 SUSE bug 1238187 SUSE bug 1238221 SUSE bug 1238222 SUSE bug 1238226 SUSE bug 1238228 SUSE bug 1238229 SUSE bug 1238231 SUSE bug 1238233 SUSE bug 1238234 SUSE bug 1238235 SUSE bug 1238236 SUSE bug 1238238 SUSE bug 1238239 SUSE bug 1238240 SUSE bug 1238241 SUSE bug 1238242 SUSE bug 1238243 SUSE bug 1238244 SUSE bug 1238246 SUSE bug 1238247 SUSE bug 1238248 SUSE bug 1238249 SUSE bug 1238252 SUSE bug 1238253 SUSE bug 1238255 SUSE bug 1238256 SUSE bug 1238257 SUSE bug 1238260 SUSE bug 1238261 SUSE bug 1238262 SUSE bug 1238263 SUSE bug 1238264 SUSE bug 1238266 SUSE bug 1238267 SUSE bug 1238268 SUSE bug 1238269 SUSE bug 1238270 SUSE bug 1238271 SUSE bug 1238272 SUSE bug 1238274 SUSE bug 1238275 SUSE bug 1238276 SUSE bug 1238277 SUSE bug 1238278 SUSE bug 1238279 SUSE bug 1238281 SUSE bug 1238282 SUSE bug 1238283 SUSE bug 1238284 SUSE bug 1238285 SUSE bug 1238286 SUSE bug 1238287 SUSE bug 1238288 SUSE bug 1238289 SUSE bug 1238291 SUSE bug 1238292 SUSE bug 1238293 SUSE bug 1238295 SUSE bug 1238298 SUSE bug 1238300 SUSE bug 1238301 SUSE bug 1238302 SUSE bug 1238306 SUSE bug 1238307 SUSE bug 1238308 SUSE bug 1238309 SUSE bug 1238311 SUSE bug 1238313 SUSE bug 1238326 SUSE bug 1238327 SUSE bug 1238328 SUSE bug 1238329 SUSE bug 1238331 SUSE bug 1238333 SUSE bug 1238334 SUSE bug 1238335 SUSE bug 1238336 SUSE bug 1238337 SUSE bug 1238338 SUSE bug 1238339 SUSE bug 1238341 SUSE bug 1238343 SUSE bug 1238344 SUSE bug 1238345 SUSE bug 1238372 SUSE bug 1238373 SUSE bug 1238374 SUSE bug 1238376 SUSE bug 1238377 SUSE bug 1238378 SUSE bug 1238381 SUSE bug 1238382 SUSE bug 1238383 SUSE bug 1238385 SUSE bug 1238386 SUSE bug 1238387 SUSE bug 1238388 SUSE bug 1238389 SUSE bug 1238390 SUSE bug 1238391 SUSE bug 1238392 SUSE bug 1238393 SUSE bug 1238394 SUSE bug 1238395 SUSE bug 1238396 SUSE bug 1238397 SUSE bug 1238398 SUSE bug 1238400 SUSE bug 1238401 SUSE bug 1238410 SUSE bug 1238411 SUSE bug 1238413 SUSE bug 1238415 SUSE bug 1238416 SUSE bug 1238417 SUSE bug 1238418 SUSE bug 1238419 SUSE bug 1238420 SUSE bug 1238422 SUSE bug 1238423 SUSE bug 1238424 SUSE bug 1238428 SUSE bug 1238429 SUSE bug 1238430 SUSE bug 1238431 SUSE bug 1238432 SUSE bug 1238433 SUSE bug 1238434 SUSE bug 1238435 SUSE bug 1238436 SUSE bug 1238437 SUSE bug 1238440 SUSE bug 1238441 SUSE bug 1238442 SUSE bug 1238443 SUSE bug 1238444 SUSE bug 1238445 SUSE bug 1238446 SUSE bug 1238447 SUSE bug 1238453 SUSE bug 1238454 SUSE bug 1238458 SUSE bug 1238459 SUSE bug 1238462 SUSE bug 1238463 SUSE bug 1238465 SUSE bug 1238467 SUSE bug 1238469 SUSE bug 1238533 SUSE bug 1238536 SUSE bug 1238538 SUSE bug 1238539 SUSE bug 1238540 SUSE bug 1238542 SUSE bug 1238543 SUSE bug 1238545 SUSE bug 1238546 SUSE bug 1238551 SUSE bug 1238552 SUSE bug 1238556 SUSE bug 1238557 SUSE bug 1238599 SUSE bug 1238600 SUSE bug 1238601 SUSE bug 1238602 SUSE bug 1238605 SUSE bug 1238612 SUSE bug 1238613 SUSE bug 1238615 SUSE bug 1238616 SUSE bug 1238617 SUSE bug 1238618 SUSE bug 1238619 SUSE bug 1238621 SUSE bug 1238623 SUSE bug 1238625 SUSE bug 1238626 SUSE bug 1238630 SUSE bug 1238631 SUSE bug 1238632 SUSE bug 1238633 SUSE bug 1238635 SUSE bug 1238636 SUSE bug 1238638 SUSE bug 1238639 SUSE bug 1238640 SUSE bug 1238641 SUSE bug 1238642 SUSE bug 1238643 SUSE bug 1238645 SUSE bug 1238646 SUSE bug 1238647 SUSE bug 1238648 SUSE bug 1238649 SUSE bug 1238650 SUSE bug 1238653 SUSE bug 1238654 SUSE bug 1238655 SUSE bug 1238658 SUSE bug 1238661 SUSE bug 1238662 SUSE bug 1238663 SUSE bug 1238664 SUSE bug 1238666 SUSE bug 1238668 SUSE bug 1238705 SUSE bug 1238707 SUSE bug 1238710 SUSE bug 1238712 SUSE bug 1238718 SUSE bug 1238719 SUSE bug 1238721 SUSE bug 1238722 SUSE bug 1238727 SUSE bug 1238729 SUSE bug 1238750 SUSE bug 1238787 SUSE bug 1238789 SUSE bug 1238792 SUSE bug 1238799 SUSE bug 1238803 SUSE bug 1238804 SUSE bug 1238805 SUSE bug 1238806 SUSE bug 1238808 SUSE bug 1238809 SUSE bug 1238810 SUSE bug 1238811 SUSE bug 1238814 SUSE bug 1238815 SUSE bug 1238816 SUSE bug 1238817 SUSE bug 1238818 SUSE bug 1238819 SUSE bug 1238820 SUSE bug 1238821 SUSE bug 1238822 SUSE bug 1238823 SUSE bug 1238825 SUSE bug 1238830 SUSE bug 1238834 SUSE bug 1238835 SUSE bug 1238836 SUSE bug 1238838 SUSE bug 1238843 SUSE bug 1238867 SUSE bug 1238868 SUSE bug 1238869 SUSE bug 1238870 SUSE bug 1238871 SUSE bug 1238878 SUSE bug 1238889 SUSE bug 1238892 SUSE bug 1238893 SUSE bug 1238897 SUSE bug 1238898 SUSE bug 1238899 SUSE bug 1238902 SUSE bug 1238911 SUSE bug 1238916 SUSE bug 1238919 SUSE bug 1238925 SUSE bug 1238930 SUSE bug 1238933 SUSE bug 1238936 SUSE bug 1238937 SUSE bug 1238938 SUSE bug 1238939 SUSE bug 1238941 SUSE bug 1238942 SUSE bug 1238943 SUSE bug 1238944 SUSE bug 1238945 SUSE bug 1238946 SUSE bug 1238948 SUSE bug 1238949 SUSE bug 1238950 SUSE bug 1238951 SUSE bug 1238952 SUSE bug 1238953 SUSE bug 1238954 SUSE bug 1238956 SUSE bug 1238957 SUSE bug 1239001 SUSE bug 1239004 SUSE bug 1239016 SUSE bug 1239035 SUSE bug 1239040 SUSE bug 1239041 SUSE bug 1239051 SUSE bug 1239060 SUSE bug 1239070 SUSE bug 1239071 SUSE bug 1239073 SUSE bug 1239076 SUSE bug 1239095 SUSE bug 1239109 SUSE bug 1239115 SUSE bug 1239126 SUSE bug 1239452 SUSE bug 1239454 SUSE bug 1239968 SUSE bug 1239969 SUSE bug 1240133 SUSE bug 1240205 SUSE bug 1240207 SUSE bug 1240208 SUSE bug 1240210 SUSE bug 1240212 SUSE bug 1240213 SUSE bug 1240218 SUSE bug 1240220 SUSE bug 1240227 SUSE bug 1240229 SUSE bug 1240231 SUSE bug 1240242 SUSE bug 1240245 SUSE bug 1240247 SUSE bug 1240250 SUSE bug 1240254 SUSE bug 1240256 SUSE bug 1240264 SUSE bug 1240266 SUSE bug 1240272 SUSE bug 1240275 SUSE bug 1240276 SUSE bug 1240278 SUSE bug 1240279 SUSE bug 1240280 SUSE bug 1240281 SUSE bug 1240282 SUSE bug 1240283 SUSE bug 1240284 SUSE bug 1240286 SUSE bug 1240288 SUSE bug 1240290 SUSE bug 1240292 SUSE bug 1240293 SUSE bug 1240297 SUSE bug 1240304 SUSE bug 1240308 SUSE bug 1240309 SUSE bug 1240317 SUSE bug 1240318 SUSE bug 1240322 CVE-2017-5753 at SUSE CVE-2017-5753 at NVD CVE-2021-4453 at SUSE CVE-2021-4453 at NVD CVE-2021-4454 at SUSE CVE-2021-4454 at NVD CVE-2021-47517 at SUSE CVE-2021-47517 at NVD CVE-2021-47631 at SUSE CVE-2021-47631 at NVD CVE-2021-47632 at SUSE CVE-2021-47632 at NVD CVE-2021-47633 at SUSE CVE-2021-47633 at NVD CVE-2021-47635 at SUSE CVE-2021-47635 at NVD CVE-2021-47636 at SUSE CVE-2021-47636 at NVD CVE-2021-47637 at SUSE CVE-2021-47637 at NVD CVE-2021-47638 at SUSE CVE-2021-47638 at NVD CVE-2021-47639 at SUSE CVE-2021-47639 at NVD CVE-2021-47641 at SUSE CVE-2021-47641 at NVD CVE-2021-47642 at SUSE CVE-2021-47642 at NVD CVE-2021-47643 at SUSE CVE-2021-47643 at NVD CVE-2021-47644 at SUSE CVE-2021-47644 at NVD CVE-2021-47645 at SUSE CVE-2021-47645 at NVD CVE-2021-47646 at SUSE CVE-2021-47646 at NVD CVE-2021-47647 at SUSE CVE-2021-47647 at NVD CVE-2021-47648 at SUSE CVE-2021-47648 at NVD CVE-2021-47649 at SUSE CVE-2021-47649 at NVD CVE-2021-47650 at SUSE CVE-2021-47650 at NVD CVE-2021-47651 at SUSE CVE-2021-47651 at NVD CVE-2021-47652 at SUSE CVE-2021-47652 at NVD CVE-2021-47653 at SUSE CVE-2021-47653 at NVD CVE-2021-47654 at SUSE CVE-2021-47654 at NVD CVE-2021-47656 at SUSE CVE-2021-47656 at NVD CVE-2021-47657 at SUSE CVE-2021-47657 at NVD CVE-2021-47659 at SUSE CVE-2021-47659 at NVD CVE-2022-0168 at SUSE CVE-2022-0168 at NVD CVE-2022-0995 at SUSE CVE-2022-0995 at NVD CVE-2022-1016 at SUSE CVE-2022-1016 at NVD CVE-2022-1048 at SUSE CVE-2022-1048 at NVD CVE-2022-1184 at SUSE CVE-2022-1184 at NVD CVE-2022-2977 at SUSE CVE-2022-2977 at NVD CVE-2022-29900 at SUSE CVE-2022-29900 at NVD CVE-2022-29901 at SUSE CVE-2022-29901 at NVD CVE-2022-3303 at SUSE CVE-2022-3303 at NVD CVE-2022-3435 at SUSE CVE-2022-3435 at NVD CVE-2022-49044 at SUSE CVE-2022-49044 at NVD CVE-2022-49050 at SUSE CVE-2022-49050 at NVD CVE-2022-49051 at SUSE CVE-2022-49051 at NVD CVE-2022-49053 at SUSE CVE-2022-49053 at NVD CVE-2022-49054 at SUSE CVE-2022-49054 at NVD CVE-2022-49055 at SUSE CVE-2022-49055 at NVD CVE-2022-49056 at SUSE CVE-2022-49056 at NVD CVE-2022-49057 at SUSE CVE-2022-49057 at NVD CVE-2022-49058 at SUSE CVE-2022-49058 at NVD CVE-2022-49059 at SUSE CVE-2022-49059 at NVD CVE-2022-49060 at SUSE CVE-2022-49060 at NVD CVE-2022-49061 at SUSE CVE-2022-49061 at NVD CVE-2022-49062 at SUSE CVE-2022-49062 at NVD CVE-2022-49063 at SUSE CVE-2022-49063 at NVD CVE-2022-49064 at SUSE CVE-2022-49064 at NVD CVE-2022-49065 at SUSE CVE-2022-49065 at NVD CVE-2022-49066 at SUSE CVE-2022-49066 at NVD CVE-2022-49070 at SUSE CVE-2022-49070 at NVD CVE-2022-49071 at SUSE CVE-2022-49071 at NVD CVE-2022-49073 at SUSE CVE-2022-49073 at NVD CVE-2022-49074 at SUSE CVE-2022-49074 at NVD CVE-2022-49075 at SUSE CVE-2022-49075 at NVD CVE-2022-49076 at SUSE CVE-2022-49076 at NVD CVE-2022-49078 at SUSE CVE-2022-49078 at NVD CVE-2022-49082 at SUSE CVE-2022-49082 at NVD CVE-2022-49083 at SUSE CVE-2022-49083 at NVD CVE-2022-49084 at SUSE CVE-2022-49084 at NVD CVE-2022-49085 at SUSE CVE-2022-49085 at NVD CVE-2022-49086 at SUSE CVE-2022-49086 at NVD CVE-2022-49088 at SUSE CVE-2022-49088 at NVD CVE-2022-49089 at SUSE CVE-2022-49089 at NVD CVE-2022-49090 at SUSE CVE-2022-49090 at NVD CVE-2022-49091 at SUSE CVE-2022-49091 at NVD CVE-2022-49092 at SUSE CVE-2022-49092 at NVD CVE-2022-49093 at SUSE CVE-2022-49093 at NVD CVE-2022-49095 at SUSE CVE-2022-49095 at NVD CVE-2022-49096 at SUSE CVE-2022-49096 at NVD CVE-2022-49097 at SUSE CVE-2022-49097 at NVD CVE-2022-49098 at SUSE CVE-2022-49098 at NVD CVE-2022-49099 at SUSE CVE-2022-49099 at NVD CVE-2022-49100 at SUSE CVE-2022-49100 at NVD CVE-2022-49102 at SUSE CVE-2022-49102 at NVD CVE-2022-49103 at SUSE CVE-2022-49103 at NVD CVE-2022-49104 at SUSE CVE-2022-49104 at NVD CVE-2022-49105 at SUSE CVE-2022-49105 at NVD CVE-2022-49106 at SUSE CVE-2022-49106 at NVD CVE-2022-49107 at SUSE CVE-2022-49107 at NVD CVE-2022-49109 at SUSE CVE-2022-49109 at NVD CVE-2022-49111 at SUSE CVE-2022-49111 at NVD CVE-2022-49112 at SUSE CVE-2022-49112 at NVD CVE-2022-49113 at SUSE CVE-2022-49113 at NVD CVE-2022-49114 at SUSE CVE-2022-49114 at NVD CVE-2022-49115 at SUSE CVE-2022-49115 at NVD CVE-2022-49116 at SUSE CVE-2022-49116 at NVD CVE-2022-49118 at SUSE CVE-2022-49118 at NVD CVE-2022-49119 at SUSE CVE-2022-49119 at NVD CVE-2022-49120 at SUSE CVE-2022-49120 at NVD CVE-2022-49121 at SUSE CVE-2022-49121 at NVD CVE-2022-49122 at SUSE CVE-2022-49122 at NVD CVE-2022-49123 at SUSE CVE-2022-49123 at NVD CVE-2022-49125 at SUSE CVE-2022-49125 at NVD CVE-2022-49126 at SUSE CVE-2022-49126 at NVD CVE-2022-49128 at SUSE CVE-2022-49128 at NVD CVE-2022-49129 at SUSE CVE-2022-49129 at NVD CVE-2022-49130 at SUSE CVE-2022-49130 at NVD CVE-2022-49131 at SUSE CVE-2022-49131 at NVD CVE-2022-49132 at SUSE CVE-2022-49132 at NVD CVE-2022-49133 at SUSE CVE-2022-49133 at NVD CVE-2022-49134 at SUSE CVE-2022-49134 at NVD CVE-2022-49135 at SUSE CVE-2022-49135 at NVD CVE-2022-49136 at SUSE CVE-2022-49136 at NVD CVE-2022-49137 at SUSE CVE-2022-49137 at NVD CVE-2022-49138 at SUSE CVE-2022-49138 at NVD CVE-2022-49139 at SUSE CVE-2022-49139 at NVD CVE-2022-49144 at SUSE CVE-2022-49144 at NVD CVE-2022-49145 at SUSE CVE-2022-49145 at NVD CVE-2022-49147 at SUSE CVE-2022-49147 at NVD CVE-2022-49148 at SUSE CVE-2022-49148 at NVD CVE-2022-49151 at SUSE CVE-2022-49151 at NVD CVE-2022-49153 at SUSE CVE-2022-49153 at NVD CVE-2022-49154 at SUSE CVE-2022-49154 at NVD CVE-2022-49155 at SUSE CVE-2022-49155 at NVD CVE-2022-49156 at SUSE CVE-2022-49156 at NVD CVE-2022-49157 at SUSE CVE-2022-49157 at NVD CVE-2022-49158 at SUSE CVE-2022-49158 at NVD CVE-2022-49159 at SUSE CVE-2022-49159 at NVD CVE-2022-49160 at SUSE CVE-2022-49160 at NVD CVE-2022-49162 at SUSE CVE-2022-49162 at NVD CVE-2022-49163 at SUSE CVE-2022-49163 at NVD CVE-2022-49164 at SUSE CVE-2022-49164 at NVD CVE-2022-49165 at SUSE CVE-2022-49165 at NVD CVE-2022-49174 at SUSE CVE-2022-49174 at NVD CVE-2022-49175 at SUSE CVE-2022-49175 at NVD CVE-2022-49176 at SUSE CVE-2022-49176 at NVD CVE-2022-49177 at SUSE CVE-2022-49177 at NVD CVE-2022-49178 at SUSE CVE-2022-49178 at NVD CVE-2022-49179 at SUSE CVE-2022-49179 at NVD CVE-2022-49180 at SUSE CVE-2022-49180 at NVD CVE-2022-49182 at SUSE CVE-2022-49182 at NVD CVE-2022-49183 at SUSE CVE-2022-49183 at NVD CVE-2022-49185 at SUSE CVE-2022-49185 at NVD CVE-2022-49187 at SUSE CVE-2022-49187 at NVD CVE-2022-49188 at SUSE CVE-2022-49188 at NVD CVE-2022-49189 at SUSE CVE-2022-49189 at NVD CVE-2022-49192 at SUSE CVE-2022-49192 at NVD CVE-2022-49193 at SUSE CVE-2022-49193 at NVD CVE-2022-49194 at SUSE CVE-2022-49194 at NVD CVE-2022-49196 at SUSE CVE-2022-49196 at NVD CVE-2022-49199 at SUSE CVE-2022-49199 at NVD CVE-2022-49200 at SUSE CVE-2022-49200 at NVD CVE-2022-49201 at SUSE CVE-2022-49201 at NVD CVE-2022-49202 at SUSE CVE-2022-49202 at NVD CVE-2022-49203 at SUSE CVE-2022-49203 at NVD CVE-2022-49204 at SUSE CVE-2022-49204 at NVD CVE-2022-49205 at SUSE CVE-2022-49205 at NVD CVE-2022-49206 at SUSE CVE-2022-49206 at NVD CVE-2022-49207 at SUSE CVE-2022-49207 at NVD CVE-2022-49208 at SUSE CVE-2022-49208 at NVD CVE-2022-49209 at SUSE CVE-2022-49209 at NVD CVE-2022-49212 at SUSE CVE-2022-49212 at NVD CVE-2022-49213 at SUSE CVE-2022-49213 at NVD CVE-2022-49214 at SUSE CVE-2022-49214 at NVD CVE-2022-49215 at SUSE CVE-2022-49215 at NVD CVE-2022-49216 at SUSE CVE-2022-49216 at NVD CVE-2022-49217 at SUSE CVE-2022-49217 at NVD CVE-2022-49218 at SUSE CVE-2022-49218 at NVD CVE-2022-49219 at SUSE CVE-2022-49219 at NVD CVE-2022-49221 at SUSE CVE-2022-49221 at NVD CVE-2022-49222 at SUSE CVE-2022-49222 at NVD CVE-2022-49224 at SUSE CVE-2022-49224 at NVD CVE-2022-49225 at SUSE CVE-2022-49225 at NVD CVE-2022-49226 at SUSE CVE-2022-49226 at NVD CVE-2022-49227 at SUSE CVE-2022-49227 at NVD CVE-2022-49228 at SUSE CVE-2022-49228 at NVD CVE-2022-49230 at SUSE CVE-2022-49230 at NVD CVE-2022-49232 at SUSE CVE-2022-49232 at NVD CVE-2022-49233 at SUSE CVE-2022-49233 at NVD CVE-2022-49235 at SUSE CVE-2022-49235 at NVD CVE-2022-49236 at SUSE CVE-2022-49236 at NVD CVE-2022-49237 at SUSE CVE-2022-49237 at NVD CVE-2022-49238 at SUSE CVE-2022-49238 at NVD CVE-2022-49239 at SUSE CVE-2022-49239 at NVD CVE-2022-49241 at SUSE CVE-2022-49241 at NVD CVE-2022-49242 at SUSE CVE-2022-49242 at NVD CVE-2022-49243 at SUSE CVE-2022-49243 at NVD CVE-2022-49244 at SUSE CVE-2022-49244 at NVD CVE-2022-49246 at SUSE CVE-2022-49246 at NVD CVE-2022-49247 at SUSE CVE-2022-49247 at NVD CVE-2022-49248 at SUSE CVE-2022-49248 at NVD CVE-2022-49249 at SUSE CVE-2022-49249 at NVD CVE-2022-49250 at SUSE CVE-2022-49250 at NVD CVE-2022-49251 at SUSE CVE-2022-49251 at NVD CVE-2022-49252 at SUSE CVE-2022-49252 at NVD CVE-2022-49253 at SUSE CVE-2022-49253 at NVD CVE-2022-49254 at SUSE CVE-2022-49254 at NVD CVE-2022-49256 at SUSE CVE-2022-49256 at NVD CVE-2022-49257 at SUSE CVE-2022-49257 at NVD CVE-2022-49258 at SUSE CVE-2022-49258 at NVD CVE-2022-49259 at SUSE CVE-2022-49259 at NVD CVE-2022-49260 at SUSE CVE-2022-49260 at NVD CVE-2022-49261 at SUSE CVE-2022-49261 at NVD CVE-2022-49262 at SUSE CVE-2022-49262 at NVD CVE-2022-49263 at SUSE CVE-2022-49263 at NVD CVE-2022-49264 at SUSE CVE-2022-49264 at NVD CVE-2022-49265 at SUSE CVE-2022-49265 at NVD CVE-2022-49266 at SUSE CVE-2022-49266 at NVD CVE-2022-49268 at SUSE CVE-2022-49268 at NVD CVE-2022-49269 at SUSE CVE-2022-49269 at NVD CVE-2022-49270 at SUSE CVE-2022-49270 at NVD CVE-2022-49271 at SUSE CVE-2022-49271 at NVD CVE-2022-49272 at SUSE CVE-2022-49272 at NVD CVE-2022-49273 at SUSE CVE-2022-49273 at NVD CVE-2022-49274 at SUSE CVE-2022-49274 at NVD CVE-2022-49275 at SUSE CVE-2022-49275 at NVD CVE-2022-49276 at SUSE CVE-2022-49276 at NVD CVE-2022-49277 at SUSE CVE-2022-49277 at NVD CVE-2022-49278 at SUSE CVE-2022-49278 at NVD CVE-2022-49279 at SUSE CVE-2022-49279 at NVD CVE-2022-49280 at SUSE CVE-2022-49280 at NVD CVE-2022-49281 at SUSE CVE-2022-49281 at NVD CVE-2022-49283 at SUSE CVE-2022-49283 at NVD CVE-2022-49285 at SUSE CVE-2022-49285 at NVD CVE-2022-49286 at SUSE CVE-2022-49286 at NVD CVE-2022-49287 at SUSE CVE-2022-49287 at NVD CVE-2022-49288 at SUSE CVE-2022-49288 at NVD CVE-2022-49290 at SUSE CVE-2022-49290 at NVD CVE-2022-49291 at SUSE CVE-2022-49291 at NVD CVE-2022-49292 at SUSE CVE-2022-49292 at NVD CVE-2022-49293 at SUSE CVE-2022-49293 at NVD CVE-2022-49294 at SUSE CVE-2022-49294 at NVD CVE-2022-49295 at SUSE CVE-2022-49295 at NVD CVE-2022-49296 at SUSE CVE-2022-49296 at NVD CVE-2022-49297 at SUSE CVE-2022-49297 at NVD CVE-2022-49298 at SUSE CVE-2022-49298 at NVD CVE-2022-49299 at SUSE CVE-2022-49299 at NVD CVE-2022-49300 at SUSE CVE-2022-49300 at NVD CVE-2022-49301 at SUSE CVE-2022-49301 at NVD CVE-2022-49302 at SUSE CVE-2022-49302 at NVD CVE-2022-49304 at SUSE CVE-2022-49304 at NVD CVE-2022-49305 at SUSE CVE-2022-49305 at NVD CVE-2022-49306 at SUSE CVE-2022-49306 at NVD CVE-2022-49307 at SUSE CVE-2022-49307 at NVD CVE-2022-49308 at SUSE CVE-2022-49308 at NVD CVE-2022-49309 at SUSE CVE-2022-49309 at NVD CVE-2022-49310 at SUSE CVE-2022-49310 at NVD CVE-2022-49311 at SUSE CVE-2022-49311 at NVD CVE-2022-49312 at SUSE CVE-2022-49312 at NVD CVE-2022-49313 at SUSE CVE-2022-49313 at NVD CVE-2022-49314 at SUSE CVE-2022-49314 at NVD CVE-2022-49315 at SUSE CVE-2022-49315 at NVD CVE-2022-49316 at SUSE CVE-2022-49316 at NVD CVE-2022-49319 at SUSE CVE-2022-49319 at NVD CVE-2022-49320 at SUSE CVE-2022-49320 at NVD CVE-2022-49321 at SUSE CVE-2022-49321 at NVD CVE-2022-49322 at SUSE CVE-2022-49322 at NVD CVE-2022-49323 at SUSE CVE-2022-49323 at NVD CVE-2022-49325 at SUSE CVE-2022-49325 at NVD CVE-2022-49326 at SUSE CVE-2022-49326 at NVD CVE-2022-49327 at SUSE CVE-2022-49327 at NVD CVE-2022-49328 at SUSE CVE-2022-49328 at NVD CVE-2022-49329 at SUSE CVE-2022-49329 at NVD CVE-2022-49330 at SUSE CVE-2022-49330 at NVD CVE-2022-49331 at SUSE CVE-2022-49331 at NVD CVE-2022-49332 at SUSE CVE-2022-49332 at NVD CVE-2022-49333 at SUSE CVE-2022-49333 at NVD CVE-2022-49335 at SUSE CVE-2022-49335 at NVD CVE-2022-49336 at SUSE CVE-2022-49336 at NVD CVE-2022-49337 at SUSE CVE-2022-49337 at NVD CVE-2022-49338 at SUSE CVE-2022-49338 at NVD CVE-2022-49339 at SUSE CVE-2022-49339 at NVD CVE-2022-49341 at SUSE CVE-2022-49341 at NVD CVE-2022-49342 at SUSE CVE-2022-49342 at NVD CVE-2022-49343 at SUSE CVE-2022-49343 at NVD CVE-2022-49345 at SUSE CVE-2022-49345 at NVD CVE-2022-49346 at SUSE CVE-2022-49346 at NVD CVE-2022-49347 at SUSE CVE-2022-49347 at NVD CVE-2022-49348 at SUSE CVE-2022-49348 at NVD CVE-2022-49349 at SUSE CVE-2022-49349 at NVD CVE-2022-49350 at SUSE CVE-2022-49350 at NVD CVE-2022-49351 at SUSE CVE-2022-49351 at NVD CVE-2022-49352 at SUSE CVE-2022-49352 at NVD CVE-2022-49353 at SUSE CVE-2022-49353 at NVD CVE-2022-49354 at SUSE CVE-2022-49354 at NVD CVE-2022-49356 at SUSE CVE-2022-49356 at NVD CVE-2022-49357 at SUSE CVE-2022-49357 at NVD CVE-2022-49359 at SUSE CVE-2022-49359 at NVD CVE-2022-49362 at SUSE CVE-2022-49362 at NVD CVE-2022-49365 at SUSE CVE-2022-49365 at NVD CVE-2022-49367 at SUSE CVE-2022-49367 at NVD CVE-2022-49368 at SUSE CVE-2022-49368 at NVD CVE-2022-49370 at SUSE CVE-2022-49370 at NVD CVE-2022-49371 at SUSE CVE-2022-49371 at NVD CVE-2022-49373 at SUSE CVE-2022-49373 at NVD CVE-2022-49375 at SUSE CVE-2022-49375 at NVD CVE-2022-49376 at SUSE CVE-2022-49376 at NVD CVE-2022-49377 at SUSE CVE-2022-49377 at NVD CVE-2022-49378 at SUSE CVE-2022-49378 at NVD CVE-2022-49379 at SUSE CVE-2022-49379 at NVD CVE-2022-49381 at SUSE CVE-2022-49381 at NVD CVE-2022-49382 at SUSE CVE-2022-49382 at NVD CVE-2022-49384 at SUSE CVE-2022-49384 at NVD CVE-2022-49385 at SUSE CVE-2022-49385 at NVD CVE-2022-49386 at SUSE CVE-2022-49386 at NVD CVE-2022-49389 at SUSE CVE-2022-49389 at NVD CVE-2022-49390 at SUSE CVE-2022-49390 at NVD CVE-2022-49392 at SUSE CVE-2022-49392 at NVD CVE-2022-49394 at SUSE CVE-2022-49394 at NVD CVE-2022-49396 at SUSE CVE-2022-49396 at NVD CVE-2022-49397 at SUSE CVE-2022-49397 at NVD CVE-2022-49398 at SUSE CVE-2022-49398 at NVD CVE-2022-49399 at SUSE CVE-2022-49399 at NVD CVE-2022-49400 at SUSE CVE-2022-49400 at NVD CVE-2022-49402 at SUSE CVE-2022-49402 at NVD CVE-2022-49404 at SUSE CVE-2022-49404 at NVD CVE-2022-49406 at SUSE CVE-2022-49406 at NVD CVE-2022-49407 at SUSE CVE-2022-49407 at NVD CVE-2022-49409 at SUSE CVE-2022-49409 at NVD CVE-2022-49410 at SUSE CVE-2022-49410 at NVD CVE-2022-49411 at SUSE CVE-2022-49411 at NVD CVE-2022-49412 at SUSE CVE-2022-49412 at NVD CVE-2022-49413 at SUSE CVE-2022-49413 at NVD CVE-2022-49414 at SUSE CVE-2022-49414 at NVD CVE-2022-49416 at SUSE CVE-2022-49416 at NVD CVE-2022-49418 at SUSE CVE-2022-49418 at NVD CVE-2022-49419 at SUSE CVE-2022-49419 at NVD CVE-2022-49421 at SUSE CVE-2022-49421 at NVD CVE-2022-49422 at SUSE CVE-2022-49422 at NVD CVE-2022-49424 at SUSE CVE-2022-49424 at NVD CVE-2022-49426 at SUSE CVE-2022-49426 at NVD CVE-2022-49427 at SUSE CVE-2022-49427 at NVD CVE-2022-49429 at SUSE CVE-2022-49429 at NVD CVE-2022-49430 at SUSE CVE-2022-49430 at NVD CVE-2022-49431 at SUSE CVE-2022-49431 at NVD CVE-2022-49432 at SUSE CVE-2022-49432 at NVD CVE-2022-49433 at SUSE CVE-2022-49433 at NVD CVE-2022-49434 at SUSE CVE-2022-49434 at NVD CVE-2022-49435 at SUSE CVE-2022-49435 at NVD CVE-2022-49436 at SUSE CVE-2022-49436 at NVD CVE-2022-49437 at SUSE CVE-2022-49437 at NVD CVE-2022-49438 at SUSE CVE-2022-49438 at NVD CVE-2022-49440 at SUSE CVE-2022-49440 at NVD CVE-2022-49441 at SUSE CVE-2022-49441 at NVD CVE-2022-49442 at SUSE CVE-2022-49442 at NVD CVE-2022-49443 at SUSE CVE-2022-49443 at NVD CVE-2022-49444 at SUSE CVE-2022-49444 at NVD CVE-2022-49445 at SUSE CVE-2022-49445 at NVD CVE-2022-49446 at SUSE CVE-2022-49446 at NVD CVE-2022-49447 at SUSE CVE-2022-49447 at NVD CVE-2022-49448 at SUSE CVE-2022-49448 at NVD CVE-2022-49449 at SUSE CVE-2022-49449 at NVD CVE-2022-49451 at SUSE CVE-2022-49451 at NVD CVE-2022-49453 at SUSE CVE-2022-49453 at NVD CVE-2022-49455 at SUSE CVE-2022-49455 at NVD CVE-2022-49458 at SUSE CVE-2022-49458 at NVD CVE-2022-49459 at SUSE CVE-2022-49459 at NVD CVE-2022-49460 at SUSE CVE-2022-49460 at NVD CVE-2022-49462 at SUSE CVE-2022-49462 at NVD CVE-2022-49463 at SUSE CVE-2022-49463 at NVD CVE-2022-49465 at SUSE CVE-2022-49465 at NVD CVE-2022-49466 at SUSE CVE-2022-49466 at NVD CVE-2022-49467 at SUSE CVE-2022-49467 at NVD CVE-2022-49468 at SUSE CVE-2022-49468 at NVD CVE-2022-49470 at SUSE CVE-2022-49470 at NVD CVE-2022-49472 at SUSE CVE-2022-49472 at NVD CVE-2022-49473 at SUSE CVE-2022-49473 at NVD CVE-2022-49474 at SUSE CVE-2022-49474 at NVD CVE-2022-49475 at SUSE CVE-2022-49475 at NVD CVE-2022-49476 at SUSE CVE-2022-49476 at NVD CVE-2022-49477 at SUSE CVE-2022-49477 at NVD CVE-2022-49478 at SUSE CVE-2022-49478 at NVD CVE-2022-49479 at SUSE CVE-2022-49479 at NVD CVE-2022-49480 at SUSE CVE-2022-49480 at NVD CVE-2022-49481 at SUSE CVE-2022-49481 at NVD CVE-2022-49482 at SUSE CVE-2022-49482 at NVD CVE-2022-49483 at SUSE CVE-2022-49483 at NVD CVE-2022-49484 at SUSE CVE-2022-49484 at NVD CVE-2022-49485 at SUSE CVE-2022-49485 at NVD CVE-2022-49486 at SUSE CVE-2022-49486 at NVD CVE-2022-49487 at SUSE CVE-2022-49487 at NVD CVE-2022-49488 at SUSE CVE-2022-49488 at NVD CVE-2022-49489 at SUSE CVE-2022-49489 at NVD CVE-2022-49490 at SUSE CVE-2022-49490 at NVD CVE-2022-49491 at SUSE CVE-2022-49491 at NVD CVE-2022-49492 at SUSE CVE-2022-49492 at NVD CVE-2022-49493 at SUSE CVE-2022-49493 at NVD CVE-2022-49494 at SUSE CVE-2022-49494 at NVD CVE-2022-49495 at SUSE CVE-2022-49495 at NVD CVE-2022-49497 at SUSE CVE-2022-49497 at NVD CVE-2022-49498 at SUSE CVE-2022-49498 at NVD CVE-2022-49499 at SUSE CVE-2022-49499 at NVD CVE-2022-49501 at SUSE CVE-2022-49501 at NVD CVE-2022-49502 at SUSE CVE-2022-49502 at NVD CVE-2022-49503 at SUSE CVE-2022-49503 at NVD CVE-2022-49504 at SUSE CVE-2022-49504 at NVD CVE-2022-49505 at SUSE CVE-2022-49505 at NVD CVE-2022-49506 at SUSE CVE-2022-49506 at NVD CVE-2022-49507 at SUSE CVE-2022-49507 at NVD CVE-2022-49508 at SUSE CVE-2022-49508 at NVD CVE-2022-49509 at SUSE CVE-2022-49509 at NVD CVE-2022-49510 at SUSE CVE-2022-49510 at NVD CVE-2022-49511 at SUSE CVE-2022-49511 at NVD CVE-2022-49512 at SUSE CVE-2022-49512 at NVD CVE-2022-49514 at SUSE CVE-2022-49514 at NVD CVE-2022-49515 at SUSE CVE-2022-49515 at NVD CVE-2022-49516 at SUSE CVE-2022-49516 at NVD CVE-2022-49517 at SUSE CVE-2022-49517 at NVD CVE-2022-49518 at SUSE CVE-2022-49518 at NVD CVE-2022-49519 at SUSE CVE-2022-49519 at NVD CVE-2022-49520 at SUSE CVE-2022-49520 at NVD CVE-2022-49521 at SUSE CVE-2022-49521 at NVD CVE-2022-49522 at SUSE CVE-2022-49522 at NVD CVE-2022-49523 at SUSE CVE-2022-49523 at NVD CVE-2022-49524 at SUSE CVE-2022-49524 at NVD CVE-2022-49525 at SUSE CVE-2022-49525 at NVD CVE-2022-49526 at SUSE CVE-2022-49526 at NVD CVE-2022-49527 at SUSE CVE-2022-49527 at NVD CVE-2022-49529 at SUSE CVE-2022-49529 at NVD CVE-2022-49530 at SUSE CVE-2022-49530 at NVD CVE-2022-49532 at SUSE CVE-2022-49532 at NVD CVE-2022-49533 at SUSE CVE-2022-49533 at NVD CVE-2022-49534 at SUSE CVE-2022-49534 at NVD CVE-2022-49535 at SUSE CVE-2022-49535 at NVD CVE-2022-49536 at SUSE CVE-2022-49536 at NVD CVE-2022-49537 at SUSE CVE-2022-49537 at NVD CVE-2022-49538 at SUSE CVE-2022-49538 at NVD CVE-2022-49541 at SUSE CVE-2022-49541 at NVD CVE-2022-49542 at SUSE CVE-2022-49542 at NVD CVE-2022-49543 at SUSE CVE-2022-49543 at NVD CVE-2022-49544 at SUSE CVE-2022-49544 at NVD CVE-2022-49545 at SUSE CVE-2022-49545 at NVD CVE-2022-49546 at SUSE CVE-2022-49546 at NVD CVE-2022-49548 at SUSE CVE-2022-49548 at NVD CVE-2022-49549 at SUSE CVE-2022-49549 at NVD CVE-2022-49551 at SUSE CVE-2022-49551 at NVD CVE-2022-49552 at SUSE CVE-2022-49552 at NVD CVE-2022-49555 at SUSE CVE-2022-49555 at NVD CVE-2022-49556 at SUSE CVE-2022-49556 at NVD CVE-2022-49559 at SUSE CVE-2022-49559 at NVD CVE-2022-49560 at SUSE CVE-2022-49560 at NVD CVE-2022-49562 at SUSE CVE-2022-49562 at NVD CVE-2022-49563 at SUSE CVE-2022-49563 at NVD CVE-2022-49564 at SUSE CVE-2022-49564 at NVD CVE-2022-49565 at SUSE CVE-2022-49565 at NVD CVE-2022-49566 at SUSE CVE-2022-49566 at NVD CVE-2022-49568 at SUSE CVE-2022-49568 at NVD CVE-2022-49569 at SUSE CVE-2022-49569 at NVD CVE-2022-49570 at SUSE CVE-2022-49570 at NVD CVE-2022-49579 at SUSE CVE-2022-49579 at NVD CVE-2022-49581 at SUSE CVE-2022-49581 at NVD CVE-2022-49583 at SUSE CVE-2022-49583 at NVD CVE-2022-49584 at SUSE CVE-2022-49584 at NVD CVE-2022-49591 at SUSE CVE-2022-49591 at NVD CVE-2022-49592 at SUSE CVE-2022-49592 at NVD CVE-2022-49603 at SUSE CVE-2022-49603 at NVD CVE-2022-49605 at SUSE CVE-2022-49605 at NVD CVE-2022-49606 at SUSE CVE-2022-49606 at NVD CVE-2022-49607 at SUSE CVE-2022-49607 at NVD CVE-2022-49609 at SUSE CVE-2022-49609 at NVD CVE-2022-49610 at SUSE CVE-2022-49610 at NVD CVE-2022-49611 at SUSE CVE-2022-49611 at NVD CVE-2022-49613 at SUSE CVE-2022-49613 at NVD CVE-2022-49615 at SUSE CVE-2022-49615 at NVD CVE-2022-49616 at SUSE CVE-2022-49616 at NVD CVE-2022-49617 at SUSE CVE-2022-49617 at NVD CVE-2022-49618 at SUSE CVE-2022-49618 at NVD CVE-2022-49621 at SUSE CVE-2022-49621 at NVD CVE-2022-49623 at SUSE CVE-2022-49623 at NVD CVE-2022-49624 at SUSE CVE-2022-49624 at NVD CVE-2022-49625 at SUSE CVE-2022-49625 at NVD CVE-2022-49626 at SUSE CVE-2022-49626 at NVD CVE-2022-49627 at SUSE CVE-2022-49627 at NVD CVE-2022-49628 at SUSE CVE-2022-49628 at NVD CVE-2022-49631 at SUSE CVE-2022-49631 at NVD CVE-2022-49634 at SUSE CVE-2022-49634 at NVD CVE-2022-49635 at SUSE CVE-2022-49635 at NVD CVE-2022-49638 at SUSE CVE-2022-49638 at NVD CVE-2022-49640 at SUSE CVE-2022-49640 at NVD CVE-2022-49641 at SUSE CVE-2022-49641 at NVD CVE-2022-49642 at SUSE CVE-2022-49642 at NVD CVE-2022-49643 at SUSE CVE-2022-49643 at NVD CVE-2022-49644 at SUSE CVE-2022-49644 at NVD CVE-2022-49645 at SUSE CVE-2022-49645 at NVD CVE-2022-49646 at SUSE CVE-2022-49646 at NVD CVE-2022-49647 at SUSE CVE-2022-49647 at NVD CVE-2022-49648 at SUSE CVE-2022-49648 at NVD CVE-2022-49649 at SUSE CVE-2022-49649 at NVD CVE-2022-49650 at SUSE CVE-2022-49650 at NVD CVE-2022-49652 at SUSE CVE-2022-49652 at NVD CVE-2022-49653 at SUSE CVE-2022-49653 at NVD CVE-2022-49655 at SUSE CVE-2022-49655 at NVD CVE-2022-49656 at SUSE CVE-2022-49656 at NVD CVE-2022-49657 at SUSE CVE-2022-49657 at NVD CVE-2022-49658 at SUSE CVE-2022-49658 at NVD CVE-2022-49661 at SUSE CVE-2022-49661 at NVD CVE-2022-49663 at SUSE CVE-2022-49663 at NVD CVE-2022-49665 at SUSE CVE-2022-49665 at NVD CVE-2022-49667 at SUSE CVE-2022-49667 at NVD CVE-2022-49668 at SUSE CVE-2022-49668 at NVD CVE-2022-49670 at SUSE CVE-2022-49670 at NVD CVE-2022-49671 at SUSE CVE-2022-49671 at NVD CVE-2022-49672 at SUSE CVE-2022-49672 at NVD CVE-2022-49673 at SUSE CVE-2022-49673 at NVD CVE-2022-49674 at SUSE CVE-2022-49674 at NVD CVE-2022-49675 at SUSE CVE-2022-49675 at NVD CVE-2022-49676 at SUSE CVE-2022-49676 at NVD CVE-2022-49677 at SUSE CVE-2022-49677 at NVD CVE-2022-49678 at SUSE CVE-2022-49678 at NVD CVE-2022-49679 at SUSE CVE-2022-49679 at NVD CVE-2022-49680 at SUSE CVE-2022-49680 at NVD CVE-2022-49683 at SUSE CVE-2022-49683 at NVD CVE-2022-49685 at SUSE CVE-2022-49685 at NVD CVE-2022-49686 at SUSE CVE-2022-49686 at NVD CVE-2022-49687 at SUSE CVE-2022-49687 at NVD CVE-2022-49688 at SUSE CVE-2022-49688 at NVD CVE-2022-49693 at SUSE CVE-2022-49693 at NVD CVE-2022-49694 at SUSE CVE-2022-49694 at NVD CVE-2022-49695 at SUSE CVE-2022-49695 at NVD CVE-2022-49697 at SUSE CVE-2022-49697 at NVD CVE-2022-49699 at SUSE CVE-2022-49699 at NVD CVE-2022-49700 at SUSE CVE-2022-49700 at NVD CVE-2022-49701 at SUSE CVE-2022-49701 at NVD CVE-2022-49703 at SUSE CVE-2022-49703 at NVD CVE-2022-49704 at SUSE CVE-2022-49704 at NVD CVE-2022-49705 at SUSE CVE-2022-49705 at NVD CVE-2022-49707 at SUSE CVE-2022-49707 at NVD CVE-2022-49708 at SUSE CVE-2022-49708 at NVD CVE-2022-49710 at SUSE CVE-2022-49710 at NVD CVE-2022-49711 at SUSE CVE-2022-49711 at NVD CVE-2022-49712 at SUSE CVE-2022-49712 at NVD CVE-2022-49713 at SUSE CVE-2022-49713 at NVD CVE-2022-49714 at SUSE CVE-2022-49714 at NVD CVE-2022-49715 at SUSE CVE-2022-49715 at NVD CVE-2022-49716 at SUSE CVE-2022-49716 at NVD CVE-2022-49719 at SUSE CVE-2022-49719 at NVD CVE-2022-49720 at SUSE CVE-2022-49720 at NVD CVE-2022-49721 at SUSE CVE-2022-49721 at NVD CVE-2022-49722 at SUSE CVE-2022-49722 at NVD CVE-2022-49723 at SUSE CVE-2022-49723 at NVD CVE-2022-49724 at SUSE CVE-2022-49724 at NVD CVE-2022-49725 at SUSE CVE-2022-49725 at NVD CVE-2022-49726 at SUSE CVE-2022-49726 at NVD CVE-2022-49729 at SUSE CVE-2022-49729 at NVD CVE-2022-49730 at SUSE CVE-2022-49730 at NVD CVE-2022-49731 at SUSE CVE-2022-49731 at NVD CVE-2022-49732 at SUSE CVE-2022-49732 at NVD CVE-2022-49733 at SUSE CVE-2022-49733 at NVD CVE-2022-49739 at SUSE CVE-2022-49739 at NVD CVE-2022-49746 at SUSE CVE-2022-49746 at NVD CVE-2022-49748 at SUSE CVE-2022-49748 at NVD CVE-2022-49751 at SUSE CVE-2022-49751 at NVD CVE-2022-49753 at SUSE CVE-2022-49753 at NVD CVE-2022-49755 at SUSE CVE-2022-49755 at NVD CVE-2022-49759 at SUSE CVE-2022-49759 at NVD CVE-2023-0179 at SUSE CVE-2023-0179 at NVD CVE-2023-1652 at SUSE CVE-2023-1652 at NVD CVE-2023-2162 at SUSE CVE-2023-2162 at NVD CVE-2023-28410 at SUSE CVE-2023-28410 at NVD CVE-2023-3567 at SUSE CVE-2023-3567 at NVD CVE-2023-52930 at SUSE CVE-2023-52930 at NVD CVE-2023-52933 at SUSE CVE-2023-52933 at NVD CVE-2023-52935 at SUSE CVE-2023-52935 at NVD CVE-2023-52939 at SUSE CVE-2023-52939 at NVD CVE-2023-52941 at SUSE CVE-2023-52941 at NVD CVE-2023-52973 at SUSE CVE-2023-52973 at NVD CVE-2023-52974 at SUSE CVE-2023-52974 at NVD CVE-2023-52975 at SUSE CVE-2023-52975 at NVD CVE-2023-52976 at SUSE CVE-2023-52976 at NVD CVE-2023-52979 at SUSE CVE-2023-52979 at NVD CVE-2023-52983 at SUSE CVE-2023-52983 at NVD CVE-2023-52984 at SUSE CVE-2023-52984 at NVD CVE-2023-52988 at SUSE CVE-2023-52988 at NVD CVE-2023-52989 at SUSE CVE-2023-52989 at NVD CVE-2023-52992 at SUSE CVE-2023-52992 at NVD CVE-2023-52993 at SUSE CVE-2023-52993 at NVD CVE-2023-53000 at SUSE CVE-2023-53000 at NVD CVE-2023-53005 at SUSE CVE-2023-53005 at NVD CVE-2023-53006 at SUSE CVE-2023-53006 at NVD CVE-2023-53007 at SUSE CVE-2023-53007 at NVD CVE-2023-53008 at SUSE CVE-2023-53008 at NVD CVE-2023-53010 at SUSE CVE-2023-53010 at NVD CVE-2023-53015 at SUSE CVE-2023-53015 at NVD CVE-2023-53016 at SUSE CVE-2023-53016 at NVD CVE-2023-53019 at SUSE CVE-2023-53019 at NVD CVE-2023-53023 at SUSE CVE-2023-53023 at NVD CVE-2023-53024 at SUSE CVE-2023-53024 at NVD CVE-2023-53025 at SUSE CVE-2023-53025 at NVD CVE-2023-53026 at SUSE CVE-2023-53026 at NVD CVE-2023-53028 at SUSE CVE-2023-53028 at NVD CVE-2023-53029 at SUSE CVE-2023-53029 at NVD CVE-2023-53030 at SUSE CVE-2023-53030 at NVD CVE-2023-53033 at SUSE CVE-2023-53033 at NVD CVE-2024-26634 at SUSE CVE-2024-26634 at NVD CVE-2024-47678 at SUSE CVE-2024-47678 at NVD CVE-2024-50290 at SUSE CVE-2024-50290 at NVD CVE-2024-53063 at SUSE CVE-2024-53063 at NVD CVE-2024-53124 at SUSE CVE-2024-53124 at NVD CVE-2024-53176 at SUSE CVE-2024-53176 at NVD CVE-2024-53178 at SUSE CVE-2024-53178 at NVD CVE-2024-56651 at SUSE CVE-2024-56651 at NVD CVE-2024-57996 at SUSE CVE-2024-57996 at NVD CVE-2024-58013 at SUSE CVE-2024-58013 at NVD CVE-2024-58014 at SUSE CVE-2024-58014 at NVD CVE-2025-21693 at SUSE CVE-2025-21693 at NVD CVE-2025-21718 at SUSE CVE-2025-21718 at NVD CVE-2025-21772 at SUSE CVE-2025-21772 at NVD CVE-2025-21780 at SUSE CVE-2025-21780 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Important) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2024-8176: Fixed denial of service from chaining a large number of entities caused by stack overflow by resolving use of recursion (bsc#1239618) Other fixes: - version update to 2.7.1 (jsc#PED-12500) Bug fixes: #980 #989 Restore event pointer behavior from Expat 2.6.4 (that the fix to CVE-2024-8176 changed in 2.7.0); affected API functions are: - XML_GetCurrentByteCount - XML_GetCurrentByteIndex - XML_GetCurrentColumnNumber - XML_GetCurrentLineNumber - XML_GetInputContext Other changes: #976 #977 Autotools: Integrate files 'fuzz/xml_lpm_fuzzer.{cpp,proto}' with Automake that were missing from 2.7.0 release tarballs #983 #984 Fix printf format specifiers for 32bit Emscripten #992 docs: Promote OpenSSF Best Practices self-certification #978 tests/benchmark: Resolve mistaken double close #986 Address compiler warnings #990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1) to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/ for what these numbers do Infrastructure: #982 CI: Start running Perl XML::Parser integration tests #987 CI: Enforce Clang Static Analyzer clean code #991 CI: Re-enable warning clang-analyzer-valist.Uninitialized for clang-tidy #981 CI: Cover compilation with musl #983 #984 CI: Cover compilation with 32bit Emscripten #976 #977 CI: Protect against fuzzer files missing from future release archives - version update to 2.7.0 #935 #937 Autotools: Make generated CMake files look for libexpat.@SO_MAJOR@.dylib on macOS #925 Autotools: Sync CMake templates with CMake 3.29 #945 #962 #966 CMake: Drop support for CMake <3.13 #942 CMake: Small fuzzing related improvements #921 docs: Add missing documentation of error code XML_ERROR_NOT_STARTED that was introduced with 2.6.4 #941 docs: Document need for C++11 compiler for use from C++ #959 tests/benchmark: Fix a (harmless) TOCTTOU #944 Windows: Fix installer target location of file xmlwf.xml for CMake #953 Windows: Address warning -Wunknown-warning-option about -Wno-pedantic-ms-format from LLVM MinGW #971 Address Cppcheck warnings #969 #970 Mass-migrate links from http:// to https:// #947 #958 .. #974 #975 Document changes since the previous release #974 #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0) to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/ for what these numbers do Important SUSE bug 1239618 CVE-2024-8176 at SUSE CVE-2024-8176 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918). - CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919). - CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207). - CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276). - CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074). - CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894). - CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895). - CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528). - CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076). - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239095). - CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109). - CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029). - CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073). - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911). - CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115). The following non-security bugs were fixed: - ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530). - btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968). - btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968). - btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968). - btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969). - btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969). - cifs: Add a laundromat thread for cached directories (git-fixes). - cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (git-fixes). - gfs2: Fix inode height consistency check (git-fixes). - mm: zswap: move allocations during CPU init outside the lock (git-fixes). - mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() (bsc#1239126). - net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016). - net: mana: Allow variable size indirection table (bsc#1239016). - net: mana: Avoid open coded arithmetic (bsc#1239016). - net: mana: Support holes in device list reply msg (bsc#1240133). - RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016). - RDMA/mana_ib: Use v2 version of cfg_rx_steer_req to enable RX coalescing (bsc#1239016). - sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743). - smb: client: destroy cfid_put_wq on module exit (git-fixes). - smb: client: disable directory caching when dir_cache_timeout is zero (git-fixes). - smb: client: do not start laundromat thread on nohandlecache (git-fixes). - smb: client: make laundromat a delayed worker (git-fixes). - smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896). - smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes). - smb3: do not start laundromat thread when dir leases disabled (git-fixes). - smb3: retrying on failed server close (git-fixes). - tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870). Important SUSE bug 1065729 SUSE bug 1180814 SUSE bug 1183682 SUSE bug 1190336 SUSE bug 1190768 SUSE bug 1190786 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1194904 SUSE bug 1195823 SUSE bug 1196444 SUSE bug 1197158 SUSE bug 1197174 SUSE bug 1197227 SUSE bug 1197246 SUSE bug 1197302 SUSE bug 1197331 SUSE bug 1197472 SUSE bug 1197661 SUSE bug 1197926 SUSE bug 1198019 SUSE bug 1198021 SUSE bug 1198240 SUSE bug 1198577 SUSE bug 1198660 SUSE bug 1199657 SUSE bug 1200045 SUSE bug 1200571 SUSE bug 1200807 SUSE bug 1200809 SUSE bug 1200810 SUSE bug 1200824 SUSE bug 1200825 SUSE bug 1200871 SUSE bug 1200872 SUSE bug 1201193 SUSE bug 1201218 SUSE bug 1201323 SUSE bug 1201381 SUSE bug 1201610 SUSE bug 1202672 SUSE bug 1202711 SUSE bug 1202712 SUSE bug 1202771 SUSE bug 1202774 SUSE bug 1202778 SUSE bug 1202781 SUSE bug 1203699 SUSE bug 1203769 SUSE bug 1204171 SUSE bug 1205205 SUSE bug 1205701 SUSE bug 1206048 SUSE bug 1206049 SUSE bug 1206451 SUSE bug 1207034 SUSE bug 1207186 SUSE bug 1207361 SUSE bug 1207593 SUSE bug 1207640 SUSE bug 1207878 SUSE bug 1209262 SUSE bug 1209547 SUSE bug 1209788 SUSE bug 1209980 SUSE bug 1210050 SUSE bug 1210647 SUSE bug 1211263 SUSE bug 1213167 SUSE bug 1218450 SUSE bug 1221651 SUSE bug 1225428 SUSE bug 1225742 SUSE bug 1229312 SUSE bug 1231375 SUSE bug 1231432 SUSE bug 1231854 SUSE bug 1232299 SUSE bug 1232743 SUSE bug 1233479 SUSE bug 1233557 SUSE bug 1233749 SUSE bug 1234074 SUSE bug 1234894 SUSE bug 1234895 SUSE bug 1234896 SUSE bug 1235528 SUSE bug 1235599 SUSE bug 1235870 SUSE bug 1237029 SUSE bug 1237521 SUSE bug 1237530 SUSE bug 1237718 SUSE bug 1237721 SUSE bug 1237722 SUSE bug 1237723 SUSE bug 1237724 SUSE bug 1237725 SUSE bug 1237726 SUSE bug 1237727 SUSE bug 1237728 SUSE bug 1237729 SUSE bug 1237730 SUSE bug 1237733 SUSE bug 1237734 SUSE bug 1237735 SUSE bug 1237736 SUSE bug 1237737 SUSE bug 1237738 SUSE bug 1237739 SUSE bug 1237740 SUSE bug 1237742 SUSE bug 1237743 SUSE bug 1237744 SUSE bug 1237745 SUSE bug 1237746 SUSE bug 1237748 SUSE bug 1237749 SUSE bug 1237751 SUSE bug 1237752 SUSE bug 1237753 SUSE bug 1237755 SUSE bug 1237759 SUSE bug 1237761 SUSE bug 1237763 SUSE bug 1237766 SUSE bug 1237767 SUSE bug 1237768 SUSE bug 1237774 SUSE bug 1237775 SUSE bug 1237778 SUSE bug 1237779 SUSE bug 1237780 SUSE bug 1237782 SUSE bug 1237783 SUSE bug 1237784 SUSE bug 1237785 SUSE bug 1237786 SUSE bug 1237787 SUSE bug 1237788 SUSE bug 1237789 SUSE bug 1237790 SUSE bug 1237792 SUSE bug 1237794 SUSE bug 1237795 SUSE bug 1237797 SUSE bug 1237798 SUSE bug 1237799 SUSE bug 1237807 SUSE bug 1237808 SUSE bug 1237809 SUSE bug 1237810 SUSE bug 1237812 SUSE bug 1237813 SUSE bug 1237814 SUSE bug 1237815 SUSE bug 1237816 SUSE bug 1237817 SUSE bug 1237818 SUSE bug 1237820 SUSE bug 1237821 SUSE bug 1237823 SUSE bug 1237824 SUSE bug 1237826 SUSE bug 1237827 SUSE bug 1237829 SUSE bug 1237831 SUSE bug 1237835 SUSE bug 1237836 SUSE bug 1237837 SUSE bug 1237839 SUSE bug 1237840 SUSE bug 1237845 SUSE bug 1237846 SUSE bug 1237868 SUSE bug 1237872 SUSE bug 1237892 SUSE bug 1237903 SUSE bug 1237904 SUSE bug 1237916 SUSE bug 1237918 SUSE bug 1237922 SUSE bug 1237925 SUSE bug 1237926 SUSE bug 1237927 SUSE bug 1237928 SUSE bug 1237929 SUSE bug 1237931 SUSE bug 1237932 SUSE bug 1237933 SUSE bug 1237937 SUSE bug 1237940 SUSE bug 1237941 SUSE bug 1237942 SUSE bug 1237946 SUSE bug 1237951 SUSE bug 1237952 SUSE bug 1237954 SUSE bug 1237955 SUSE bug 1237957 SUSE bug 1237958 SUSE bug 1237959 SUSE bug 1237960 SUSE bug 1237961 SUSE bug 1237962 SUSE bug 1237963 SUSE bug 1237965 SUSE bug 1237966 SUSE bug 1237967 SUSE bug 1237968 SUSE bug 1237969 SUSE bug 1237970 SUSE bug 1237971 SUSE bug 1237972 SUSE bug 1237973 SUSE bug 1237975 SUSE bug 1237976 SUSE bug 1237978 SUSE bug 1237979 SUSE bug 1237980 SUSE bug 1237982 SUSE bug 1237983 SUSE bug 1237984 SUSE bug 1237986 SUSE bug 1237987 SUSE bug 1237990 SUSE bug 1237992 SUSE bug 1237996 SUSE bug 1237997 SUSE bug 1237998 SUSE bug 1237999 SUSE bug 1238000 SUSE bug 1238003 SUSE bug 1238004 SUSE bug 1238005 SUSE bug 1238006 SUSE bug 1238007 SUSE bug 1238009 SUSE bug 1238010 SUSE bug 1238011 SUSE bug 1238012 SUSE bug 1238013 SUSE bug 1238014 SUSE bug 1238016 SUSE bug 1238017 SUSE bug 1238018 SUSE bug 1238019 SUSE bug 1238021 SUSE bug 1238022 SUSE bug 1238024 SUSE bug 1238025 SUSE bug 1238030 SUSE bug 1238032 SUSE bug 1238036 SUSE bug 1238037 SUSE bug 1238041 SUSE bug 1238046 SUSE bug 1238047 SUSE bug 1238048 SUSE bug 1238069 SUSE bug 1238071 SUSE bug 1238077 SUSE bug 1238079 SUSE bug 1238080 SUSE bug 1238083 SUSE bug 1238084 SUSE bug 1238085 SUSE bug 1238086 SUSE bug 1238089 SUSE bug 1238090 SUSE bug 1238091 SUSE bug 1238092 SUSE bug 1238096 SUSE bug 1238097 SUSE bug 1238099 SUSE bug 1238103 SUSE bug 1238105 SUSE bug 1238106 SUSE bug 1238107 SUSE bug 1238108 SUSE bug 1238110 SUSE bug 1238111 SUSE bug 1238112 SUSE bug 1238113 SUSE bug 1238114 SUSE bug 1238115 SUSE bug 1238116 SUSE bug 1238118 SUSE bug 1238120 SUSE bug 1238122 SUSE bug 1238123 SUSE bug 1238125 SUSE bug 1238126 SUSE bug 1238127 SUSE bug 1238128 SUSE bug 1238131 SUSE bug 1238134 SUSE bug 1238135 SUSE bug 1238138 SUSE bug 1238139 SUSE bug 1238140 SUSE bug 1238142 SUSE bug 1238144 SUSE bug 1238146 SUSE bug 1238147 SUSE bug 1238149 SUSE bug 1238150 SUSE bug 1238153 SUSE bug 1238155 SUSE bug 1238156 SUSE bug 1238157 SUSE bug 1238158 SUSE bug 1238160 SUSE bug 1238162 SUSE bug 1238166 SUSE bug 1238167 SUSE bug 1238168 SUSE bug 1238169 SUSE bug 1238170 SUSE bug 1238171 SUSE bug 1238172 SUSE bug 1238175 SUSE bug 1238176 SUSE bug 1238177 SUSE bug 1238178 SUSE bug 1238179 SUSE bug 1238180 SUSE bug 1238181 SUSE bug 1238183 SUSE bug 1238184 SUSE bug 1238187 SUSE bug 1238221 SUSE bug 1238222 SUSE bug 1238226 SUSE bug 1238228 SUSE bug 1238229 SUSE bug 1238231 SUSE bug 1238233 SUSE bug 1238234 SUSE bug 1238235 SUSE bug 1238236 SUSE bug 1238238 SUSE bug 1238239 SUSE bug 1238240 SUSE bug 1238241 SUSE bug 1238242 SUSE bug 1238243 SUSE bug 1238244 SUSE bug 1238246 SUSE bug 1238247 SUSE bug 1238248 SUSE bug 1238249 SUSE bug 1238252 SUSE bug 1238253 SUSE bug 1238255 SUSE bug 1238256 SUSE bug 1238257 SUSE bug 1238260 SUSE bug 1238261 SUSE bug 1238262 SUSE bug 1238263 SUSE bug 1238264 SUSE bug 1238266 SUSE bug 1238267 SUSE bug 1238268 SUSE bug 1238269 SUSE bug 1238270 SUSE bug 1238271 SUSE bug 1238272 SUSE bug 1238274 SUSE bug 1238275 SUSE bug 1238276 SUSE bug 1238277 SUSE bug 1238278 SUSE bug 1238279 SUSE bug 1238281 SUSE bug 1238282 SUSE bug 1238283 SUSE bug 1238284 SUSE bug 1238285 SUSE bug 1238286 SUSE bug 1238287 SUSE bug 1238288 SUSE bug 1238289 SUSE bug 1238291 SUSE bug 1238292 SUSE bug 1238293 SUSE bug 1238295 SUSE bug 1238298 SUSE bug 1238300 SUSE bug 1238301 SUSE bug 1238302 SUSE bug 1238306 SUSE bug 1238307 SUSE bug 1238308 SUSE bug 1238309 SUSE bug 1238311 SUSE bug 1238313 SUSE bug 1238326 SUSE bug 1238327 SUSE bug 1238328 SUSE bug 1238329 SUSE bug 1238331 SUSE bug 1238333 SUSE bug 1238334 SUSE bug 1238335 SUSE bug 1238336 SUSE bug 1238337 SUSE bug 1238338 SUSE bug 1238339 SUSE bug 1238341 SUSE bug 1238343 SUSE bug 1238344 SUSE bug 1238345 SUSE bug 1238372 SUSE bug 1238373 SUSE bug 1238374 SUSE bug 1238376 SUSE bug 1238377 SUSE bug 1238378 SUSE bug 1238381 SUSE bug 1238382 SUSE bug 1238383 SUSE bug 1238385 SUSE bug 1238386 SUSE bug 1238387 SUSE bug 1238388 SUSE bug 1238389 SUSE bug 1238390 SUSE bug 1238391 SUSE bug 1238392 SUSE bug 1238393 SUSE bug 1238394 SUSE bug 1238395 SUSE bug 1238396 SUSE bug 1238397 SUSE bug 1238398 SUSE bug 1238400 SUSE bug 1238401 SUSE bug 1238410 SUSE bug 1238411 SUSE bug 1238413 SUSE bug 1238415 SUSE bug 1238416 SUSE bug 1238417 SUSE bug 1238418 SUSE bug 1238419 SUSE bug 1238420 SUSE bug 1238422 SUSE bug 1238423 SUSE bug 1238424 SUSE bug 1238428 SUSE bug 1238429 SUSE bug 1238430 SUSE bug 1238431 SUSE bug 1238432 SUSE bug 1238433 SUSE bug 1238434 SUSE bug 1238435 SUSE bug 1238436 SUSE bug 1238437 SUSE bug 1238440 SUSE bug 1238441 SUSE bug 1238442 SUSE bug 1238443 SUSE bug 1238444 SUSE bug 1238445 SUSE bug 1238447 SUSE bug 1238453 SUSE bug 1238454 SUSE bug 1238458 SUSE bug 1238459 SUSE bug 1238462 SUSE bug 1238463 SUSE bug 1238465 SUSE bug 1238467 SUSE bug 1238469 SUSE bug 1238533 SUSE bug 1238536 SUSE bug 1238538 SUSE bug 1238539 SUSE bug 1238540 SUSE bug 1238542 SUSE bug 1238543 SUSE bug 1238546 SUSE bug 1238551 SUSE bug 1238552 SUSE bug 1238556 SUSE bug 1238557 SUSE bug 1238599 SUSE bug 1238600 SUSE bug 1238601 SUSE bug 1238602 SUSE bug 1238605 SUSE bug 1238612 SUSE bug 1238613 SUSE bug 1238615 SUSE bug 1238616 SUSE bug 1238617 SUSE bug 1238618 SUSE bug 1238619 SUSE bug 1238621 SUSE bug 1238623 SUSE bug 1238625 SUSE bug 1238626 SUSE bug 1238630 SUSE bug 1238631 SUSE bug 1238632 SUSE bug 1238633 SUSE bug 1238635 SUSE bug 1238636 SUSE bug 1238638 SUSE bug 1238639 SUSE bug 1238640 SUSE bug 1238641 SUSE bug 1238642 SUSE bug 1238643 SUSE bug 1238645 SUSE bug 1238646 SUSE bug 1238647 SUSE bug 1238648 SUSE bug 1238649 SUSE bug 1238650 SUSE bug 1238653 SUSE bug 1238654 SUSE bug 1238655 SUSE bug 1238658 SUSE bug 1238661 SUSE bug 1238662 SUSE bug 1238663 SUSE bug 1238664 SUSE bug 1238666 SUSE bug 1238668 SUSE bug 1238705 SUSE bug 1238707 SUSE bug 1238710 SUSE bug 1238712 SUSE bug 1238718 SUSE bug 1238719 SUSE bug 1238721 SUSE bug 1238722 SUSE bug 1238727 SUSE bug 1238729 SUSE bug 1238750 SUSE bug 1238787 SUSE bug 1238789 SUSE bug 1238792 SUSE bug 1238799 SUSE bug 1238803 SUSE bug 1238804 SUSE bug 1238805 SUSE bug 1238806 SUSE bug 1238808 SUSE bug 1238809 SUSE bug 1238810 SUSE bug 1238811 SUSE bug 1238814 SUSE bug 1238815 SUSE bug 1238816 SUSE bug 1238817 SUSE bug 1238818 SUSE bug 1238819 SUSE bug 1238820 SUSE bug 1238821 SUSE bug 1238822 SUSE bug 1238823 SUSE bug 1238825 SUSE bug 1238830 SUSE bug 1238834 SUSE bug 1238835 SUSE bug 1238836 SUSE bug 1238838 SUSE bug 1238843 SUSE bug 1238867 SUSE bug 1238868 SUSE bug 1238869 SUSE bug 1238870 SUSE bug 1238871 SUSE bug 1238878 SUSE bug 1238889 SUSE bug 1238892 SUSE bug 1238893 SUSE bug 1238897 SUSE bug 1238898 SUSE bug 1238899 SUSE bug 1238902 SUSE bug 1238911 SUSE bug 1238916 SUSE bug 1238919 SUSE bug 1238925 SUSE bug 1238930 SUSE bug 1238933 SUSE bug 1238936 SUSE bug 1238937 SUSE bug 1238938 SUSE bug 1238939 SUSE bug 1238941 SUSE bug 1238942 SUSE bug 1238943 SUSE bug 1238944 SUSE bug 1238945 SUSE bug 1238946 SUSE bug 1238948 SUSE bug 1238949 SUSE bug 1238950 SUSE bug 1238951 SUSE bug 1238952 SUSE bug 1238953 SUSE bug 1238954 SUSE bug 1238956 SUSE bug 1238957 SUSE bug 1239001 SUSE bug 1239004 SUSE bug 1239016 SUSE bug 1239035 SUSE bug 1239040 SUSE bug 1239041 SUSE bug 1239051 SUSE bug 1239060 SUSE bug 1239070 SUSE bug 1239071 SUSE bug 1239073 SUSE bug 1239076 SUSE bug 1239095 SUSE bug 1239109 SUSE bug 1239115 SUSE bug 1239126 SUSE bug 1239452 SUSE bug 1239454 SUSE bug 1239968 SUSE bug 1239969 SUSE bug 1240133 SUSE bug 1240205 SUSE bug 1240207 SUSE bug 1240208 SUSE bug 1240210 SUSE bug 1240212 SUSE bug 1240213 SUSE bug 1240218 SUSE bug 1240220 SUSE bug 1240227 SUSE bug 1240229 SUSE bug 1240231 SUSE bug 1240242 SUSE bug 1240245 SUSE bug 1240247 SUSE bug 1240250 SUSE bug 1240254 SUSE bug 1240256 SUSE bug 1240264 SUSE bug 1240266 SUSE bug 1240272 SUSE bug 1240275 SUSE bug 1240276 SUSE bug 1240278 SUSE bug 1240279 SUSE bug 1240280 SUSE bug 1240281 SUSE bug 1240282 SUSE bug 1240283 SUSE bug 1240284 SUSE bug 1240286 SUSE bug 1240288 SUSE bug 1240290 SUSE bug 1240292 SUSE bug 1240293 SUSE bug 1240297 SUSE bug 1240304 SUSE bug 1240308 SUSE bug 1240309 SUSE bug 1240317 SUSE bug 1240318 SUSE bug 1240322 CVE-2017-5753 at SUSE CVE-2017-5753 at NVD CVE-2021-4453 at SUSE CVE-2021-4453 at NVD CVE-2021-4454 at SUSE CVE-2021-4454 at NVD CVE-2021-47517 at SUSE CVE-2021-47517 at NVD CVE-2021-47631 at SUSE CVE-2021-47631 at NVD CVE-2021-47632 at SUSE CVE-2021-47632 at NVD CVE-2021-47633 at SUSE CVE-2021-47633 at NVD CVE-2021-47635 at SUSE CVE-2021-47635 at NVD CVE-2021-47636 at SUSE CVE-2021-47636 at NVD CVE-2021-47637 at SUSE CVE-2021-47637 at NVD CVE-2021-47638 at SUSE CVE-2021-47638 at NVD CVE-2021-47639 at SUSE CVE-2021-47639 at NVD CVE-2021-47641 at SUSE CVE-2021-47641 at NVD CVE-2021-47642 at SUSE CVE-2021-47642 at NVD CVE-2021-47643 at SUSE CVE-2021-47643 at NVD CVE-2021-47644 at SUSE CVE-2021-47644 at NVD CVE-2021-47645 at SUSE CVE-2021-47645 at NVD CVE-2021-47646 at SUSE CVE-2021-47646 at NVD CVE-2021-47647 at SUSE CVE-2021-47647 at NVD CVE-2021-47648 at SUSE CVE-2021-47648 at NVD CVE-2021-47649 at SUSE CVE-2021-47649 at NVD CVE-2021-47650 at SUSE CVE-2021-47650 at NVD CVE-2021-47651 at SUSE CVE-2021-47651 at NVD CVE-2021-47652 at SUSE CVE-2021-47652 at NVD CVE-2021-47653 at SUSE CVE-2021-47653 at NVD CVE-2021-47654 at SUSE CVE-2021-47654 at NVD CVE-2021-47656 at SUSE CVE-2021-47656 at NVD CVE-2021-47657 at SUSE CVE-2021-47657 at NVD CVE-2021-47659 at SUSE CVE-2021-47659 at NVD CVE-2022-0168 at SUSE CVE-2022-0168 at NVD CVE-2022-0995 at SUSE CVE-2022-0995 at NVD CVE-2022-1016 at SUSE CVE-2022-1016 at NVD CVE-2022-1048 at SUSE CVE-2022-1048 at NVD CVE-2022-1184 at SUSE CVE-2022-1184 at NVD CVE-2022-2977 at SUSE CVE-2022-2977 at NVD CVE-2022-29900 at SUSE CVE-2022-29900 at NVD CVE-2022-29901 at SUSE CVE-2022-29901 at NVD CVE-2022-3303 at SUSE CVE-2022-3303 at NVD CVE-2022-3435 at SUSE CVE-2022-3435 at NVD CVE-2022-49044 at SUSE CVE-2022-49044 at NVD CVE-2022-49050 at SUSE CVE-2022-49050 at NVD CVE-2022-49051 at SUSE CVE-2022-49051 at NVD CVE-2022-49053 at SUSE CVE-2022-49053 at NVD CVE-2022-49054 at SUSE CVE-2022-49054 at NVD CVE-2022-49055 at SUSE CVE-2022-49055 at NVD CVE-2022-49056 at SUSE CVE-2022-49056 at NVD CVE-2022-49057 at SUSE CVE-2022-49057 at NVD CVE-2022-49058 at SUSE CVE-2022-49058 at NVD CVE-2022-49059 at SUSE CVE-2022-49059 at NVD CVE-2022-49060 at SUSE CVE-2022-49060 at NVD CVE-2022-49061 at SUSE CVE-2022-49061 at NVD CVE-2022-49062 at SUSE CVE-2022-49062 at NVD CVE-2022-49063 at SUSE CVE-2022-49063 at NVD CVE-2022-49064 at SUSE CVE-2022-49064 at NVD CVE-2022-49065 at SUSE CVE-2022-49065 at NVD CVE-2022-49066 at SUSE CVE-2022-49066 at NVD CVE-2022-49070 at SUSE CVE-2022-49070 at NVD CVE-2022-49071 at SUSE CVE-2022-49071 at NVD CVE-2022-49073 at SUSE CVE-2022-49073 at NVD CVE-2022-49074 at SUSE CVE-2022-49074 at NVD CVE-2022-49075 at SUSE CVE-2022-49075 at NVD CVE-2022-49076 at SUSE CVE-2022-49076 at NVD CVE-2022-49078 at SUSE CVE-2022-49078 at NVD CVE-2022-49082 at SUSE CVE-2022-49082 at NVD CVE-2022-49083 at SUSE CVE-2022-49083 at NVD CVE-2022-49084 at SUSE CVE-2022-49084 at NVD CVE-2022-49085 at SUSE CVE-2022-49085 at NVD CVE-2022-49086 at SUSE CVE-2022-49086 at NVD CVE-2022-49088 at SUSE CVE-2022-49088 at NVD CVE-2022-49089 at SUSE CVE-2022-49089 at NVD CVE-2022-49090 at SUSE CVE-2022-49090 at NVD CVE-2022-49091 at SUSE CVE-2022-49091 at NVD CVE-2022-49092 at SUSE CVE-2022-49092 at NVD CVE-2022-49093 at SUSE CVE-2022-49093 at NVD CVE-2022-49095 at SUSE CVE-2022-49095 at NVD CVE-2022-49096 at SUSE CVE-2022-49096 at NVD CVE-2022-49097 at SUSE CVE-2022-49097 at NVD CVE-2022-49098 at SUSE CVE-2022-49098 at NVD CVE-2022-49099 at SUSE CVE-2022-49099 at NVD CVE-2022-49100 at SUSE CVE-2022-49100 at NVD CVE-2022-49102 at SUSE CVE-2022-49102 at NVD CVE-2022-49103 at SUSE CVE-2022-49103 at NVD CVE-2022-49104 at SUSE CVE-2022-49104 at NVD CVE-2022-49105 at SUSE CVE-2022-49105 at NVD CVE-2022-49106 at SUSE CVE-2022-49106 at NVD CVE-2022-49107 at SUSE CVE-2022-49107 at NVD CVE-2022-49109 at SUSE CVE-2022-49109 at NVD CVE-2022-49111 at SUSE CVE-2022-49111 at NVD CVE-2022-49112 at SUSE CVE-2022-49112 at NVD CVE-2022-49113 at SUSE CVE-2022-49113 at NVD CVE-2022-49114 at SUSE CVE-2022-49114 at NVD CVE-2022-49115 at SUSE CVE-2022-49115 at NVD CVE-2022-49116 at SUSE CVE-2022-49116 at NVD CVE-2022-49118 at SUSE CVE-2022-49118 at NVD CVE-2022-49119 at SUSE CVE-2022-49119 at NVD CVE-2022-49120 at SUSE CVE-2022-49120 at NVD CVE-2022-49121 at SUSE CVE-2022-49121 at NVD CVE-2022-49122 at SUSE CVE-2022-49122 at NVD CVE-2022-49123 at SUSE CVE-2022-49123 at NVD CVE-2022-49125 at SUSE CVE-2022-49125 at NVD CVE-2022-49126 at SUSE CVE-2022-49126 at NVD CVE-2022-49128 at SUSE CVE-2022-49128 at NVD CVE-2022-49129 at SUSE CVE-2022-49129 at NVD CVE-2022-49130 at SUSE CVE-2022-49130 at NVD CVE-2022-49131 at SUSE CVE-2022-49131 at NVD CVE-2022-49132 at SUSE CVE-2022-49132 at NVD CVE-2022-49133 at SUSE CVE-2022-49133 at NVD CVE-2022-49134 at SUSE CVE-2022-49134 at NVD CVE-2022-49135 at SUSE CVE-2022-49135 at NVD CVE-2022-49136 at SUSE CVE-2022-49136 at NVD CVE-2022-49137 at SUSE CVE-2022-49137 at NVD CVE-2022-49138 at SUSE CVE-2022-49138 at NVD CVE-2022-49139 at SUSE CVE-2022-49139 at NVD CVE-2022-49144 at SUSE CVE-2022-49144 at NVD CVE-2022-49145 at SUSE CVE-2022-49145 at NVD CVE-2022-49147 at SUSE CVE-2022-49147 at NVD CVE-2022-49148 at SUSE CVE-2022-49148 at NVD CVE-2022-49151 at SUSE CVE-2022-49151 at NVD CVE-2022-49153 at SUSE CVE-2022-49153 at NVD CVE-2022-49154 at SUSE CVE-2022-49154 at NVD CVE-2022-49155 at SUSE CVE-2022-49155 at NVD CVE-2022-49156 at SUSE CVE-2022-49156 at NVD CVE-2022-49157 at SUSE CVE-2022-49157 at NVD CVE-2022-49158 at SUSE CVE-2022-49158 at NVD CVE-2022-49159 at SUSE CVE-2022-49159 at NVD CVE-2022-49160 at SUSE CVE-2022-49160 at NVD CVE-2022-49162 at SUSE CVE-2022-49162 at NVD CVE-2022-49163 at SUSE CVE-2022-49163 at NVD CVE-2022-49164 at SUSE CVE-2022-49164 at NVD CVE-2022-49165 at SUSE CVE-2022-49165 at NVD CVE-2022-49174 at SUSE CVE-2022-49174 at NVD CVE-2022-49175 at SUSE CVE-2022-49175 at NVD CVE-2022-49176 at SUSE CVE-2022-49176 at NVD CVE-2022-49177 at SUSE CVE-2022-49177 at NVD CVE-2022-49178 at SUSE CVE-2022-49178 at NVD CVE-2022-49179 at SUSE CVE-2022-49179 at NVD CVE-2022-49180 at SUSE CVE-2022-49180 at NVD CVE-2022-49182 at SUSE CVE-2022-49182 at NVD CVE-2022-49183 at SUSE CVE-2022-49183 at NVD CVE-2022-49185 at SUSE CVE-2022-49185 at NVD CVE-2022-49187 at SUSE CVE-2022-49187 at NVD CVE-2022-49188 at SUSE CVE-2022-49188 at NVD CVE-2022-49189 at SUSE CVE-2022-49189 at NVD CVE-2022-49192 at SUSE CVE-2022-49192 at NVD CVE-2022-49193 at SUSE CVE-2022-49193 at NVD CVE-2022-49194 at SUSE CVE-2022-49194 at NVD CVE-2022-49196 at SUSE CVE-2022-49196 at NVD CVE-2022-49199 at SUSE CVE-2022-49199 at NVD CVE-2022-49200 at SUSE CVE-2022-49200 at NVD CVE-2022-49201 at SUSE CVE-2022-49201 at NVD CVE-2022-49202 at SUSE CVE-2022-49202 at NVD CVE-2022-49203 at SUSE CVE-2022-49203 at NVD CVE-2022-49204 at SUSE CVE-2022-49204 at NVD CVE-2022-49205 at SUSE CVE-2022-49205 at NVD CVE-2022-49206 at SUSE CVE-2022-49206 at NVD CVE-2022-49207 at SUSE CVE-2022-49207 at NVD CVE-2022-49208 at SUSE CVE-2022-49208 at NVD CVE-2022-49209 at SUSE CVE-2022-49209 at NVD CVE-2022-49212 at SUSE CVE-2022-49212 at NVD CVE-2022-49213 at SUSE CVE-2022-49213 at NVD CVE-2022-49214 at SUSE CVE-2022-49214 at NVD CVE-2022-49215 at SUSE CVE-2022-49215 at NVD CVE-2022-49216 at SUSE CVE-2022-49216 at NVD CVE-2022-49217 at SUSE CVE-2022-49217 at NVD CVE-2022-49218 at SUSE CVE-2022-49218 at NVD CVE-2022-49219 at SUSE CVE-2022-49219 at NVD CVE-2022-49221 at SUSE CVE-2022-49221 at NVD CVE-2022-49222 at SUSE CVE-2022-49222 at NVD CVE-2022-49224 at SUSE CVE-2022-49224 at NVD CVE-2022-49225 at SUSE CVE-2022-49225 at NVD CVE-2022-49226 at SUSE CVE-2022-49226 at NVD CVE-2022-49227 at SUSE CVE-2022-49227 at NVD CVE-2022-49228 at SUSE CVE-2022-49228 at NVD CVE-2022-49230 at SUSE CVE-2022-49230 at NVD CVE-2022-49232 at SUSE CVE-2022-49232 at NVD CVE-2022-49233 at SUSE CVE-2022-49233 at NVD CVE-2022-49235 at SUSE CVE-2022-49235 at NVD CVE-2022-49236 at SUSE CVE-2022-49236 at NVD CVE-2022-49237 at SUSE CVE-2022-49237 at NVD CVE-2022-49238 at SUSE CVE-2022-49238 at NVD CVE-2022-49239 at SUSE CVE-2022-49239 at NVD CVE-2022-49241 at SUSE CVE-2022-49241 at NVD CVE-2022-49242 at SUSE CVE-2022-49242 at NVD CVE-2022-49243 at SUSE CVE-2022-49243 at NVD CVE-2022-49244 at SUSE CVE-2022-49244 at NVD CVE-2022-49246 at SUSE CVE-2022-49246 at NVD CVE-2022-49247 at SUSE CVE-2022-49247 at NVD CVE-2022-49248 at SUSE CVE-2022-49248 at NVD CVE-2022-49249 at SUSE CVE-2022-49249 at NVD CVE-2022-49250 at SUSE CVE-2022-49250 at NVD CVE-2022-49251 at SUSE CVE-2022-49251 at NVD CVE-2022-49252 at SUSE CVE-2022-49252 at NVD CVE-2022-49253 at SUSE CVE-2022-49253 at NVD CVE-2022-49254 at SUSE CVE-2022-49254 at NVD CVE-2022-49256 at SUSE CVE-2022-49256 at NVD CVE-2022-49257 at SUSE CVE-2022-49257 at NVD CVE-2022-49258 at SUSE CVE-2022-49258 at NVD CVE-2022-49259 at SUSE CVE-2022-49259 at NVD CVE-2022-49260 at SUSE CVE-2022-49260 at NVD CVE-2022-49261 at SUSE CVE-2022-49261 at NVD CVE-2022-49262 at SUSE CVE-2022-49262 at NVD CVE-2022-49263 at SUSE CVE-2022-49263 at NVD CVE-2022-49264 at SUSE CVE-2022-49264 at NVD CVE-2022-49265 at SUSE CVE-2022-49265 at NVD CVE-2022-49266 at SUSE CVE-2022-49266 at NVD CVE-2022-49268 at SUSE CVE-2022-49268 at NVD CVE-2022-49269 at SUSE CVE-2022-49269 at NVD CVE-2022-49270 at SUSE CVE-2022-49270 at NVD CVE-2022-49271 at SUSE CVE-2022-49271 at NVD CVE-2022-49272 at SUSE CVE-2022-49272 at NVD CVE-2022-49273 at SUSE CVE-2022-49273 at NVD CVE-2022-49274 at SUSE CVE-2022-49274 at NVD CVE-2022-49275 at SUSE CVE-2022-49275 at NVD CVE-2022-49276 at SUSE CVE-2022-49276 at NVD CVE-2022-49277 at SUSE CVE-2022-49277 at NVD CVE-2022-49278 at SUSE CVE-2022-49278 at NVD CVE-2022-49279 at SUSE CVE-2022-49279 at NVD CVE-2022-49280 at SUSE CVE-2022-49280 at NVD CVE-2022-49281 at SUSE CVE-2022-49281 at NVD CVE-2022-49283 at SUSE CVE-2022-49283 at NVD CVE-2022-49285 at SUSE CVE-2022-49285 at NVD CVE-2022-49286 at SUSE CVE-2022-49286 at NVD CVE-2022-49287 at SUSE CVE-2022-49287 at NVD CVE-2022-49288 at SUSE CVE-2022-49288 at NVD CVE-2022-49290 at SUSE CVE-2022-49290 at NVD CVE-2022-49291 at SUSE CVE-2022-49291 at NVD CVE-2022-49292 at SUSE CVE-2022-49292 at NVD CVE-2022-49293 at SUSE CVE-2022-49293 at NVD CVE-2022-49294 at SUSE CVE-2022-49294 at NVD CVE-2022-49295 at SUSE CVE-2022-49295 at NVD CVE-2022-49296 at SUSE CVE-2022-49296 at NVD CVE-2022-49297 at SUSE CVE-2022-49297 at NVD CVE-2022-49298 at SUSE CVE-2022-49298 at NVD CVE-2022-49299 at SUSE CVE-2022-49299 at NVD CVE-2022-49300 at SUSE CVE-2022-49300 at NVD CVE-2022-49301 at SUSE CVE-2022-49301 at NVD CVE-2022-49302 at SUSE CVE-2022-49302 at NVD CVE-2022-49304 at SUSE CVE-2022-49304 at NVD CVE-2022-49305 at SUSE CVE-2022-49305 at NVD CVE-2022-49306 at SUSE CVE-2022-49306 at NVD CVE-2022-49307 at SUSE CVE-2022-49307 at NVD CVE-2022-49308 at SUSE CVE-2022-49308 at NVD CVE-2022-49309 at SUSE CVE-2022-49309 at NVD CVE-2022-49310 at SUSE CVE-2022-49310 at NVD CVE-2022-49311 at SUSE CVE-2022-49311 at NVD CVE-2022-49312 at SUSE CVE-2022-49312 at NVD CVE-2022-49313 at SUSE CVE-2022-49313 at NVD CVE-2022-49314 at SUSE CVE-2022-49314 at NVD CVE-2022-49315 at SUSE CVE-2022-49315 at NVD CVE-2022-49316 at SUSE CVE-2022-49316 at NVD CVE-2022-49319 at SUSE CVE-2022-49319 at NVD CVE-2022-49320 at SUSE CVE-2022-49320 at NVD CVE-2022-49321 at SUSE CVE-2022-49321 at NVD CVE-2022-49322 at SUSE CVE-2022-49322 at NVD CVE-2022-49323 at SUSE CVE-2022-49323 at NVD CVE-2022-49325 at SUSE CVE-2022-49325 at NVD CVE-2022-49326 at SUSE CVE-2022-49326 at NVD CVE-2022-49327 at SUSE CVE-2022-49327 at NVD CVE-2022-49328 at SUSE CVE-2022-49328 at NVD CVE-2022-49329 at SUSE CVE-2022-49329 at NVD CVE-2022-49330 at SUSE CVE-2022-49330 at NVD CVE-2022-49331 at SUSE CVE-2022-49331 at NVD CVE-2022-49332 at SUSE CVE-2022-49332 at NVD CVE-2022-49333 at SUSE CVE-2022-49333 at NVD CVE-2022-49335 at SUSE CVE-2022-49335 at NVD CVE-2022-49336 at SUSE CVE-2022-49336 at NVD CVE-2022-49337 at SUSE CVE-2022-49337 at NVD CVE-2022-49338 at SUSE CVE-2022-49338 at NVD CVE-2022-49339 at SUSE CVE-2022-49339 at NVD CVE-2022-49341 at SUSE CVE-2022-49341 at NVD CVE-2022-49342 at SUSE CVE-2022-49342 at NVD CVE-2022-49343 at SUSE CVE-2022-49343 at NVD CVE-2022-49345 at SUSE CVE-2022-49345 at NVD CVE-2022-49346 at SUSE CVE-2022-49346 at NVD CVE-2022-49347 at SUSE CVE-2022-49347 at NVD CVE-2022-49348 at SUSE CVE-2022-49348 at NVD CVE-2022-49349 at SUSE CVE-2022-49349 at NVD CVE-2022-49350 at SUSE CVE-2022-49350 at NVD CVE-2022-49351 at SUSE CVE-2022-49351 at NVD CVE-2022-49352 at SUSE CVE-2022-49352 at NVD CVE-2022-49353 at SUSE CVE-2022-49353 at NVD CVE-2022-49354 at SUSE CVE-2022-49354 at NVD CVE-2022-49356 at SUSE CVE-2022-49356 at NVD CVE-2022-49357 at SUSE CVE-2022-49357 at NVD CVE-2022-49359 at SUSE CVE-2022-49359 at NVD CVE-2022-49362 at SUSE CVE-2022-49362 at NVD CVE-2022-49365 at SUSE CVE-2022-49365 at NVD CVE-2022-49367 at SUSE CVE-2022-49367 at NVD CVE-2022-49368 at SUSE CVE-2022-49368 at NVD CVE-2022-49370 at SUSE CVE-2022-49370 at NVD CVE-2022-49371 at SUSE CVE-2022-49371 at NVD CVE-2022-49373 at SUSE CVE-2022-49373 at NVD CVE-2022-49375 at SUSE CVE-2022-49375 at NVD CVE-2022-49376 at SUSE CVE-2022-49376 at NVD CVE-2022-49377 at SUSE CVE-2022-49377 at NVD CVE-2022-49378 at SUSE CVE-2022-49378 at NVD CVE-2022-49379 at SUSE CVE-2022-49379 at NVD CVE-2022-49381 at SUSE CVE-2022-49381 at NVD CVE-2022-49382 at SUSE CVE-2022-49382 at NVD CVE-2022-49384 at SUSE CVE-2022-49384 at NVD CVE-2022-49385 at SUSE CVE-2022-49385 at NVD CVE-2022-49386 at SUSE CVE-2022-49386 at NVD CVE-2022-49389 at SUSE CVE-2022-49389 at NVD CVE-2022-49390 at SUSE CVE-2022-49390 at NVD CVE-2022-49392 at SUSE CVE-2022-49392 at NVD CVE-2022-49394 at SUSE CVE-2022-49394 at NVD CVE-2022-49396 at SUSE CVE-2022-49396 at NVD CVE-2022-49397 at SUSE CVE-2022-49397 at NVD CVE-2022-49398 at SUSE CVE-2022-49398 at NVD CVE-2022-49399 at SUSE CVE-2022-49399 at NVD CVE-2022-49400 at SUSE CVE-2022-49400 at NVD CVE-2022-49402 at SUSE CVE-2022-49402 at NVD CVE-2022-49404 at SUSE CVE-2022-49404 at NVD CVE-2022-49406 at SUSE CVE-2022-49406 at NVD CVE-2022-49407 at SUSE CVE-2022-49407 at NVD CVE-2022-49409 at SUSE CVE-2022-49409 at NVD CVE-2022-49410 at SUSE CVE-2022-49410 at NVD CVE-2022-49411 at SUSE CVE-2022-49411 at NVD CVE-2022-49412 at SUSE CVE-2022-49412 at NVD CVE-2022-49413 at SUSE CVE-2022-49413 at NVD CVE-2022-49414 at SUSE CVE-2022-49414 at NVD CVE-2022-49416 at SUSE CVE-2022-49416 at NVD CVE-2022-49418 at SUSE CVE-2022-49418 at NVD CVE-2022-49419 at SUSE CVE-2022-49419 at NVD CVE-2022-49421 at SUSE CVE-2022-49421 at NVD CVE-2022-49422 at SUSE CVE-2022-49422 at NVD CVE-2022-49424 at SUSE CVE-2022-49424 at NVD CVE-2022-49426 at SUSE CVE-2022-49426 at NVD CVE-2022-49427 at SUSE CVE-2022-49427 at NVD CVE-2022-49429 at SUSE CVE-2022-49429 at NVD CVE-2022-49430 at SUSE CVE-2022-49430 at NVD CVE-2022-49431 at SUSE CVE-2022-49431 at NVD CVE-2022-49432 at SUSE CVE-2022-49432 at NVD CVE-2022-49433 at SUSE CVE-2022-49433 at NVD CVE-2022-49434 at SUSE CVE-2022-49434 at NVD CVE-2022-49435 at SUSE CVE-2022-49435 at NVD CVE-2022-49436 at SUSE CVE-2022-49436 at NVD CVE-2022-49437 at SUSE CVE-2022-49437 at NVD CVE-2022-49438 at SUSE CVE-2022-49438 at NVD CVE-2022-49440 at SUSE CVE-2022-49440 at NVD CVE-2022-49441 at SUSE CVE-2022-49441 at NVD CVE-2022-49442 at SUSE CVE-2022-49442 at NVD CVE-2022-49443 at SUSE CVE-2022-49443 at NVD CVE-2022-49444 at SUSE CVE-2022-49444 at NVD CVE-2022-49445 at SUSE CVE-2022-49445 at NVD CVE-2022-49446 at SUSE CVE-2022-49446 at NVD CVE-2022-49447 at SUSE CVE-2022-49447 at NVD CVE-2022-49448 at SUSE CVE-2022-49448 at NVD CVE-2022-49449 at SUSE CVE-2022-49449 at NVD CVE-2022-49451 at SUSE CVE-2022-49451 at NVD CVE-2022-49453 at SUSE CVE-2022-49453 at NVD CVE-2022-49455 at SUSE CVE-2022-49455 at NVD CVE-2022-49458 at SUSE CVE-2022-49458 at NVD CVE-2022-49459 at SUSE CVE-2022-49459 at NVD CVE-2022-49460 at SUSE CVE-2022-49460 at NVD CVE-2022-49462 at SUSE CVE-2022-49462 at NVD CVE-2022-49463 at SUSE CVE-2022-49463 at NVD CVE-2022-49465 at SUSE CVE-2022-49465 at NVD CVE-2022-49466 at SUSE CVE-2022-49466 at NVD CVE-2022-49467 at SUSE CVE-2022-49467 at NVD CVE-2022-49468 at SUSE CVE-2022-49468 at NVD CVE-2022-49470 at SUSE CVE-2022-49470 at NVD CVE-2022-49472 at SUSE CVE-2022-49472 at NVD CVE-2022-49473 at SUSE CVE-2022-49473 at NVD CVE-2022-49474 at SUSE CVE-2022-49474 at NVD CVE-2022-49475 at SUSE CVE-2022-49475 at NVD CVE-2022-49476 at SUSE CVE-2022-49476 at NVD CVE-2022-49477 at SUSE CVE-2022-49477 at NVD CVE-2022-49478 at SUSE CVE-2022-49478 at NVD CVE-2022-49479 at SUSE CVE-2022-49479 at NVD CVE-2022-49480 at SUSE CVE-2022-49480 at NVD CVE-2022-49481 at SUSE CVE-2022-49481 at NVD CVE-2022-49482 at SUSE CVE-2022-49482 at NVD CVE-2022-49483 at SUSE CVE-2022-49483 at NVD CVE-2022-49484 at SUSE CVE-2022-49484 at NVD CVE-2022-49485 at SUSE CVE-2022-49485 at NVD CVE-2022-49486 at SUSE CVE-2022-49486 at NVD CVE-2022-49487 at SUSE CVE-2022-49487 at NVD CVE-2022-49488 at SUSE CVE-2022-49488 at NVD CVE-2022-49489 at SUSE CVE-2022-49489 at NVD CVE-2022-49490 at SUSE CVE-2022-49490 at NVD CVE-2022-49491 at SUSE CVE-2022-49491 at NVD CVE-2022-49492 at SUSE CVE-2022-49492 at NVD CVE-2022-49493 at SUSE CVE-2022-49493 at NVD CVE-2022-49494 at SUSE CVE-2022-49494 at NVD CVE-2022-49495 at SUSE CVE-2022-49495 at NVD CVE-2022-49497 at SUSE CVE-2022-49497 at NVD CVE-2022-49498 at SUSE CVE-2022-49498 at NVD CVE-2022-49499 at SUSE CVE-2022-49499 at NVD CVE-2022-49501 at SUSE CVE-2022-49501 at NVD CVE-2022-49502 at SUSE CVE-2022-49502 at NVD CVE-2022-49503 at SUSE CVE-2022-49503 at NVD CVE-2022-49504 at SUSE CVE-2022-49504 at NVD CVE-2022-49505 at SUSE CVE-2022-49505 at NVD CVE-2022-49506 at SUSE CVE-2022-49506 at NVD CVE-2022-49507 at SUSE CVE-2022-49507 at NVD CVE-2022-49508 at SUSE CVE-2022-49508 at NVD CVE-2022-49509 at SUSE CVE-2022-49509 at NVD CVE-2022-49510 at SUSE CVE-2022-49510 at NVD CVE-2022-49511 at SUSE CVE-2022-49511 at NVD CVE-2022-49512 at SUSE CVE-2022-49512 at NVD CVE-2022-49514 at SUSE CVE-2022-49514 at NVD CVE-2022-49515 at SUSE CVE-2022-49515 at NVD CVE-2022-49516 at SUSE CVE-2022-49516 at NVD CVE-2022-49517 at SUSE CVE-2022-49517 at NVD CVE-2022-49518 at SUSE CVE-2022-49518 at NVD CVE-2022-49519 at SUSE CVE-2022-49519 at NVD CVE-2022-49520 at SUSE CVE-2022-49520 at NVD CVE-2022-49521 at SUSE CVE-2022-49521 at NVD CVE-2022-49522 at SUSE CVE-2022-49522 at NVD CVE-2022-49523 at SUSE CVE-2022-49523 at NVD CVE-2022-49524 at SUSE CVE-2022-49524 at NVD CVE-2022-49525 at SUSE CVE-2022-49525 at NVD CVE-2022-49526 at SUSE CVE-2022-49526 at NVD CVE-2022-49527 at SUSE CVE-2022-49527 at NVD CVE-2022-49529 at SUSE CVE-2022-49529 at NVD CVE-2022-49530 at SUSE CVE-2022-49530 at NVD CVE-2022-49532 at SUSE CVE-2022-49532 at NVD CVE-2022-49533 at SUSE CVE-2022-49533 at NVD CVE-2022-49534 at SUSE CVE-2022-49534 at NVD CVE-2022-49535 at SUSE CVE-2022-49535 at NVD CVE-2022-49536 at SUSE CVE-2022-49536 at NVD CVE-2022-49537 at SUSE CVE-2022-49537 at NVD CVE-2022-49538 at SUSE CVE-2022-49538 at NVD CVE-2022-49541 at SUSE CVE-2022-49541 at NVD CVE-2022-49542 at SUSE CVE-2022-49542 at NVD CVE-2022-49543 at SUSE CVE-2022-49543 at NVD CVE-2022-49544 at SUSE CVE-2022-49544 at NVD CVE-2022-49545 at SUSE CVE-2022-49545 at NVD CVE-2022-49546 at SUSE CVE-2022-49546 at NVD CVE-2022-49548 at SUSE CVE-2022-49548 at NVD CVE-2022-49549 at SUSE CVE-2022-49549 at NVD CVE-2022-49551 at SUSE CVE-2022-49551 at NVD CVE-2022-49552 at SUSE CVE-2022-49552 at NVD CVE-2022-49555 at SUSE CVE-2022-49555 at NVD CVE-2022-49556 at SUSE CVE-2022-49556 at NVD CVE-2022-49559 at SUSE CVE-2022-49559 at NVD CVE-2022-49560 at SUSE CVE-2022-49560 at NVD CVE-2022-49562 at SUSE CVE-2022-49562 at NVD CVE-2022-49563 at SUSE CVE-2022-49563 at NVD CVE-2022-49564 at SUSE CVE-2022-49564 at NVD CVE-2022-49565 at SUSE CVE-2022-49565 at NVD CVE-2022-49566 at SUSE CVE-2022-49566 at NVD CVE-2022-49568 at SUSE CVE-2022-49568 at NVD CVE-2022-49569 at SUSE CVE-2022-49569 at NVD CVE-2022-49570 at SUSE CVE-2022-49570 at NVD CVE-2022-49579 at SUSE CVE-2022-49579 at NVD CVE-2022-49581 at SUSE CVE-2022-49581 at NVD CVE-2022-49583 at SUSE CVE-2022-49583 at NVD CVE-2022-49584 at SUSE CVE-2022-49584 at NVD CVE-2022-49591 at SUSE CVE-2022-49591 at NVD CVE-2022-49592 at SUSE CVE-2022-49592 at NVD CVE-2022-49603 at SUSE CVE-2022-49603 at NVD CVE-2022-49605 at SUSE CVE-2022-49605 at NVD CVE-2022-49606 at SUSE CVE-2022-49606 at NVD CVE-2022-49607 at SUSE CVE-2022-49607 at NVD CVE-2022-49609 at SUSE CVE-2022-49609 at NVD CVE-2022-49610 at SUSE CVE-2022-49610 at NVD CVE-2022-49611 at SUSE CVE-2022-49611 at NVD CVE-2022-49613 at SUSE CVE-2022-49613 at NVD CVE-2022-49615 at SUSE CVE-2022-49615 at NVD CVE-2022-49616 at SUSE CVE-2022-49616 at NVD CVE-2022-49617 at SUSE CVE-2022-49617 at NVD CVE-2022-49618 at SUSE CVE-2022-49618 at NVD CVE-2022-49621 at SUSE CVE-2022-49621 at NVD CVE-2022-49623 at SUSE CVE-2022-49623 at NVD CVE-2022-49624 at SUSE CVE-2022-49624 at NVD CVE-2022-49625 at SUSE CVE-2022-49625 at NVD CVE-2022-49626 at SUSE CVE-2022-49626 at NVD CVE-2022-49627 at SUSE CVE-2022-49627 at NVD CVE-2022-49628 at SUSE CVE-2022-49628 at NVD CVE-2022-49631 at SUSE CVE-2022-49631 at NVD CVE-2022-49634 at SUSE CVE-2022-49634 at NVD CVE-2022-49635 at SUSE CVE-2022-49635 at NVD CVE-2022-49638 at SUSE CVE-2022-49638 at NVD CVE-2022-49640 at SUSE CVE-2022-49640 at NVD CVE-2022-49641 at SUSE CVE-2022-49641 at NVD CVE-2022-49642 at SUSE CVE-2022-49642 at NVD CVE-2022-49643 at SUSE CVE-2022-49643 at NVD CVE-2022-49644 at SUSE CVE-2022-49644 at NVD CVE-2022-49645 at SUSE CVE-2022-49645 at NVD CVE-2022-49646 at SUSE CVE-2022-49646 at NVD CVE-2022-49647 at SUSE CVE-2022-49647 at NVD CVE-2022-49648 at SUSE CVE-2022-49648 at NVD CVE-2022-49649 at SUSE CVE-2022-49649 at NVD CVE-2022-49650 at SUSE CVE-2022-49650 at NVD CVE-2022-49652 at SUSE CVE-2022-49652 at NVD CVE-2022-49653 at SUSE CVE-2022-49653 at NVD CVE-2022-49655 at SUSE CVE-2022-49655 at NVD CVE-2022-49656 at SUSE CVE-2022-49656 at NVD CVE-2022-49657 at SUSE CVE-2022-49657 at NVD CVE-2022-49658 at SUSE CVE-2022-49658 at NVD CVE-2022-49661 at SUSE CVE-2022-49661 at NVD CVE-2022-49663 at SUSE CVE-2022-49663 at NVD CVE-2022-49665 at SUSE CVE-2022-49665 at NVD CVE-2022-49667 at SUSE CVE-2022-49667 at NVD CVE-2022-49668 at SUSE CVE-2022-49668 at NVD CVE-2022-49670 at SUSE CVE-2022-49670 at NVD CVE-2022-49671 at SUSE CVE-2022-49671 at NVD CVE-2022-49672 at SUSE CVE-2022-49672 at NVD CVE-2022-49673 at SUSE CVE-2022-49673 at NVD CVE-2022-49674 at SUSE CVE-2022-49674 at NVD CVE-2022-49675 at SUSE CVE-2022-49675 at NVD CVE-2022-49676 at SUSE CVE-2022-49676 at NVD CVE-2022-49677 at SUSE CVE-2022-49677 at NVD CVE-2022-49678 at SUSE CVE-2022-49678 at NVD CVE-2022-49679 at SUSE CVE-2022-49679 at NVD CVE-2022-49680 at SUSE CVE-2022-49680 at NVD CVE-2022-49683 at SUSE CVE-2022-49683 at NVD CVE-2022-49685 at SUSE CVE-2022-49685 at NVD CVE-2022-49686 at SUSE CVE-2022-49686 at NVD CVE-2022-49687 at SUSE CVE-2022-49687 at NVD CVE-2022-49688 at SUSE CVE-2022-49688 at NVD CVE-2022-49693 at SUSE CVE-2022-49693 at NVD CVE-2022-49694 at SUSE CVE-2022-49694 at NVD CVE-2022-49695 at SUSE CVE-2022-49695 at NVD CVE-2022-49697 at SUSE CVE-2022-49697 at NVD CVE-2022-49699 at SUSE CVE-2022-49699 at NVD CVE-2022-49700 at SUSE CVE-2022-49700 at NVD CVE-2022-49701 at SUSE CVE-2022-49701 at NVD CVE-2022-49703 at SUSE CVE-2022-49703 at NVD CVE-2022-49704 at SUSE CVE-2022-49704 at NVD CVE-2022-49705 at SUSE CVE-2022-49705 at NVD CVE-2022-49707 at SUSE CVE-2022-49707 at NVD CVE-2022-49708 at SUSE CVE-2022-49708 at NVD CVE-2022-49710 at SUSE CVE-2022-49710 at NVD CVE-2022-49711 at SUSE CVE-2022-49711 at NVD CVE-2022-49712 at SUSE CVE-2022-49712 at NVD CVE-2022-49713 at SUSE CVE-2022-49713 at NVD CVE-2022-49714 at SUSE CVE-2022-49714 at NVD CVE-2022-49715 at SUSE CVE-2022-49715 at NVD CVE-2022-49716 at SUSE CVE-2022-49716 at NVD CVE-2022-49719 at SUSE CVE-2022-49719 at NVD CVE-2022-49720 at SUSE CVE-2022-49720 at NVD CVE-2022-49721 at SUSE CVE-2022-49721 at NVD CVE-2022-49722 at SUSE CVE-2022-49722 at NVD CVE-2022-49723 at SUSE CVE-2022-49723 at NVD CVE-2022-49724 at SUSE CVE-2022-49724 at NVD CVE-2022-49725 at SUSE CVE-2022-49725 at NVD CVE-2022-49726 at SUSE CVE-2022-49726 at NVD CVE-2022-49729 at SUSE CVE-2022-49729 at NVD CVE-2022-49730 at SUSE CVE-2022-49730 at NVD CVE-2022-49731 at SUSE CVE-2022-49731 at NVD CVE-2022-49732 at SUSE CVE-2022-49732 at NVD CVE-2022-49733 at SUSE CVE-2022-49733 at NVD CVE-2022-49739 at SUSE CVE-2022-49739 at NVD CVE-2022-49746 at SUSE CVE-2022-49746 at NVD CVE-2022-49748 at SUSE CVE-2022-49748 at NVD CVE-2022-49751 at SUSE CVE-2022-49751 at NVD CVE-2022-49753 at SUSE CVE-2022-49753 at NVD CVE-2022-49755 at SUSE CVE-2022-49755 at NVD CVE-2022-49759 at SUSE CVE-2022-49759 at NVD CVE-2023-0179 at SUSE CVE-2023-0179 at NVD CVE-2023-1652 at SUSE CVE-2023-1652 at NVD CVE-2023-2162 at SUSE CVE-2023-2162 at NVD CVE-2023-28410 at SUSE CVE-2023-28410 at NVD CVE-2023-3567 at SUSE CVE-2023-3567 at NVD CVE-2023-52930 at SUSE CVE-2023-52930 at NVD CVE-2023-52933 at SUSE CVE-2023-52933 at NVD CVE-2023-52935 at SUSE CVE-2023-52935 at NVD CVE-2023-52939 at SUSE CVE-2023-52939 at NVD CVE-2023-52941 at SUSE CVE-2023-52941 at NVD CVE-2023-52973 at SUSE CVE-2023-52973 at NVD CVE-2023-52974 at SUSE CVE-2023-52974 at NVD CVE-2023-52975 at SUSE CVE-2023-52975 at NVD CVE-2023-52976 at SUSE CVE-2023-52976 at NVD CVE-2023-52979 at SUSE CVE-2023-52979 at NVD CVE-2023-52983 at SUSE CVE-2023-52983 at NVD CVE-2023-52984 at SUSE CVE-2023-52984 at NVD CVE-2023-52988 at SUSE CVE-2023-52988 at NVD CVE-2023-52989 at SUSE CVE-2023-52989 at NVD CVE-2023-52992 at SUSE CVE-2023-52992 at NVD CVE-2023-52993 at SUSE CVE-2023-52993 at NVD CVE-2023-53000 at SUSE CVE-2023-53000 at NVD CVE-2023-53005 at SUSE CVE-2023-53005 at NVD CVE-2023-53006 at SUSE CVE-2023-53006 at NVD CVE-2023-53007 at SUSE CVE-2023-53007 at NVD CVE-2023-53008 at SUSE CVE-2023-53008 at NVD CVE-2023-53010 at SUSE CVE-2023-53010 at NVD CVE-2023-53015 at SUSE CVE-2023-53015 at NVD CVE-2023-53016 at SUSE CVE-2023-53016 at NVD CVE-2023-53019 at SUSE CVE-2023-53019 at NVD CVE-2023-53023 at SUSE CVE-2023-53023 at NVD CVE-2023-53024 at SUSE CVE-2023-53024 at NVD CVE-2023-53025 at SUSE CVE-2023-53025 at NVD CVE-2023-53026 at SUSE CVE-2023-53026 at NVD CVE-2023-53028 at SUSE CVE-2023-53028 at NVD CVE-2023-53029 at SUSE CVE-2023-53029 at NVD CVE-2023-53030 at SUSE CVE-2023-53030 at NVD CVE-2023-53033 at SUSE CVE-2023-53033 at NVD CVE-2024-26634 at SUSE CVE-2024-26634 at NVD CVE-2024-47678 at SUSE CVE-2024-47678 at NVD CVE-2024-50290 at SUSE CVE-2024-50290 at NVD CVE-2024-53063 at SUSE CVE-2024-53063 at NVD CVE-2024-53124 at SUSE CVE-2024-53124 at NVD CVE-2024-53176 at SUSE CVE-2024-53176 at NVD CVE-2024-53178 at SUSE CVE-2024-53178 at NVD CVE-2024-56651 at SUSE CVE-2024-56651 at NVD CVE-2024-57996 at SUSE CVE-2024-57996 at NVD CVE-2024-58013 at SUSE CVE-2024-58013 at NVD CVE-2024-58014 at SUSE CVE-2024-58014 at NVD CVE-2025-21693 at SUSE CVE-2025-21693 at NVD CVE-2025-21718 at SUSE CVE-2025-21718 at NVD CVE-2025-21772 at SUSE CVE-2025-21772 at NVD CVE-2025-21780 at SUSE CVE-2025-21780 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam (Moderate) SUSE Linux Enterprise Micro 5.5 This update for pam fixes the following issues: - CVE-2024-10041: sensitive data exposure while performing authentications. (bsc#1232234) Moderate SUSE bug 1232234 CVE-2024-10041 at SUSE CVE-2024-10041 at NVD cpe:/o:suse:sle-micro:5.5 Security update for haproxy (Moderate) SUSE Linux Enterprise Micro 5.5 This update for haproxy fixes the following issues: - CVE-2025-32464: Fixed heap-based buffer overflow in sample_conv_regsub. (bsc#1240971) Moderate SUSE bug 1240971 CVE-2025-32464 at SUSE CVE-2025-32464 at NVD cpe:/o:suse:sle-micro:5.5 Security update for containerd (Moderate) SUSE Linux Enterprise Micro 5.5 This update for containerd fixes the following issues: - CVE-2024-40635: Fixed integer overflow in User ID handling (bsc#1239749) Other fixes: - Update to containerd v1.7.27. Moderate SUSE bug 1239749 CVE-2024-40635 at SUSE CVE-2024-40635 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cifs-utils (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cifs-utils fixes the following issues: - CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments while trying to get Kerberos credentials (bsc#1239680) Moderate SUSE bug 1239680 CVE-2025-2312 at SUSE CVE-2025-2312 at NVD cpe:/o:suse:sle-micro:5.5 Security update for augeas (Low) SUSE Linux Enterprise Micro 5.5 This update for augeas fixes the following issues: - CVE-2025-2588: Check for NULL pointers when calling re_case_expand in function fa_expand_nocase. (bsc#1239909) Low SUSE bug 1239909 CVE-2025-2588 at SUSE CVE-2025-2588 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551) - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453) Moderate SUSE bug 1241453 SUSE bug 1241551 CVE-2025-32414 at SUSE CVE-2025-32414 at NVD CVE-2025-32415 at SUSE CVE-2025-32415 at NVD cpe:/o:suse:sle-micro:5.5 Security update for git (Important) SUSE Linux Enterprise Micro 5.5 This update for git fixes the following issues: - CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). - CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). Important SUSE bug 1235600 SUSE bug 1235601 CVE-2024-50349 at SUSE CVE-2024-50349 at NVD CVE-2024-52006 at SUSE CVE-2024-52006 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sqlite3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for sqlite3 fixes the following issues: - CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function (bsc#1241020) - CVE-2025-29088: Fixed integer overflow through the SQLITE_DBCONFIG_LOOKASIDE component (bsc#1241078) Other fixes: - Updated to version 3.49.1 from Factory (jsc#SLE-16032) Moderate SUSE bug 1241020 SUSE bug 1241078 SUSE bug 1241189 CVE-2025-29087 at SUSE CVE-2025-29087 at NVD CVE-2025-29088 at SUSE CVE-2025-29088 at NVD CVE-2025-3277 at SUSE CVE-2025-3277 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) - CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) - CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) - CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) - CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) - CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) - CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) - CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) Important SUSE bug 1240750 SUSE bug 1240752 SUSE bug 1240756 SUSE bug 1240757 SUSE bug 1241164 SUSE bug 1241222 SUSE bug 1241686 SUSE bug 1241688 CVE-2025-2784 at SUSE CVE-2025-2784 at NVD CVE-2025-32050 at SUSE CVE-2025-32050 at NVD CVE-2025-32052 at SUSE CVE-2025-32052 at NVD CVE-2025-32053 at SUSE CVE-2025-32053 at NVD CVE-2025-32907 at SUSE CVE-2025-32907 at NVD CVE-2025-32914 at SUSE CVE-2025-32914 at NVD CVE-2025-46420 at SUSE CVE-2025-46420 at NVD CVE-2025-46421 at SUSE CVE-2025-46421 at NVD cpe:/o:suse:sle-micro:5.5 Security update for apparmor (Moderate) SUSE Linux Enterprise Micro 5.5 This update for apparmor fixes the following issues: - Add dac_read_search capability for unix_chkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. (bsc#1241678) Moderate SUSE bug 1241678 CVE-2024-10041 at SUSE CVE-2024-10041 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssh (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssh fixes the following issues: - Security issues fixed: * CVE-2025-32728: Fixed a logic error in DisableForwarding option (bsc#1241012) - Other bugs fixed: * Allow KEX hashes greater than 256 bits (bsc#1241045) * Fixed hostname being left out of the audit output (bsc#1228634) * Fixed failures with very large MOTDs (bsc#1232533) Moderate SUSE bug 1228634 SUSE bug 1232533 SUSE bug 1241012 SUSE bug 1241045 CVE-2025-32728 at SUSE CVE-2025-32728 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Moderate) SUSE Linux Enterprise Micro 5.5 This update for helm fixes the following issues: help was updated to version 3.17.3: Helm v3.17.3 is a security (patch) release. Users are strongly recommended to update to this release. * Changelog - Unarchiving fix e4da497 (Matt Farina) Moderate cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with g_date_time_new_from_iso8601() (bsc#1240897) Moderate SUSE bug 1240897 CVE-2025-3360 at SUSE CVE-2025-3360 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48933: netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1229621). - CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981). - CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032). - CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493). - CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764). - CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910). - CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). - CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). - CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). - CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). - CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). - CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). - CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). - CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). - CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). - CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). - CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). - CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). - CVE-2025-39735: jfs: fix slab-out-of-bounds read in ea_get() (bsc#1241625). The following non-security bugs were fixed: - cpufreq: ACPI: Mark boost policy as enabled when setting boost (bsc#1236777). - cpufreq: Allow drivers to advertise boost enabled (bsc#1236777). - cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() (bsc#1236777). - cpufreq: Support per-policy performance boost (bsc#1236777). - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). - x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). - x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). Important SUSE bug 1054914 SUSE bug 1206843 SUSE bug 1210409 SUSE bug 1225903 SUSE bug 1229361 SUSE bug 1229621 SUSE bug 1230764 SUSE bug 1231103 SUSE bug 1231910 SUSE bug 1236777 SUSE bug 1237981 SUSE bug 1238032 SUSE bug 1238471 SUSE bug 1238512 SUSE bug 1238747 SUSE bug 1238865 SUSE bug 1239061 SUSE bug 1239684 SUSE bug 1239968 SUSE bug 1240209 SUSE bug 1240211 SUSE bug 1240214 SUSE bug 1240228 SUSE bug 1240230 SUSE bug 1240246 SUSE bug 1240248 SUSE bug 1240269 SUSE bug 1240271 SUSE bug 1240274 SUSE bug 1240285 SUSE bug 1240295 SUSE bug 1240306 SUSE bug 1240314 SUSE bug 1240315 SUSE bug 1240321 SUSE bug 1240747 SUSE bug 1240835 SUSE bug 1241280 SUSE bug 1241371 SUSE bug 1241421 SUSE bug 1241433 SUSE bug 1241541 SUSE bug 1241625 SUSE bug 1241648 SUSE bug 1242284 SUSE bug 1242493 SUSE bug 1242778 CVE-2021-47671 at SUSE CVE-2021-47671 at NVD CVE-2022-48933 at SUSE CVE-2022-48933 at NVD CVE-2022-49110 at SUSE CVE-2022-49110 at NVD CVE-2022-49139 at SUSE CVE-2022-49139 at NVD CVE-2022-49741 at SUSE CVE-2022-49741 at NVD CVE-2022-49745 at SUSE CVE-2022-49745 at NVD CVE-2022-49767 at SUSE CVE-2022-49767 at NVD CVE-2023-52928 at SUSE CVE-2023-52928 at NVD CVE-2023-52931 at SUSE CVE-2023-52931 at NVD CVE-2023-52936 at SUSE CVE-2023-52936 at NVD CVE-2023-52937 at SUSE CVE-2023-52937 at NVD CVE-2023-52938 at SUSE CVE-2023-52938 at NVD CVE-2023-52981 at SUSE CVE-2023-52981 at NVD CVE-2023-52982 at SUSE CVE-2023-52982 at NVD CVE-2023-52986 at SUSE CVE-2023-52986 at NVD CVE-2023-52994 at SUSE CVE-2023-52994 at NVD CVE-2023-53001 at SUSE CVE-2023-53001 at NVD CVE-2023-53002 at SUSE CVE-2023-53002 at NVD CVE-2023-53009 at SUSE CVE-2023-53009 at NVD CVE-2023-53014 at SUSE CVE-2023-53014 at NVD CVE-2023-53018 at SUSE CVE-2023-53018 at NVD CVE-2023-53031 at SUSE CVE-2023-53031 at NVD CVE-2023-53051 at SUSE CVE-2023-53051 at NVD CVE-2024-42307 at SUSE CVE-2024-42307 at NVD CVE-2024-46763 at SUSE CVE-2024-46763 at NVD CVE-2024-46865 at SUSE CVE-2024-46865 at NVD CVE-2024-50038 at SUSE CVE-2024-50038 at NVD CVE-2025-21726 at SUSE CVE-2025-21726 at NVD CVE-2025-21785 at SUSE CVE-2025-21785 at NVD CVE-2025-21791 at SUSE CVE-2025-21791 at NVD CVE-2025-21812 at SUSE CVE-2025-21812 at NVD CVE-2025-21839 at SUSE CVE-2025-21839 at NVD CVE-2025-22004 at SUSE CVE-2025-22004 at NVD CVE-2025-22020 at SUSE CVE-2025-22020 at NVD CVE-2025-22045 at SUSE CVE-2025-22045 at NVD CVE-2025-22055 at SUSE CVE-2025-22055 at NVD CVE-2025-22097 at SUSE CVE-2025-22097 at NVD CVE-2025-2312 at SUSE CVE-2025-2312 at NVD CVE-2025-23138 at SUSE CVE-2025-23138 at NVD CVE-2025-39735 at SUSE CVE-2025-39735 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48933: netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1229621). - CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981). - CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032). - CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493). - CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764). - CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910). - CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). - CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). - CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). - CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). - CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061). - CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). - CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). - CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). - CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). - CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). - CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684). - CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648). - CVE-2025-39735: jfs: fix slab-out-of-bounds read in ea_get() (bsc#1241625). The following non-security bugs were fixed: - cpufreq: ACPI: Mark boost policy as enabled when setting boost (bsc#1236777). - cpufreq: Allow drivers to advertise boost enabled (bsc#1236777). - cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() (bsc#1236777). - cpufreq: Support per-policy performance boost (bsc#1236777). - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). - x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). - x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). Important SUSE bug 1054914 SUSE bug 1206843 SUSE bug 1210409 SUSE bug 1225903 SUSE bug 1229361 SUSE bug 1229621 SUSE bug 1230764 SUSE bug 1231103 SUSE bug 1231910 SUSE bug 1236777 SUSE bug 1237981 SUSE bug 1238032 SUSE bug 1238471 SUSE bug 1238512 SUSE bug 1238747 SUSE bug 1238865 SUSE bug 1239061 SUSE bug 1239684 SUSE bug 1239968 SUSE bug 1240209 SUSE bug 1240211 SUSE bug 1240214 SUSE bug 1240228 SUSE bug 1240230 SUSE bug 1240246 SUSE bug 1240248 SUSE bug 1240269 SUSE bug 1240271 SUSE bug 1240274 SUSE bug 1240285 SUSE bug 1240295 SUSE bug 1240306 SUSE bug 1240314 SUSE bug 1240315 SUSE bug 1240321 SUSE bug 1240747 SUSE bug 1240835 SUSE bug 1241280 SUSE bug 1241371 SUSE bug 1241421 SUSE bug 1241433 SUSE bug 1241541 SUSE bug 1241625 SUSE bug 1241648 SUSE bug 1242284 SUSE bug 1242493 SUSE bug 1242778 CVE-2021-47671 at SUSE CVE-2021-47671 at NVD CVE-2022-48933 at SUSE CVE-2022-48933 at NVD CVE-2022-49110 at SUSE CVE-2022-49110 at NVD CVE-2022-49139 at SUSE CVE-2022-49139 at NVD CVE-2022-49741 at SUSE CVE-2022-49741 at NVD CVE-2022-49745 at SUSE CVE-2022-49745 at NVD CVE-2022-49767 at SUSE CVE-2022-49767 at NVD CVE-2023-52928 at SUSE CVE-2023-52928 at NVD CVE-2023-52931 at SUSE CVE-2023-52931 at NVD CVE-2023-52936 at SUSE CVE-2023-52936 at NVD CVE-2023-52937 at SUSE CVE-2023-52937 at NVD CVE-2023-52938 at SUSE CVE-2023-52938 at NVD CVE-2023-52981 at SUSE CVE-2023-52981 at NVD CVE-2023-52982 at SUSE CVE-2023-52982 at NVD CVE-2023-52986 at SUSE CVE-2023-52986 at NVD CVE-2023-52994 at SUSE CVE-2023-52994 at NVD CVE-2023-53001 at SUSE CVE-2023-53001 at NVD CVE-2023-53002 at SUSE CVE-2023-53002 at NVD CVE-2023-53009 at SUSE CVE-2023-53009 at NVD CVE-2023-53014 at SUSE CVE-2023-53014 at NVD CVE-2023-53018 at SUSE CVE-2023-53018 at NVD CVE-2023-53031 at SUSE CVE-2023-53031 at NVD CVE-2023-53051 at SUSE CVE-2023-53051 at NVD CVE-2024-42307 at SUSE CVE-2024-42307 at NVD CVE-2024-46763 at SUSE CVE-2024-46763 at NVD CVE-2024-46865 at SUSE CVE-2024-46865 at NVD CVE-2024-50038 at SUSE CVE-2024-50038 at NVD CVE-2025-21726 at SUSE CVE-2025-21726 at NVD CVE-2025-21785 at SUSE CVE-2025-21785 at NVD CVE-2025-21791 at SUSE CVE-2025-21791 at NVD CVE-2025-21812 at SUSE CVE-2025-21812 at NVD CVE-2025-21839 at SUSE CVE-2025-21839 at NVD CVE-2025-22004 at SUSE CVE-2025-22004 at NVD CVE-2025-22020 at SUSE CVE-2025-22020 at NVD CVE-2025-22045 at SUSE CVE-2025-22045 at NVD CVE-2025-22055 at SUSE CVE-2025-22055 at NVD CVE-2025-22097 at SUSE CVE-2025-22097 at NVD CVE-2025-2312 at SUSE CVE-2025-2312 at NVD CVE-2025-23138 at SUSE CVE-2025-23138 at NVD CVE-2025-39735 at SUSE CVE-2025-39735 at NVD cpe:/o:suse:sle-micro:5.5 Security update for rsync (Important) SUSE Linux Enterprise Micro 5.5 This update for rsync fixes the following issues: - CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) - CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) - CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) - CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) - CVE-2024-12747: Fixed a race condition in rsync handling symbolic links. (bsc#1235475) Important SUSE bug 1234101 SUSE bug 1234102 SUSE bug 1234103 SUSE bug 1234104 SUSE bug 1235475 SUSE bug 1235895 CVE-2024-12085 at SUSE CVE-2024-12085 at NVD CVE-2024-12086 at SUSE CVE-2024-12086 at NVD CVE-2024-12087 at SUSE CVE-2024-12087 at NVD CVE-2024-12088 at SUSE CVE-2024-12088 at NVD CVE-2024-12747 at SUSE CVE-2024-12747 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250512 release (bsc#1243123) - CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. - CVE-2025-20103: Insufficient resource pool in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. - CVE-2025-20054: Uncaught exception in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access. - CVE-2024-43420: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom processors may allow an authenticated user to potentially enable information disclosure via local access. - CVE-2025-20623: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Core processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. - CVE-2024-45332: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access. - CVE-2025-24495: Incorrect initialization of resource in the branch prediction unit for some Intel Core Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. - CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. - Updates for functional issues. - New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2) | ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2) | GNR-AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6 | LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor - Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100 | CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile | CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2 | CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile | CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10 | CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10 | CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile | CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile | CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3 | EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5 | GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3 | MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11 | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores | TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile | TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile Moderate SUSE bug 1243123 CVE-2024-28956 at SUSE CVE-2024-28956 at NVD CVE-2024-43420 at SUSE CVE-2024-43420 at NVD CVE-2024-45332 at SUSE CVE-2024-45332 at NVD CVE-2025-20012 at SUSE CVE-2025-20012 at NVD CVE-2025-20054 at SUSE CVE-2025-20054 at NVD CVE-2025-20103 at SUSE CVE-2025-20103 at NVD CVE-2025-20623 at SUSE CVE-2025-20623 at NVD CVE-2025-24495 at SUSE CVE-2025-24495 at NVD cpe:/o:suse:sle-micro:5.5 Security update for open-vm-tools (Moderate) SUSE Linux Enterprise Micro 5.5 This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: - CVE-2025-22247: Fixed Insecure file handling (bsc#1243106) Other fixes: - Fixed GCC 15 compile time error (bsc#1241938) - Fixed building with containerd 1.7.25+ (bsc#1237147) - Ensure vmtoolsd.service and vgauthd.service are set to enabled by default (bsc#1237180) Full changelog: https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/ReleaseNotes.md https://github.com/vmware/open-vm-tools/blob/stable-12.5.2/open-vm-tools/ChangeLog Moderate SUSE bug 1237147 SUSE bug 1237180 SUSE bug 1241938 SUSE bug 1243106 CVE-2025-22247 at SUSE CVE-2025-22247 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-tornado (Important) SUSE Linux Enterprise Micro 5.5 This update for python-tornado fixes the following issues: - CVE-2025-47287: excessive logging when parsing malformed `multipart/form-data` can lead to a denial-of-service (bsc#1243268). Important SUSE bug 1243268 CVE-2025-47287 at SUSE CVE-2025-47287 at NVD cpe:/o:suse:sle-micro:5.5 Security update for iputils (Moderate) SUSE Linux Enterprise Micro 5.5 This update for iputils fixes the following issues: - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300) Moderate SUSE bug 1242300 CVE-2025-47268 at SUSE CVE-2025-47268 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Important) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: Security issues fixed: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LD_LIBRARY_PATH (bsc#1243317). Other issues fixed: - Multi-threaded application hang due to deadlock when `pthread_cond_signal` fails to wake up `pthread_cond_wait` as a consequence of a bug related to stealing of signals (bsc#1234128). Important SUSE bug 1234128 SUSE bug 1243317 CVE-2025-4802 at SUSE CVE-2025-4802 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3-setuptools (Important) SUSE Linux Enterprise Micro 5.5 This update for python3-setuptools fixes the following issues: - CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). Important SUSE bug 1243313 CVE-2025-47273 at SUSE CVE-2025-47273 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection (ITS) (XSA-469) (bsc#1243117) - CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks (XSA-466) (bsc#1234282) - CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device pass-through (XSA-467) (bsc#1238043) Moderate SUSE bug 1234282 SUSE bug 1238043 SUSE bug 1243117 CVE-2024-28956 at SUSE CVE-2024-28956 at NVD CVE-2024-53241 at SUSE CVE-2024-53241 at NVD CVE-2025-1713 at SUSE CVE-2025-1713 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2025-4948: Fixed integer underflow in soup_multipart_new_from_message() leading to denial of service (bsc#1243332) - CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak (bsc#1243423) - CVE-2025-32906: Fixed out of bounds reads in soup_headers_parse_request() (bsc#1241263) - CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) - CVE-2025-32910: Fixed null pointer deference on client when server omits the realm parameter in an Unauthorized response with Digest authentication (bsc#1241252) - CVE-2025-32911: Fixed double free on soup_message_headers_get_content_disposition() via 'params'. (bsc#1241238) - CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) - CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) Important SUSE bug 1241162 SUSE bug 1241214 SUSE bug 1241226 SUSE bug 1241238 SUSE bug 1241252 SUSE bug 1241263 SUSE bug 1243332 SUSE bug 1243423 CVE-2025-32906 at SUSE CVE-2025-32906 at NVD CVE-2025-32909 at SUSE CVE-2025-32909 at NVD CVE-2025-32910 at SUSE CVE-2025-32910 at NVD CVE-2025-32911 at SUSE CVE-2025-32911 at NVD CVE-2025-32912 at SUSE CVE-2025-32912 at NVD CVE-2025-32913 at SUSE CVE-2025-32913 at NVD CVE-2025-4948 at SUSE CVE-2025-4948 at NVD CVE-2025-4969 at SUSE CVE-2025-4969 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sysstat (Moderate) SUSE Linux Enterprise Micro 5.5 This update for sysstat fixes the following issues: - CVE-2023-33204: Fixed a multiplication integer overflow in check_overflow in common.c (bsc#1211507) - CVE-2022-39377: Fixed arithmetic overflow in allocate_structures() (bsc#1205224) Moderate SUSE bug 1202473 SUSE bug 1205224 SUSE bug 1211507 CVE-2022-39377 at SUSE CVE-2022-39377 at NVD CVE-2023-33204 at SUSE CVE-2023-33204 at NVD cpe:/o:suse:sle-micro:5.5 Security update for dhcp (Moderate) SUSE Linux Enterprise Micro 5.5 This update for dhcp fixes the following issues: - Fixed dhcp not starting in case group nogroup is missing (bsc#1192020) Moderate SUSE bug 1192020 cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245). - CVE-2024-53168: net: make sock_inuse_add() available (bsc#1234887). - CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1235100). - CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). - CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525). - CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596). - CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762). The following non-security bugs were fixed: - Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (bsc#1243737). - Remove debug flavor (bsc#1243919). - arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778). - arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778). - arm64: insn: Add support for encoding DSB (bsc#1242778). - arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778). - arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778). - arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778). - hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (bsc#1243737). - hv_netvsc: Remove rmsg_pgcnt (bsc#1243737). - hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (bsc#1243737). - mtd: phram: Add the kernel lock down check (bsc#1232649). - net :mana :Add remaining GDMA stats for MANA to ethtool (bsc#1234395). - net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (bsc#1234395). - net: mana: Add gdma stats to ethtool output for mana (bsc#1234395). - nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (bsc#1223096). - ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes). - powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531). - scsi: core: Fix unremoved procfs host directory regression (git-fixes). - tcp: Dump bound-only sockets in inet_diag (bsc#1204562). - tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870). - tpm: tis: Double the timeout B to 4s (bsc#1235870). - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). - x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). - x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). Important SUSE bug 1184350 SUSE bug 1193629 SUSE bug 1204562 SUSE bug 1204569 SUSE bug 1204619 SUSE bug 1204705 SUSE bug 1205282 SUSE bug 1206051 SUSE bug 1206073 SUSE bug 1206649 SUSE bug 1206843 SUSE bug 1206886 SUSE bug 1206887 SUSE bug 1207361 SUSE bug 1208105 SUSE bug 1208542 SUSE bug 1209292 SUSE bug 1209556 SUSE bug 1209684 SUSE bug 1209780 SUSE bug 1209980 SUSE bug 1210337 SUSE bug 1210763 SUSE bug 1210767 SUSE bug 1211465 SUSE bug 1213012 SUSE bug 1213013 SUSE bug 1213094 SUSE bug 1213096 SUSE bug 1213233 SUSE bug 1213946 SUSE bug 1214991 SUSE bug 1218470 SUSE bug 1222629 SUSE bug 1223096 SUSE bug 1225903 SUSE bug 1232649 SUSE bug 1234395 SUSE bug 1234887 SUSE bug 1235100 SUSE bug 1235870 SUSE bug 1240802 SUSE bug 1241525 SUSE bug 1242146 SUSE bug 1242147 SUSE bug 1242150 SUSE bug 1242151 SUSE bug 1242154 SUSE bug 1242157 SUSE bug 1242158 SUSE bug 1242160 SUSE bug 1242164 SUSE bug 1242165 SUSE bug 1242169 SUSE bug 1242215 SUSE bug 1242217 SUSE bug 1242218 SUSE bug 1242219 SUSE bug 1242222 SUSE bug 1242224 SUSE bug 1242226 SUSE bug 1242227 SUSE bug 1242228 SUSE bug 1242229 SUSE bug 1242230 SUSE bug 1242231 SUSE bug 1242232 SUSE bug 1242237 SUSE bug 1242239 SUSE bug 1242240 SUSE bug 1242241 SUSE bug 1242244 SUSE bug 1242245 SUSE bug 1242248 SUSE bug 1242249 SUSE bug 1242261 SUSE bug 1242264 SUSE bug 1242265 SUSE bug 1242270 SUSE bug 1242276 SUSE bug 1242278 SUSE bug 1242279 SUSE bug 1242280 SUSE bug 1242281 SUSE bug 1242282 SUSE bug 1242285 SUSE bug 1242286 SUSE bug 1242289 SUSE bug 1242294 SUSE bug 1242295 SUSE bug 1242298 SUSE bug 1242302 SUSE bug 1242305 SUSE bug 1242311 SUSE bug 1242312 SUSE bug 1242320 SUSE bug 1242338 SUSE bug 1242349 SUSE bug 1242351 SUSE bug 1242352 SUSE bug 1242353 SUSE bug 1242355 SUSE bug 1242357 SUSE bug 1242358 SUSE bug 1242359 SUSE bug 1242360 SUSE bug 1242361 SUSE bug 1242365 SUSE bug 1242366 SUSE bug 1242369 SUSE bug 1242370 SUSE bug 1242371 SUSE bug 1242372 SUSE bug 1242377 SUSE bug 1242378 SUSE bug 1242380 SUSE bug 1242381 SUSE bug 1242382 SUSE bug 1242385 SUSE bug 1242387 SUSE bug 1242389 SUSE bug 1242391 SUSE bug 1242392 SUSE bug 1242393 SUSE bug 1242394 SUSE bug 1242398 SUSE bug 1242399 SUSE bug 1242400 SUSE bug 1242402 SUSE bug 1242403 SUSE bug 1242405 SUSE bug 1242406 SUSE bug 1242409 SUSE bug 1242410 SUSE bug 1242411 SUSE bug 1242415 SUSE bug 1242416 SUSE bug 1242421 SUSE bug 1242422 SUSE bug 1242425 SUSE bug 1242426 SUSE bug 1242428 SUSE bug 1242440 SUSE bug 1242443 SUSE bug 1242448 SUSE bug 1242449 SUSE bug 1242452 SUSE bug 1242453 SUSE bug 1242454 SUSE bug 1242455 SUSE bug 1242456 SUSE bug 1242458 SUSE bug 1242464 SUSE bug 1242465 SUSE bug 1242467 SUSE bug 1242469 SUSE bug 1242473 SUSE bug 1242474 SUSE bug 1242478 SUSE bug 1242481 SUSE bug 1242484 SUSE bug 1242489 SUSE bug 1242497 SUSE bug 1242527 SUSE bug 1242542 SUSE bug 1242544 SUSE bug 1242545 SUSE bug 1242547 SUSE bug 1242548 SUSE bug 1242549 SUSE bug 1242550 SUSE bug 1242551 SUSE bug 1242558 SUSE bug 1242570 SUSE bug 1242580 SUSE bug 1242586 SUSE bug 1242589 SUSE bug 1242596 SUSE bug 1242597 SUSE bug 1242685 SUSE bug 1242686 SUSE bug 1242688 SUSE bug 1242689 SUSE bug 1242695 SUSE bug 1242716 SUSE bug 1242733 SUSE bug 1242734 SUSE bug 1242735 SUSE bug 1242736 SUSE bug 1242739 SUSE bug 1242740 SUSE bug 1242743 SUSE bug 1242744 SUSE bug 1242745 SUSE bug 1242746 SUSE bug 1242747 SUSE bug 1242748 SUSE bug 1242749 SUSE bug 1242751 SUSE bug 1242752 SUSE bug 1242753 SUSE bug 1242756 SUSE bug 1242759 SUSE bug 1242762 SUSE bug 1242765 SUSE bug 1242767 SUSE bug 1242778 SUSE bug 1242779 SUSE bug 1242790 SUSE bug 1242791 SUSE bug 1243047 SUSE bug 1243133 SUSE bug 1243737 SUSE bug 1243919 CVE-2022-3564 at SUSE CVE-2022-3564 at NVD CVE-2022-3619 at SUSE CVE-2022-3619 at NVD CVE-2022-3640 at SUSE CVE-2022-3640 at NVD CVE-2022-49762 at SUSE CVE-2022-49762 at NVD CVE-2022-49763 at SUSE CVE-2022-49763 at NVD CVE-2022-49769 at SUSE CVE-2022-49769 at NVD CVE-2022-49770 at SUSE CVE-2022-49770 at NVD CVE-2022-49771 at SUSE CVE-2022-49771 at NVD CVE-2022-49772 at SUSE CVE-2022-49772 at NVD CVE-2022-49773 at SUSE CVE-2022-49773 at NVD CVE-2022-49775 at SUSE CVE-2022-49775 at NVD CVE-2022-49776 at SUSE CVE-2022-49776 at NVD CVE-2022-49777 at SUSE CVE-2022-49777 at NVD CVE-2022-49779 at SUSE CVE-2022-49779 at NVD CVE-2022-49781 at SUSE CVE-2022-49781 at NVD CVE-2022-49783 at SUSE CVE-2022-49783 at NVD CVE-2022-49784 at SUSE CVE-2022-49784 at NVD CVE-2022-49786 at SUSE CVE-2022-49786 at NVD CVE-2022-49787 at SUSE CVE-2022-49787 at NVD CVE-2022-49788 at SUSE CVE-2022-49788 at NVD CVE-2022-49789 at SUSE CVE-2022-49789 at NVD CVE-2022-49790 at SUSE CVE-2022-49790 at NVD CVE-2022-49792 at SUSE CVE-2022-49792 at NVD CVE-2022-49793 at SUSE CVE-2022-49793 at NVD CVE-2022-49794 at SUSE CVE-2022-49794 at NVD CVE-2022-49795 at SUSE CVE-2022-49795 at NVD CVE-2022-49796 at SUSE CVE-2022-49796 at NVD CVE-2022-49797 at SUSE CVE-2022-49797 at NVD CVE-2022-49799 at SUSE CVE-2022-49799 at NVD CVE-2022-49800 at SUSE CVE-2022-49800 at NVD CVE-2022-49801 at SUSE CVE-2022-49801 at NVD CVE-2022-49802 at SUSE CVE-2022-49802 at NVD CVE-2022-49807 at SUSE CVE-2022-49807 at NVD CVE-2022-49809 at SUSE CVE-2022-49809 at NVD CVE-2022-49810 at SUSE CVE-2022-49810 at NVD CVE-2022-49812 at SUSE CVE-2022-49812 at NVD CVE-2022-49813 at SUSE CVE-2022-49813 at NVD CVE-2022-49818 at SUSE CVE-2022-49818 at NVD CVE-2022-49821 at SUSE CVE-2022-49821 at NVD CVE-2022-49822 at SUSE CVE-2022-49822 at NVD CVE-2022-49823 at SUSE CVE-2022-49823 at NVD CVE-2022-49824 at SUSE CVE-2022-49824 at NVD CVE-2022-49825 at SUSE CVE-2022-49825 at NVD CVE-2022-49826 at SUSE CVE-2022-49826 at NVD CVE-2022-49827 at SUSE CVE-2022-49827 at NVD CVE-2022-49830 at SUSE CVE-2022-49830 at NVD CVE-2022-49832 at SUSE CVE-2022-49832 at NVD CVE-2022-49834 at SUSE CVE-2022-49834 at NVD CVE-2022-49835 at SUSE CVE-2022-49835 at NVD CVE-2022-49836 at SUSE CVE-2022-49836 at NVD CVE-2022-49837 at SUSE CVE-2022-49837 at NVD CVE-2022-49839 at SUSE CVE-2022-49839 at NVD CVE-2022-49841 at SUSE CVE-2022-49841 at NVD CVE-2022-49842 at SUSE CVE-2022-49842 at NVD CVE-2022-49845 at SUSE CVE-2022-49845 at NVD CVE-2022-49846 at SUSE CVE-2022-49846 at NVD CVE-2022-49850 at SUSE CVE-2022-49850 at NVD CVE-2022-49853 at SUSE CVE-2022-49853 at NVD CVE-2022-49858 at SUSE CVE-2022-49858 at NVD CVE-2022-49860 at SUSE CVE-2022-49860 at NVD CVE-2022-49861 at SUSE CVE-2022-49861 at NVD CVE-2022-49863 at SUSE CVE-2022-49863 at NVD CVE-2022-49864 at SUSE CVE-2022-49864 at NVD CVE-2022-49865 at SUSE CVE-2022-49865 at NVD CVE-2022-49868 at SUSE CVE-2022-49868 at NVD CVE-2022-49869 at SUSE CVE-2022-49869 at NVD CVE-2022-49870 at SUSE CVE-2022-49870 at NVD CVE-2022-49871 at SUSE CVE-2022-49871 at NVD CVE-2022-49874 at SUSE CVE-2022-49874 at NVD CVE-2022-49879 at SUSE CVE-2022-49879 at NVD CVE-2022-49880 at SUSE CVE-2022-49880 at NVD CVE-2022-49881 at SUSE CVE-2022-49881 at NVD CVE-2022-49885 at SUSE CVE-2022-49885 at NVD CVE-2022-49886 at SUSE CVE-2022-49886 at NVD CVE-2022-49887 at SUSE CVE-2022-49887 at NVD CVE-2022-49888 at SUSE CVE-2022-49888 at NVD CVE-2022-49889 at SUSE CVE-2022-49889 at NVD CVE-2022-49890 at SUSE CVE-2022-49890 at NVD CVE-2022-49891 at SUSE CVE-2022-49891 at NVD CVE-2022-49892 at SUSE CVE-2022-49892 at NVD CVE-2022-49900 at SUSE CVE-2022-49900 at NVD CVE-2022-49901 at SUSE CVE-2022-49901 at NVD CVE-2022-49902 at SUSE CVE-2022-49902 at NVD CVE-2022-49905 at SUSE CVE-2022-49905 at NVD CVE-2022-49906 at SUSE CVE-2022-49906 at NVD CVE-2022-49908 at SUSE CVE-2022-49908 at NVD CVE-2022-49909 at SUSE CVE-2022-49909 at NVD CVE-2022-49910 at SUSE CVE-2022-49910 at NVD CVE-2022-49915 at SUSE CVE-2022-49915 at NVD CVE-2022-49916 at SUSE CVE-2022-49916 at NVD CVE-2022-49917 at SUSE CVE-2022-49917 at NVD CVE-2022-49918 at SUSE CVE-2022-49918 at NVD CVE-2022-49921 at SUSE CVE-2022-49921 at NVD CVE-2022-49922 at SUSE CVE-2022-49922 at NVD CVE-2022-49923 at SUSE CVE-2022-49923 at NVD CVE-2022-49924 at SUSE CVE-2022-49924 at NVD CVE-2022-49925 at SUSE CVE-2022-49925 at NVD CVE-2022-49927 at SUSE CVE-2022-49927 at NVD CVE-2022-49928 at SUSE CVE-2022-49928 at NVD CVE-2022-49929 at SUSE CVE-2022-49929 at NVD CVE-2022-49931 at SUSE CVE-2022-49931 at NVD CVE-2023-1990 at SUSE CVE-2023-1990 at NVD CVE-2023-28866 at SUSE CVE-2023-28866 at NVD CVE-2023-53035 at SUSE CVE-2023-53035 at NVD CVE-2023-53036 at SUSE CVE-2023-53036 at NVD CVE-2023-53038 at SUSE CVE-2023-53038 at NVD CVE-2023-53039 at SUSE CVE-2023-53039 at NVD CVE-2023-53040 at SUSE CVE-2023-53040 at NVD CVE-2023-53041 at SUSE CVE-2023-53041 at NVD CVE-2023-53042 at SUSE CVE-2023-53042 at NVD CVE-2023-53044 at SUSE CVE-2023-53044 at NVD CVE-2023-53045 at SUSE CVE-2023-53045 at NVD CVE-2023-53049 at SUSE CVE-2023-53049 at NVD CVE-2023-53052 at SUSE CVE-2023-53052 at NVD CVE-2023-53054 at SUSE CVE-2023-53054 at NVD CVE-2023-53056 at SUSE CVE-2023-53056 at NVD CVE-2023-53057 at SUSE CVE-2023-53057 at NVD CVE-2023-53058 at SUSE CVE-2023-53058 at NVD CVE-2023-53059 at SUSE CVE-2023-53059 at NVD CVE-2023-53060 at SUSE CVE-2023-53060 at NVD CVE-2023-53062 at SUSE CVE-2023-53062 at NVD CVE-2023-53064 at SUSE CVE-2023-53064 at NVD CVE-2023-53065 at SUSE CVE-2023-53065 at NVD CVE-2023-53066 at SUSE CVE-2023-53066 at NVD CVE-2023-53068 at SUSE CVE-2023-53068 at NVD CVE-2023-53070 at SUSE CVE-2023-53070 at NVD CVE-2023-53071 at SUSE CVE-2023-53071 at NVD CVE-2023-53073 at SUSE CVE-2023-53073 at NVD CVE-2023-53074 at SUSE CVE-2023-53074 at NVD CVE-2023-53075 at SUSE CVE-2023-53075 at NVD CVE-2023-53077 at SUSE CVE-2023-53077 at NVD CVE-2023-53078 at SUSE CVE-2023-53078 at NVD CVE-2023-53079 at SUSE CVE-2023-53079 at NVD CVE-2023-53081 at SUSE CVE-2023-53081 at NVD CVE-2023-53082 at SUSE CVE-2023-53082 at NVD CVE-2023-53084 at SUSE CVE-2023-53084 at NVD CVE-2023-53087 at SUSE CVE-2023-53087 at NVD CVE-2023-53089 at SUSE CVE-2023-53089 at NVD CVE-2023-53090 at SUSE CVE-2023-53090 at NVD CVE-2023-53091 at SUSE CVE-2023-53091 at NVD CVE-2023-53092 at SUSE CVE-2023-53092 at NVD CVE-2023-53093 at SUSE CVE-2023-53093 at NVD CVE-2023-53095 at SUSE CVE-2023-53095 at NVD CVE-2023-53096 at SUSE CVE-2023-53096 at NVD CVE-2023-53098 at SUSE CVE-2023-53098 at NVD CVE-2023-53099 at SUSE CVE-2023-53099 at NVD CVE-2023-53100 at SUSE CVE-2023-53100 at NVD CVE-2023-53101 at SUSE CVE-2023-53101 at NVD CVE-2023-53102 at SUSE CVE-2023-53102 at NVD CVE-2023-53105 at SUSE CVE-2023-53105 at NVD CVE-2023-53106 at SUSE CVE-2023-53106 at NVD CVE-2023-53108 at SUSE CVE-2023-53108 at NVD CVE-2023-53109 at SUSE CVE-2023-53109 at NVD CVE-2023-53111 at SUSE CVE-2023-53111 at NVD CVE-2023-53112 at SUSE CVE-2023-53112 at NVD CVE-2023-53114 at SUSE CVE-2023-53114 at NVD CVE-2023-53116 at SUSE CVE-2023-53116 at NVD CVE-2023-53118 at SUSE CVE-2023-53118 at NVD CVE-2023-53119 at SUSE CVE-2023-53119 at NVD CVE-2023-53123 at SUSE CVE-2023-53123 at NVD CVE-2023-53124 at SUSE CVE-2023-53124 at NVD CVE-2023-53125 at SUSE CVE-2023-53125 at NVD CVE-2023-53128 at SUSE CVE-2023-53128 at NVD CVE-2023-53131 at SUSE CVE-2023-53131 at NVD CVE-2023-53134 at SUSE CVE-2023-53134 at NVD CVE-2023-53137 at SUSE CVE-2023-53137 at NVD CVE-2023-53139 at SUSE CVE-2023-53139 at NVD CVE-2023-53140 at SUSE CVE-2023-53140 at NVD CVE-2023-53142 at SUSE CVE-2023-53142 at NVD CVE-2023-53143 at SUSE CVE-2023-53143 at NVD CVE-2023-53145 at SUSE CVE-2023-53145 at NVD CVE-2024-26804 at SUSE CVE-2024-26804 at NVD CVE-2024-53168 at SUSE CVE-2024-53168 at NVD CVE-2024-56558 at SUSE CVE-2024-56558 at NVD CVE-2025-21999 at SUSE CVE-2025-21999 at NVD CVE-2025-22056 at SUSE CVE-2025-22056 at NVD CVE-2025-23145 at SUSE CVE-2025-23145 at NVD CVE-2025-37789 at SUSE CVE-2025-37789 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-requests (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-requests fixes the following issues: - CVE-2024-47081: fixed netrc credential leak (bsc#1244039). Moderate SUSE bug 1244039 CVE-2024-47081 at SUSE CVE-2024-47081 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam_u2f (Important) SUSE Linux Enterprise Micro 5.5 This update for pam_u2f fixes the following issues: - CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()` (bsc#1233517) Important SUSE bug 1233517 SUSE bug 1235961 CVE-2025-23013 at SUSE CVE-2025-23013 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). - CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). - CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). - CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). - CVE-2023-33951: Fixed a race condition that could have led to an information disclosure inside the vmwgfx driver (bsc#1211593). - CVE-2023-33952: Fixed a double free that could have led to a local privilege escalation inside the vmwgfx driver (bsc#1211595). - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). - CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). - CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). - CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). - CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). - CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). - CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). - CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). - CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). - CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). - CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). - CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). - CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). - CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). - CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). - CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469). - CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467). - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). - CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). - CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). - CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). - CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). - CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464). - CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). - CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). - CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). - CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). - CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). - CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). - CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). - CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). - CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). - CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). - CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). - CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). - CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). - CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). - CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). - CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). - CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). - CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). - CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). - CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: - ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) - Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes). - Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) - KVM: x86: fix sending PV IPI (git-fixes). - NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes). - NFSD: Fix nfsd4_shutdown_copy() (git-fixes). - NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). - NFSD: Prevent a potential integer overflow (git-fixes). - NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes). - PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). - RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes) - README: Clean-up trailing whitespace - SUNRPC: make sure cache entry active before cache_show (git-fixes). - amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). - arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) - arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes). - arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes). - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes). - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes). - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). - autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). - autofs: use flexible array in ioctl structure (git-fixes). - devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). - devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). - dma-fence: Fix reference leak on fence merge failure path (git-fixes). - dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). - dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). - drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). - drm/v3d: Enable Performance Counters before clearing them (git-fixes). - exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). - fixup 'rpm: support gz and zst compression methods' once more (bsc#1190428, bsc#1190358) Fixes: 3b8c4d9bcc24 ('rpm: support gz and zst compression methods') Fixes: 23510fce36ec ('fixup 'rpm: support gz and zst compression methods'') - hfsplus: do not query the device logical block size multiple times (git-fixes). - idpf: add support for SW triggered interrupts (bsc#1235507). - idpf: enable WB_ON_ITR (bsc#1235507). - idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). - ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). - jffs2: Fix rtime decompressor (git-fixes). - jffs2: Prevent rtime decompress memory corruption (git-fixes). - jffs2: fix use of uninitialized variable (git-fixes). - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes). - jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). - jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). - jfs: fix shift-out-of-bounds in dbSplit (git-fixes). - jfs: xattr: check invalid xattr size more strictly (git-fixes). - kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth - kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. - kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). - memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). - mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). - mmc: core: Further prevent card detect during shutdown (git-fixes). - net/ipv6: release expired exception dst cached in socket (bsc#1216813). - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). - nfsd: make sure exp active before svc_export_show (git-fixes). - nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). - nfsd: restore callback functionality for NFSv4.0 (git-fixes). - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). - nilfs2: prevent use of deleted inode (git-fixes). - ocfs2: uncache inode which has failed entering the group (bsc#1234087). - phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). - platform/x86: Add AMD system management interface (jsc#PED-1295). - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes). - pwm: tegra: Improve required rate calculation (jsc#PED-1763). - regmap: detach regmap from dev on regmap_exit (git-fixes). - rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression - scatterlist: fix incorrect func name in kernel-doc (git-fixes). - scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo - scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). - serial: tegra: Read DMA status before terminating (jsc#PED-1763). - smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. - spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). - sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git-fixes). - supported.conf: add bsc1185010 dependency - supported.conf: hyperv_drm (jsc#sle-19733) - svcrdma: Address an integer overflow (git-fixes). - svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes). - tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) - ubifs: Correct the total block count by deducting journal reservation (git-fixes). - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes). - udf: Handle error when adding extent to a file (bsc#1234437). - udf: refactor udf_current_aext() to handle error (bsc#1234240). - udf: refactor udf_next_aext() to handle error (bsc#1234241). - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). - usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes). - x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). - x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). - x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). - x86/fpu: Remove unused supervisor only offsets (git-fixes). - x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). - x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). - x86/mce: Allow instrumentation during task work queueing (git-fixes). - x86/mce: Mark mce_end() noinstr (git-fixes). - x86/mce: Mark mce_panic() noinstr (git-fixes). - x86/mce: Mark mce_read_aux() noinstr (git-fixes). - x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes). - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (bsc#1214635). - x86/sgx: Free backing memory after faulting the enclave page (git-fixes). - x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes). - x86/uaccess: Move variable into switch case statement (git-fixes). - x86: Annotate call_on_stack() (git-fixes). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - zonefs: fix zone report size in __zonefs_io_error() (git-fixes). Important SUSE bug 1170891 SUSE bug 1173139 SUSE bug 1185010 SUSE bug 1190358 SUSE bug 1190428 SUSE bug 1203332 SUSE bug 1205521 SUSE bug 1209288 SUSE bug 1209798 SUSE bug 1211593 SUSE bug 1211595 SUSE bug 1214635 SUSE bug 1215304 SUSE bug 1215523 SUSE bug 1216813 SUSE bug 1216909 SUSE bug 1219608 SUSE bug 1222878 SUSE bug 1223044 SUSE bug 1225758 SUSE bug 1225820 SUSE bug 1226694 SUSE bug 1228190 SUSE bug 1229809 SUSE bug 1230422 SUSE bug 1230697 SUSE bug 1231388 SUSE bug 1231453 SUSE bug 1231854 SUSE bug 1232045 SUSE bug 1232157 SUSE bug 1232166 SUSE bug 1232419 SUSE bug 1232436 SUSE bug 1232472 SUSE bug 1232823 SUSE bug 1233038 SUSE bug 1233050 SUSE bug 1233070 SUSE bug 1233096 SUSE bug 1233127 SUSE bug 1233200 SUSE bug 1233239 SUSE bug 1233324 SUSE bug 1233467 SUSE bug 1233468 SUSE bug 1233469 SUSE bug 1233485 SUSE bug 1233547 SUSE bug 1233550 SUSE bug 1233558 SUSE bug 1233564 SUSE bug 1233568 SUSE bug 1233637 SUSE bug 1233642 SUSE bug 1233701 SUSE bug 1233769 SUSE bug 1233837 SUSE bug 1234072 SUSE bug 1234073 SUSE bug 1234075 SUSE bug 1234076 SUSE bug 1234077 SUSE bug 1234087 SUSE bug 1234120 SUSE bug 1234156 SUSE bug 1234219 SUSE bug 1234220 SUSE bug 1234240 SUSE bug 1234241 SUSE bug 1234281 SUSE bug 1234282 SUSE bug 1234294 SUSE bug 1234338 SUSE bug 1234357 SUSE bug 1234437 SUSE bug 1234464 SUSE bug 1234605 SUSE bug 1234639 SUSE bug 1234650 SUSE bug 1234727 SUSE bug 1234811 SUSE bug 1234827 SUSE bug 1234834 SUSE bug 1234843 SUSE bug 1234846 SUSE bug 1234853 SUSE bug 1234856 SUSE bug 1234891 SUSE bug 1234912 SUSE bug 1234920 SUSE bug 1234921 SUSE bug 1234960 SUSE bug 1234963 SUSE bug 1234971 SUSE bug 1234973 SUSE bug 1235004 SUSE bug 1235035 SUSE bug 1235037 SUSE bug 1235039 SUSE bug 1235054 SUSE bug 1235056 SUSE bug 1235061 SUSE bug 1235073 SUSE bug 1235220 SUSE bug 1235224 SUSE bug 1235246 SUSE bug 1235507 CVE-2021-47202 at SUSE CVE-2021-47202 at NVD CVE-2022-36280 at SUSE CVE-2022-36280 at NVD CVE-2022-48742 at SUSE CVE-2022-48742 at NVD CVE-2022-49033 at SUSE CVE-2022-49033 at NVD CVE-2022-49035 at SUSE CVE-2022-49035 at NVD CVE-2023-1382 at SUSE CVE-2023-1382 at NVD CVE-2023-33951 at SUSE CVE-2023-33951 at NVD CVE-2023-33952 at SUSE CVE-2023-33952 at NVD CVE-2023-52920 at SUSE CVE-2023-52920 at NVD CVE-2024-24860 at SUSE CVE-2024-24860 at NVD CVE-2024-26886 at SUSE CVE-2024-26886 at NVD CVE-2024-26924 at SUSE CVE-2024-26924 at NVD CVE-2024-36915 at SUSE CVE-2024-36915 at NVD CVE-2024-42232 at SUSE CVE-2024-42232 at NVD CVE-2024-44934 at SUSE CVE-2024-44934 at NVD CVE-2024-47666 at SUSE CVE-2024-47666 at NVD CVE-2024-47678 at SUSE CVE-2024-47678 at NVD CVE-2024-49944 at SUSE CVE-2024-49944 at NVD CVE-2024-49952 at SUSE CVE-2024-49952 at NVD CVE-2024-50018 at SUSE CVE-2024-50018 at NVD CVE-2024-50143 at SUSE CVE-2024-50143 at NVD CVE-2024-50154 at SUSE CVE-2024-50154 at NVD CVE-2024-50166 at SUSE CVE-2024-50166 at NVD CVE-2024-50181 at SUSE CVE-2024-50181 at NVD CVE-2024-50202 at SUSE CVE-2024-50202 at NVD CVE-2024-50211 at SUSE CVE-2024-50211 at NVD CVE-2024-50256 at SUSE CVE-2024-50256 at NVD CVE-2024-50262 at SUSE CVE-2024-50262 at NVD CVE-2024-50278 at SUSE CVE-2024-50278 at NVD CVE-2024-50279 at SUSE CVE-2024-50279 at NVD CVE-2024-50280 at SUSE CVE-2024-50280 at NVD CVE-2024-50296 at SUSE CVE-2024-50296 at NVD CVE-2024-53051 at SUSE CVE-2024-53051 at NVD CVE-2024-53055 at SUSE CVE-2024-53055 at NVD CVE-2024-53056 at SUSE CVE-2024-53056 at NVD CVE-2024-53064 at SUSE CVE-2024-53064 at NVD CVE-2024-53072 at SUSE CVE-2024-53072 at NVD CVE-2024-53090 at SUSE CVE-2024-53090 at NVD CVE-2024-53095 at SUSE CVE-2024-53095 at NVD CVE-2024-53101 at SUSE CVE-2024-53101 at NVD CVE-2024-53113 at SUSE CVE-2024-53113 at NVD CVE-2024-53114 at SUSE CVE-2024-53114 at NVD CVE-2024-53119 at SUSE CVE-2024-53119 at NVD CVE-2024-53120 at SUSE CVE-2024-53120 at NVD CVE-2024-53122 at SUSE CVE-2024-53122 at NVD CVE-2024-53125 at SUSE CVE-2024-53125 at NVD CVE-2024-53130 at SUSE CVE-2024-53130 at NVD CVE-2024-53131 at SUSE CVE-2024-53131 at NVD CVE-2024-53142 at SUSE CVE-2024-53142 at NVD CVE-2024-53146 at SUSE CVE-2024-53146 at NVD CVE-2024-53150 at SUSE CVE-2024-53150 at NVD CVE-2024-53156 at SUSE CVE-2024-53156 at NVD CVE-2024-53157 at SUSE CVE-2024-53157 at NVD CVE-2024-53158 at SUSE CVE-2024-53158 at NVD CVE-2024-53161 at SUSE CVE-2024-53161 at NVD CVE-2024-53162 at SUSE CVE-2024-53162 at NVD CVE-2024-53173 at SUSE CVE-2024-53173 at NVD CVE-2024-53179 at SUSE CVE-2024-53179 at NVD CVE-2024-53206 at SUSE CVE-2024-53206 at NVD CVE-2024-53210 at SUSE CVE-2024-53210 at NVD CVE-2024-53213 at SUSE CVE-2024-53213 at NVD CVE-2024-53214 at SUSE CVE-2024-53214 at NVD CVE-2024-53239 at SUSE CVE-2024-53239 at NVD CVE-2024-53240 at SUSE CVE-2024-53240 at NVD CVE-2024-53241 at SUSE CVE-2024-53241 at NVD CVE-2024-56539 at SUSE CVE-2024-56539 at NVD CVE-2024-56548 at SUSE CVE-2024-56548 at NVD CVE-2024-56549 at SUSE CVE-2024-56549 at NVD CVE-2024-56570 at SUSE CVE-2024-56570 at NVD CVE-2024-56571 at SUSE CVE-2024-56571 at NVD CVE-2024-56575 at SUSE CVE-2024-56575 at NVD CVE-2024-56598 at SUSE CVE-2024-56598 at NVD CVE-2024-56604 at SUSE CVE-2024-56604 at NVD CVE-2024-56605 at SUSE CVE-2024-56605 at NVD CVE-2024-56619 at SUSE CVE-2024-56619 at NVD CVE-2024-56755 at SUSE CVE-2024-56755 at NVD CVE-2024-8805 at SUSE CVE-2024-8805 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam (Important) SUSE Linux Enterprise Micro 5.5 This update for pam fixes the following issues: - CVE-2025-6018: pam_env: Change the default to not read the user .pam_environment file (bsc#1243226). - CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path to operate on file descriptors instead of absolute path (bsc#1244509). Important SUSE bug 1243226 SUSE bug 1244509 CVE-2025-6018 at SUSE CVE-2025-6018 at NVD CVE-2025-6020 at SUSE CVE-2025-6020 at NVD cpe:/o:suse:sle-micro:5.5 Security update for screen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for screen fixes the following issues: Security issues fixed: - CVE-2025-46802: temporary `chmod` of a user's TTY to mode 0666 when attempting to attach to a multi-user session allows for TTY hijacking (bsc#1242269). Other issues fixed: - Use TTY file descriptor passing after a suspend (`MSG_CONT`). - Fix resume after suspend in multi-user mode. Moderate SUSE bug 1242269 CVE-2025-46802 at SUSE CVE-2025-46802 at NVD cpe:/o:suse:sle-micro:5.5 Security update for perl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for perl fixes the following issues: - CVE-2025-40909: Do not change the current directory when cloning an open directory handle (bsc#1244079). Moderate SUSE bug 1244079 CVE-2025-40909 at SUSE CVE-2025-40909 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam_pkcs11 (Important) SUSE Linux Enterprise Micro 5.5 This update for pam_pkcs11 fixes the following issues: - CVE-2025-6018: Removes pam_env from auth stack for security reason (bsc#1243226). Important SUSE bug 1243226 CVE-2025-6018 at SUSE CVE-2025-6018 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libblockdev (Important) SUSE Linux Enterprise Micro 5.5 This update for libblockdev fixes the following issues: - CVE-2025-6019: Suppress privilege escalation during xfs fs resize (bsc#1243285). Important SUSE bug 1243285 CVE-2025-6019 at SUSE CVE-2025-6019 at NVD cpe:/o:suse:sle-micro:5.5 Security update for nvidia-open-driver-G06-signed (Important) SUSE Linux Enterprise Micro 5.5 This update for nvidia-open-driver-G06-signed fixes the following issues: - Update to 550.144.03 (bsc#1235461, bsc#1235871) * fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869 Important SUSE bug 1235461 SUSE bug 1235871 CVE-2024-0131 at SUSE CVE-2024-0131 at NVD CVE-2024-0147 at SUSE CVE-2024-0147 at NVD CVE-2024-0149 at SUSE CVE-2024-0149 at NVD CVE-2024-0150 at SUSE CVE-2024-0150 at NVD CVE-2024-53869 at SUSE CVE-2024-53869 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam-config (Important) SUSE Linux Enterprise Micro 5.5 This update for pam-config fixes the following issues: - CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put this module at the really end of the SESSION stack (bsc#1243226). Important SUSE bug 1243226 CVE-2025-6018 at SUSE CVE-2025-6018 at NVD cpe:/o:suse:sle-micro:5.5 Recommended update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - Added patch to remove using rw as a default mount option (bsc#1239776) Moderate SUSE bug 1239776 CVE-2024-6104 at SUSE CVE-2024-6104 at NVD CVE-2025-22869 at SUSE CVE-2025-22869 at NVD CVE-2025-27144 at SUSE CVE-2025-27144 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ignition (Important) SUSE Linux Enterprise Micro 5.5 This update for ignition fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239192). Important SUSE bug 1239192 CVE-2025-22868 at SUSE CVE-2025-22868 at NVD cpe:/o:suse:sle-micro:5.5 Security update for clamav (Important) SUSE Linux Enterprise Micro 5.5 This update for clamav fixes the following issues: ClamAV version 1.4.3: - CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability (bsc#1245054). - CVE-2025-20234: Vulnerability in Universal Disk Format (UDF) processing (bsc#1245055). Other bugfixes: - Fix a race condition between the mockup servers started by different test cases in freshclam_test.py (bsc#1243565) Important SUSE bug 1243565 SUSE bug 1245054 SUSE bug 1245055 CVE-2025-20234 at SUSE CVE-2025-20234 at NVD CVE-2025-20260 at SUSE CVE-2025-20260 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm fixes the following issues: Update to version 3.18.3: * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0 6838ebc (dependabot[bot]) * fix: user username password for login 5b9e2f6 (Terry Howe) * Update pkg/registry/transport.go 2782412 (Terry Howe) * Update pkg/registry/transport.go e66cf6a (Terry Howe) * fix: add debug logging to oci transport 191f05c (Terry Howe) Update to version 3.18.2: * fix: legacy docker support broken for login 04cad46 (Terry Howe) * Handle an empty registry config file. bc9f8a2 (Matt Farina) Update to version 3.18.1: * Notes: - This release fixes regressions around template generation and OCI registry interaction in 3.18.0 - There are at least 2 known regressions unaddressed in this release. They are being worked on. - Empty registry configuration files. When the file exists but it is empty. - Login to Docker Hub on some domains fails. * Changelog - fix(client): skipnode utilization for PreCopy - fix(client): layers now returns manifest - remove duplicate from descriptors - fix(client): return nil on non-allowed media types - Prevent fetching newReference again as we have in calling method - Prevent failure when resolving version tags in oras memory store - Update pkg/plugin/plugin.go - Update pkg/plugin/plugin.go - Wait for Helm v4 before raising when platformCommand and Command are set - Fix 3.18.0 regression: registry login with scheme - Revert 'fix (helm) : toToml` renders int as float [ backport to v3 ]' Update to version 3.18.0 (bsc#1241802, CVE-2025-22872): * Notable Changes - Add support for JSON Schema 2020 - Enabled cpu and memory profiling - Add hook annotation to output hook logs to client on error * Changelog - build(deps): bump the k8s-io group with 7 updates - fix: govulncheck workflow - bump version to v3.18.0 - fix:add proxy support when mTLS configured - docs: Note about http fallback for OCI registries - Bump net package to avoid CVE on dev-v3 - Bump toml - backport #30677to dev3 - build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to 1.8.0 - Add install test for TakeOwnership flag - Fix --take-ownership - build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to 1.7.2 - build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0 - build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0 - Testing text bump - Permit more Go version and not only 1.23.8 - Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3 to 3.0.0 - Unarchiving fix - Fix typo - Report as debug log, the time spent waiting for resources - build(deps): bump github.com/containerd/containerd from 1.7.26 to 1.7.27 - Update pkg/registry/fallback.go - automatic fallback to http - chore(oci): upgrade to ORAS v2 - Updating to 0.37.0 for x/net - build(deps): bump the k8s-io group with 7 updates - build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0 - build(deps): bump github.com/opencontainers/image-spec - build(deps): bump github.com/containerd/containerd from 1.7.25 to 1.7.26 - build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0 - Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3 - Add HookOutputFunc and generic yaml unmarshaller - clarify fix error message - fix err check - add short circuit return - Add hook annotations to output pod logs to client on success and fail - chore: use []error instead of []string - Update cmd/helm/profiling.go - chore: update profiling doc in CONTRIBUTING.md - Update CONTRIBUTING guide - Prefer environment variables to CLI flags - Move pprof paths to HELM_PPROF env variable - feat: Add flags to enable CPU and memory profiling - build(deps): bump github.com/distribution/distribution/v3 - build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 - Moving to SetOut and SetErr for Cobra - build(deps): bump the k8s-io group with 7 updates - build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0 - build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0 - build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 - build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6 - build(deps): bump github.com/cyphar/filepath-securejoin - build(deps): bump github.com/evanphx/json-patch - build(deps): bump the k8s-io group with 7 updates - fix: check group for resource info match - Bump github.com/cyphar/filepath-securejoin from 0.3.6 to 0.4.0 - add test for nullifying nested global value - Ensuring the file paths are clean prior to passing to securejoin - Bump github.com/containerd/containerd from 1.7.24 to 1.7.25 - Bump golang.org/x/crypto from 0.31.0 to 0.32.0 - Bump golang.org/x/term from 0.27.0 to 0.28.0 - bump version to v3.17.0 - Bump github.com/moby/term from 0.5.0 to 0.5.2 - Add test case for removing an entire object - Tests for bugfix: Override subcharts with null values #12879 - feat: Added multi-platform plugin hook support to v3 - This commit fixes the issue where the yaml.Unmarshaller converts all int values into float64, this passes in option to decoder, which enables conversion of int into . - merge null child chart objects Important SUSE bug 1241802 CVE-2025-22872 at SUSE CVE-2025-22872 at NVD cpe:/o:suse:sle-micro:5.5 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (Moderate) SUSE Linux Enterprise Micro 5.5 This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: - Drop packages: iptables, lsscsi and socat - rebuild against current GO Moderate cpe:/o:suse:sle-micro:5.5 Security update for google-osconfig-agent (Important) SUSE Linux Enterprise Micro 5.5 This update for google-osconfig-agent fixes the following issues: - Update to version 20250416.02 (bsc#1244304, bsc#1244503) * defaultSleeper: tolerate 10% difference to reduce test flakiness * Add output of some packagemanagers to the testdata - from version 20250416.01 * Refactor OS Info package - from version 20250416.00 * Report RPM inventory as YUM instead of empty SoftwarePackage when neither Zypper nor YUM are installed. - from version 20250414.00 * Update hash computation algorithm - Update to version 20250320.00 * Bump github.com/envoyproxy/protoc-gen-validate from 1.1.0 to 1.2.1 - from version 20250318.00 * Bump go.opentelemetry.io/otel/sdk/metric from 1.32.0 to 1.35.0 - from version 20250317.02 * Bump cel.dev/expr from 0.18.0 to 0.22.0 * Bump github.com/golang/glog from 1.2.3 to 1.2.4 in the go_modules group - from version 20250317.01 * Bump cloud.google.com/go/logging from 1.12.0 to 1.13.0 - from version 20250317.00 * Add tests for retryutil package. - from version 20250306.00 * Update OWNERS - from version 20250206.01 * Use separate counters for pre- and post-patch reboots. - from version 20250206.00 * Update owners - from version 20250203.00 * Fix the vet errors for contants in logging - from version 20250122.00 * change available package check - from version 20250121.00 * Fix Inventory reporting e2e tests. - from version 20250120.00 * fix e2e tests - Add -buildmode=pie to go build command line (bsc#1239948) - merged upstream - Renumber patches Important SUSE bug 1239948 SUSE bug 1244304 SUSE bug 1244503 CVE-2024-45339 at SUSE CVE-2024-45339 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: - Install nbdkit-server to avoid pulling unneeded dependencies - rebuild against current GO Moderate cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245). - CVE-2024-53168: net: make sock_inuse_add() available (bsc#1234887). - CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1235100). - CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). - CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525). - CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596). - CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762). - CVE-2024-28956: x86/its: Add support for ITS-safe indirect thunk (bsc#1242006). - CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). The following non-security bugs were fixed: - Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (bsc#1243737). - Move upstreamed sched/membarrier patch into sorted section - Remove debug flavor (bsc#1243919). This is only released in Leap, and we do not have Leap 15.4 anymore. - Remove debug flavor (bsc#1243919). This is only released in Leap, and we do not have Leap 15.5 anymore. - Use gcc-13 for build on SLE16 (jsc#PED-10028). - arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778). - arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778). - arm64: insn: Add support for encoding DSB (bsc#1242778). - arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778). - arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778). - arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778). - hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (bsc#1243737). - hv_netvsc: Remove rmsg_pgcnt (bsc#1243737). - hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (bsc#1243737). - mtd: phram: Add the kernel lock down check (bsc#1232649). - net :mana :Add remaining GDMA stats for MANA to ethtool (bsc#1234395). - net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (bsc#1234395). - net: mana: Add gdma stats to ethtool output for mana (bsc#1234395). - nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (bsc#1223096). - ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes). - powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531). - rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038). - rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) - rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454) - rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303) - rpm/release-projects: Update the ALP projects again (bsc#1231293). - rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570) - scsi: core: Fix unremoved procfs host directory regression (git-fixes). - tcp: Dump bound-only sockets in inet_diag (bsc#1204562). - tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870). - tpm: tis: Double the timeout B to 4s (bsc#1235870). - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778). - x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778). - x86/bpf: Call branch history clearing sequence on exit (bsc#1242778). Important SUSE bug 1184350 SUSE bug 1193629 SUSE bug 1204562 SUSE bug 1204569 SUSE bug 1204619 SUSE bug 1204705 SUSE bug 1205282 SUSE bug 1206051 SUSE bug 1206073 SUSE bug 1206649 SUSE bug 1206843 SUSE bug 1206886 SUSE bug 1206887 SUSE bug 1207361 SUSE bug 1208105 SUSE bug 1208542 SUSE bug 1209292 SUSE bug 1209556 SUSE bug 1209684 SUSE bug 1209780 SUSE bug 1209980 SUSE bug 1210337 SUSE bug 1210763 SUSE bug 1210767 SUSE bug 1211465 SUSE bug 1213012 SUSE bug 1213013 SUSE bug 1213094 SUSE bug 1213096 SUSE bug 1213233 SUSE bug 1213946 SUSE bug 1214991 SUSE bug 1218470 SUSE bug 1222629 SUSE bug 1223096 SUSE bug 1225903 SUSE bug 1228659 SUSE bug 1231293 SUSE bug 1232649 SUSE bug 1234395 SUSE bug 1234454 SUSE bug 1234887 SUSE bug 1235100 SUSE bug 1235870 SUSE bug 1238303 SUSE bug 1238570 SUSE bug 1239986 SUSE bug 1240785 SUSE bug 1240802 SUSE bug 1241038 SUSE bug 1241525 SUSE bug 1241640 SUSE bug 1242006 SUSE bug 1242146 SUSE bug 1242147 SUSE bug 1242150 SUSE bug 1242151 SUSE bug 1242154 SUSE bug 1242157 SUSE bug 1242158 SUSE bug 1242160 SUSE bug 1242164 SUSE bug 1242165 SUSE bug 1242169 SUSE bug 1242215 SUSE bug 1242217 SUSE bug 1242218 SUSE bug 1242219 SUSE bug 1242222 SUSE bug 1242224 SUSE bug 1242226 SUSE bug 1242227 SUSE bug 1242228 SUSE bug 1242229 SUSE bug 1242230 SUSE bug 1242231 SUSE bug 1242232 SUSE bug 1242237 SUSE bug 1242239 SUSE bug 1242240 SUSE bug 1242241 SUSE bug 1242244 SUSE bug 1242245 SUSE bug 1242248 SUSE bug 1242249 SUSE bug 1242261 SUSE bug 1242264 SUSE bug 1242265 SUSE bug 1242270 SUSE bug 1242276 SUSE bug 1242278 SUSE bug 1242279 SUSE bug 1242280 SUSE bug 1242281 SUSE bug 1242282 SUSE bug 1242285 SUSE bug 1242286 SUSE bug 1242289 SUSE bug 1242294 SUSE bug 1242295 SUSE bug 1242298 SUSE bug 1242302 SUSE bug 1242305 SUSE bug 1242311 SUSE bug 1242312 SUSE bug 1242320 SUSE bug 1242338 SUSE bug 1242349 SUSE bug 1242351 SUSE bug 1242352 SUSE bug 1242353 SUSE bug 1242355 SUSE bug 1242357 SUSE bug 1242358 SUSE bug 1242359 SUSE bug 1242360 SUSE bug 1242361 SUSE bug 1242365 SUSE bug 1242366 SUSE bug 1242369 SUSE bug 1242370 SUSE bug 1242371 SUSE bug 1242372 SUSE bug 1242377 SUSE bug 1242378 SUSE bug 1242380 SUSE bug 1242381 SUSE bug 1242382 SUSE bug 1242385 SUSE bug 1242387 SUSE bug 1242389 SUSE bug 1242391 SUSE bug 1242392 SUSE bug 1242393 SUSE bug 1242394 SUSE bug 1242398 SUSE bug 1242399 SUSE bug 1242400 SUSE bug 1242402 SUSE bug 1242403 SUSE bug 1242405 SUSE bug 1242406 SUSE bug 1242409 SUSE bug 1242410 SUSE bug 1242411 SUSE bug 1242415 SUSE bug 1242416 SUSE bug 1242421 SUSE bug 1242422 SUSE bug 1242425 SUSE bug 1242426 SUSE bug 1242428 SUSE bug 1242440 SUSE bug 1242443 SUSE bug 1242448 SUSE bug 1242449 SUSE bug 1242452 SUSE bug 1242453 SUSE bug 1242454 SUSE bug 1242455 SUSE bug 1242456 SUSE bug 1242458 SUSE bug 1242464 SUSE bug 1242465 SUSE bug 1242467 SUSE bug 1242469 SUSE bug 1242473 SUSE bug 1242474 SUSE bug 1242478 SUSE bug 1242481 SUSE bug 1242484 SUSE bug 1242489 SUSE bug 1242497 SUSE bug 1242527 SUSE bug 1242542 SUSE bug 1242544 SUSE bug 1242545 SUSE bug 1242547 SUSE bug 1242548 SUSE bug 1242549 SUSE bug 1242550 SUSE bug 1242551 SUSE bug 1242558 SUSE bug 1242570 SUSE bug 1242580 SUSE bug 1242586 SUSE bug 1242589 SUSE bug 1242596 SUSE bug 1242597 SUSE bug 1242685 SUSE bug 1242686 SUSE bug 1242688 SUSE bug 1242689 SUSE bug 1242695 SUSE bug 1242716 SUSE bug 1242733 SUSE bug 1242734 SUSE bug 1242735 SUSE bug 1242736 SUSE bug 1242739 SUSE bug 1242740 SUSE bug 1242743 SUSE bug 1242744 SUSE bug 1242745 SUSE bug 1242746 SUSE bug 1242747 SUSE bug 1242748 SUSE bug 1242749 SUSE bug 1242751 SUSE bug 1242752 SUSE bug 1242753 SUSE bug 1242756 SUSE bug 1242759 SUSE bug 1242762 SUSE bug 1242765 SUSE bug 1242767 SUSE bug 1242778 SUSE bug 1242779 SUSE bug 1242790 SUSE bug 1242791 SUSE bug 1243047 SUSE bug 1243133 SUSE bug 1243737 SUSE bug 1243919 CVE-2022-3564 at SUSE CVE-2022-3564 at NVD CVE-2022-3619 at SUSE CVE-2022-3619 at NVD CVE-2022-3640 at SUSE CVE-2022-3640 at NVD CVE-2022-49762 at SUSE CVE-2022-49762 at NVD CVE-2022-49763 at SUSE CVE-2022-49763 at NVD CVE-2022-49769 at SUSE CVE-2022-49769 at NVD CVE-2022-49770 at SUSE CVE-2022-49770 at NVD CVE-2022-49771 at SUSE CVE-2022-49771 at NVD CVE-2022-49772 at SUSE CVE-2022-49772 at NVD CVE-2022-49773 at SUSE CVE-2022-49773 at NVD CVE-2022-49775 at SUSE CVE-2022-49775 at NVD CVE-2022-49776 at SUSE CVE-2022-49776 at NVD CVE-2022-49777 at SUSE CVE-2022-49777 at NVD CVE-2022-49779 at SUSE CVE-2022-49779 at NVD CVE-2022-49781 at SUSE CVE-2022-49781 at NVD CVE-2022-49783 at SUSE CVE-2022-49783 at NVD CVE-2022-49784 at SUSE CVE-2022-49784 at NVD CVE-2022-49786 at SUSE CVE-2022-49786 at NVD CVE-2022-49787 at SUSE CVE-2022-49787 at NVD CVE-2022-49788 at SUSE CVE-2022-49788 at NVD CVE-2022-49789 at SUSE CVE-2022-49789 at NVD CVE-2022-49790 at SUSE CVE-2022-49790 at NVD CVE-2022-49792 at SUSE CVE-2022-49792 at NVD CVE-2022-49793 at SUSE CVE-2022-49793 at NVD CVE-2022-49794 at SUSE CVE-2022-49794 at NVD CVE-2022-49795 at SUSE CVE-2022-49795 at NVD CVE-2022-49796 at SUSE CVE-2022-49796 at NVD CVE-2022-49797 at SUSE CVE-2022-49797 at NVD CVE-2022-49799 at SUSE CVE-2022-49799 at NVD CVE-2022-49800 at SUSE CVE-2022-49800 at NVD CVE-2022-49801 at SUSE CVE-2022-49801 at NVD CVE-2022-49802 at SUSE CVE-2022-49802 at NVD CVE-2022-49807 at SUSE CVE-2022-49807 at NVD CVE-2022-49809 at SUSE CVE-2022-49809 at NVD CVE-2022-49810 at SUSE CVE-2022-49810 at NVD CVE-2022-49812 at SUSE CVE-2022-49812 at NVD CVE-2022-49813 at SUSE CVE-2022-49813 at NVD CVE-2022-49818 at SUSE CVE-2022-49818 at NVD CVE-2022-49821 at SUSE CVE-2022-49821 at NVD CVE-2022-49822 at SUSE CVE-2022-49822 at NVD CVE-2022-49823 at SUSE CVE-2022-49823 at NVD CVE-2022-49824 at SUSE CVE-2022-49824 at NVD CVE-2022-49825 at SUSE CVE-2022-49825 at NVD CVE-2022-49826 at SUSE CVE-2022-49826 at NVD CVE-2022-49827 at SUSE CVE-2022-49827 at NVD CVE-2022-49830 at SUSE CVE-2022-49830 at NVD CVE-2022-49832 at SUSE CVE-2022-49832 at NVD CVE-2022-49834 at SUSE CVE-2022-49834 at NVD CVE-2022-49835 at SUSE CVE-2022-49835 at NVD CVE-2022-49836 at SUSE CVE-2022-49836 at NVD CVE-2022-49837 at SUSE CVE-2022-49837 at NVD CVE-2022-49839 at SUSE CVE-2022-49839 at NVD CVE-2022-49841 at SUSE CVE-2022-49841 at NVD CVE-2022-49842 at SUSE CVE-2022-49842 at NVD CVE-2022-49845 at SUSE CVE-2022-49845 at NVD CVE-2022-49846 at SUSE CVE-2022-49846 at NVD CVE-2022-49850 at SUSE CVE-2022-49850 at NVD CVE-2022-49853 at SUSE CVE-2022-49853 at NVD CVE-2022-49858 at SUSE CVE-2022-49858 at NVD CVE-2022-49860 at SUSE CVE-2022-49860 at NVD CVE-2022-49861 at SUSE CVE-2022-49861 at NVD CVE-2022-49863 at SUSE CVE-2022-49863 at NVD CVE-2022-49864 at SUSE CVE-2022-49864 at NVD CVE-2022-49865 at SUSE CVE-2022-49865 at NVD CVE-2022-49868 at SUSE CVE-2022-49868 at NVD CVE-2022-49869 at SUSE CVE-2022-49869 at NVD CVE-2022-49870 at SUSE CVE-2022-49870 at NVD CVE-2022-49871 at SUSE CVE-2022-49871 at NVD CVE-2022-49874 at SUSE CVE-2022-49874 at NVD CVE-2022-49879 at SUSE CVE-2022-49879 at NVD CVE-2022-49880 at SUSE CVE-2022-49880 at NVD CVE-2022-49881 at SUSE CVE-2022-49881 at NVD CVE-2022-49885 at SUSE CVE-2022-49885 at NVD CVE-2022-49886 at SUSE CVE-2022-49886 at NVD CVE-2022-49887 at SUSE CVE-2022-49887 at NVD CVE-2022-49888 at SUSE CVE-2022-49888 at NVD CVE-2022-49889 at SUSE CVE-2022-49889 at NVD CVE-2022-49890 at SUSE CVE-2022-49890 at NVD CVE-2022-49891 at SUSE CVE-2022-49891 at NVD CVE-2022-49892 at SUSE CVE-2022-49892 at NVD CVE-2022-49900 at SUSE CVE-2022-49900 at NVD CVE-2022-49901 at SUSE CVE-2022-49901 at NVD CVE-2022-49902 at SUSE CVE-2022-49902 at NVD CVE-2022-49905 at SUSE CVE-2022-49905 at NVD CVE-2022-49906 at SUSE CVE-2022-49906 at NVD CVE-2022-49908 at SUSE CVE-2022-49908 at NVD CVE-2022-49909 at SUSE CVE-2022-49909 at NVD CVE-2022-49910 at SUSE CVE-2022-49910 at NVD CVE-2022-49915 at SUSE CVE-2022-49915 at NVD CVE-2022-49916 at SUSE CVE-2022-49916 at NVD CVE-2022-49917 at SUSE CVE-2022-49917 at NVD CVE-2022-49918 at SUSE CVE-2022-49918 at NVD CVE-2022-49921 at SUSE CVE-2022-49921 at NVD CVE-2022-49922 at SUSE CVE-2022-49922 at NVD CVE-2022-49923 at SUSE CVE-2022-49923 at NVD CVE-2022-49924 at SUSE CVE-2022-49924 at NVD CVE-2022-49925 at SUSE CVE-2022-49925 at NVD CVE-2022-49927 at SUSE CVE-2022-49927 at NVD CVE-2022-49928 at SUSE CVE-2022-49928 at NVD CVE-2022-49929 at SUSE CVE-2022-49929 at NVD CVE-2022-49931 at SUSE CVE-2022-49931 at NVD CVE-2023-1990 at SUSE CVE-2023-1990 at NVD CVE-2023-28866 at SUSE CVE-2023-28866 at NVD CVE-2023-53035 at SUSE CVE-2023-53035 at NVD CVE-2023-53036 at SUSE CVE-2023-53036 at NVD CVE-2023-53038 at SUSE CVE-2023-53038 at NVD CVE-2023-53039 at SUSE CVE-2023-53039 at NVD CVE-2023-53040 at SUSE CVE-2023-53040 at NVD CVE-2023-53041 at SUSE CVE-2023-53041 at NVD CVE-2023-53042 at SUSE CVE-2023-53042 at NVD CVE-2023-53044 at SUSE CVE-2023-53044 at NVD CVE-2023-53045 at SUSE CVE-2023-53045 at NVD CVE-2023-53049 at SUSE CVE-2023-53049 at NVD CVE-2023-53052 at SUSE CVE-2023-53052 at NVD CVE-2023-53054 at SUSE CVE-2023-53054 at NVD CVE-2023-53056 at SUSE CVE-2023-53056 at NVD CVE-2023-53057 at SUSE CVE-2023-53057 at NVD CVE-2023-53058 at SUSE CVE-2023-53058 at NVD CVE-2023-53059 at SUSE CVE-2023-53059 at NVD CVE-2023-53060 at SUSE CVE-2023-53060 at NVD CVE-2023-53062 at SUSE CVE-2023-53062 at NVD CVE-2023-53064 at SUSE CVE-2023-53064 at NVD CVE-2023-53065 at SUSE CVE-2023-53065 at NVD CVE-2023-53066 at SUSE CVE-2023-53066 at NVD CVE-2023-53068 at SUSE CVE-2023-53068 at NVD CVE-2023-53070 at SUSE CVE-2023-53070 at NVD CVE-2023-53071 at SUSE CVE-2023-53071 at NVD CVE-2023-53073 at SUSE CVE-2023-53073 at NVD CVE-2023-53074 at SUSE CVE-2023-53074 at NVD CVE-2023-53075 at SUSE CVE-2023-53075 at NVD CVE-2023-53077 at SUSE CVE-2023-53077 at NVD CVE-2023-53078 at SUSE CVE-2023-53078 at NVD CVE-2023-53079 at SUSE CVE-2023-53079 at NVD CVE-2023-53081 at SUSE CVE-2023-53081 at NVD CVE-2023-53082 at SUSE CVE-2023-53082 at NVD CVE-2023-53084 at SUSE CVE-2023-53084 at NVD CVE-2023-53087 at SUSE CVE-2023-53087 at NVD CVE-2023-53089 at SUSE CVE-2023-53089 at NVD CVE-2023-53090 at SUSE CVE-2023-53090 at NVD CVE-2023-53091 at SUSE CVE-2023-53091 at NVD CVE-2023-53092 at SUSE CVE-2023-53092 at NVD CVE-2023-53093 at SUSE CVE-2023-53093 at NVD CVE-2023-53095 at SUSE CVE-2023-53095 at NVD CVE-2023-53096 at SUSE CVE-2023-53096 at NVD CVE-2023-53098 at SUSE CVE-2023-53098 at NVD CVE-2023-53099 at SUSE CVE-2023-53099 at NVD CVE-2023-53100 at SUSE CVE-2023-53100 at NVD CVE-2023-53101 at SUSE CVE-2023-53101 at NVD CVE-2023-53102 at SUSE CVE-2023-53102 at NVD CVE-2023-53105 at SUSE CVE-2023-53105 at NVD CVE-2023-53106 at SUSE CVE-2023-53106 at NVD CVE-2023-53108 at SUSE CVE-2023-53108 at NVD CVE-2023-53109 at SUSE CVE-2023-53109 at NVD CVE-2023-53111 at SUSE CVE-2023-53111 at NVD CVE-2023-53112 at SUSE CVE-2023-53112 at NVD CVE-2023-53114 at SUSE CVE-2023-53114 at NVD CVE-2023-53116 at SUSE CVE-2023-53116 at NVD CVE-2023-53118 at SUSE CVE-2023-53118 at NVD CVE-2023-53119 at SUSE CVE-2023-53119 at NVD CVE-2023-53123 at SUSE CVE-2023-53123 at NVD CVE-2023-53124 at SUSE CVE-2023-53124 at NVD CVE-2023-53125 at SUSE CVE-2023-53125 at NVD CVE-2023-53128 at SUSE CVE-2023-53128 at NVD CVE-2023-53131 at SUSE CVE-2023-53131 at NVD CVE-2023-53134 at SUSE CVE-2023-53134 at NVD CVE-2023-53137 at SUSE CVE-2023-53137 at NVD CVE-2023-53139 at SUSE CVE-2023-53139 at NVD CVE-2023-53140 at SUSE CVE-2023-53140 at NVD CVE-2023-53142 at SUSE CVE-2023-53142 at NVD CVE-2023-53143 at SUSE CVE-2023-53143 at NVD CVE-2023-53145 at SUSE CVE-2023-53145 at NVD CVE-2024-26804 at SUSE CVE-2024-26804 at NVD CVE-2024-28956 at SUSE CVE-2024-28956 at NVD CVE-2024-53168 at SUSE CVE-2024-53168 at NVD CVE-2024-56558 at SUSE CVE-2024-56558 at NVD CVE-2025-21999 at SUSE CVE-2025-21999 at NVD CVE-2025-22056 at SUSE CVE-2025-22056 at NVD CVE-2025-23145 at SUSE CVE-2025-23145 at NVD CVE-2025-37785 at SUSE CVE-2025-37785 at NVD CVE-2025-37789 at SUSE CVE-2025-37789 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sudo (Important) SUSE Linux Enterprise Micro 5.5 This update for sudo fixes the following issues: - CVE-2025-32462: Fixed a possible local privilege escalation via the --host option (bsc#1245274). Important SUSE bug 1245274 CVE-2025-32462 at SUSE CVE-2025-32462 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Low) SUSE Linux Enterprise Micro 5.5 This update for runc fixes the following issues: - CVE-2024-45310: Fixed unintentional creation of empty files/directories on host (bsc#1230092) Other fixes: - Update to runc v1.2.6. Low SUSE bug 1230092 CVE-2024-45310 at SUSE CVE-2024-45310 at NVD cpe:/o:suse:sle-micro:5.5 Security update for vim (Moderate) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: - CVE-2024-41965: Fixed improper neutralization of argument delimiters in zip.vim that could have led to data loss (bsc#1228776). - CVE-2025-29768: Fixed double-free in dialog_changed() (bsc#1239602). Moderate SUSE bug 1228776 SUSE bug 1239602 CVE-2024-41965 at SUSE CVE-2024-41965 at NVD CVE-2025-29768 at SUSE CVE-2025-29768 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1207361 bsc#1225468). - CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552). - CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821). - CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822). - CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). - CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095). - CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). - CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827). - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). - CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). - CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (bsc#1235464). - CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637). - CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). - CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312). - CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313). - CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876). - CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782). - CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504). - CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924). - CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330). - CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832). - CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277). - CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234). - CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732). - CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155). - CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183). The following non-security bugs were fixed: - ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes). - Fix reference in 'net_sched: sch_sfq: use a temporary work area for validating configuration' (bsc#1242504) - MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') - MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ('bs-upload-kernel: Pass limit_packages also on multibuild') - MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed. - bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') Fixes: 747f601d4156 ('bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)') - hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431). - kernel-source: Do not use multiple -r in sed parameters - kernel-source: Remove log.sh from sources - mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431). - mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431). - net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312) - net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504) - ovl: fix use inode directly in rcu-walk mode (bsc#1241900). - powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). - powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). - scsi: storvsc: Do not report the host packet status as the hv status (git-fixes). - scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455). Important SUSE bug 1065729 SUSE bug 1156395 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1198410 SUSE bug 1199356 SUSE bug 1199487 SUSE bug 1201160 SUSE bug 1201956 SUSE bug 1202094 SUSE bug 1202095 SUSE bug 1202564 SUSE bug 1202716 SUSE bug 1202823 SUSE bug 1202860 SUSE bug 1203197 SUSE bug 1203361 SUSE bug 1205220 SUSE bug 1205514 SUSE bug 1205701 SUSE bug 1206451 SUSE bug 1206664 SUSE bug 1206878 SUSE bug 1206880 SUSE bug 1207361 SUSE bug 1207638 SUSE bug 1211226 SUSE bug 1212051 SUSE bug 1213090 SUSE bug 1218184 SUSE bug 1218234 SUSE bug 1218470 SUSE bug 1222634 SUSE bug 1223675 SUSE bug 1224095 SUSE bug 1224597 SUSE bug 1225468 SUSE bug 1225820 SUSE bug 1226514 SUSE bug 1226552 SUSE bug 1230827 SUSE bug 1232504 SUSE bug 1234156 SUSE bug 1234381 SUSE bug 1235464 SUSE bug 1235637 SUSE bug 1236821 SUSE bug 1236822 SUSE bug 1237159 SUSE bug 1237312 SUSE bug 1237313 SUSE bug 1238526 SUSE bug 1238876 SUSE bug 1241900 SUSE bug 1242221 SUSE bug 1242414 SUSE bug 1242504 SUSE bug 1242596 SUSE bug 1242778 SUSE bug 1242782 SUSE bug 1242924 SUSE bug 1243330 SUSE bug 1243543 SUSE bug 1243627 SUSE bug 1243649 SUSE bug 1243660 SUSE bug 1243832 SUSE bug 1244114 SUSE bug 1244179 SUSE bug 1244180 SUSE bug 1244234 SUSE bug 1244241 SUSE bug 1244277 SUSE bug 1244309 SUSE bug 1244337 SUSE bug 1244732 SUSE bug 1244764 SUSE bug 1244765 SUSE bug 1244767 SUSE bug 1244770 SUSE bug 1244771 SUSE bug 1244772 SUSE bug 1244773 SUSE bug 1244774 SUSE bug 1244776 SUSE bug 1244779 SUSE bug 1244780 SUSE bug 1244781 SUSE bug 1244782 SUSE bug 1244783 SUSE bug 1244784 SUSE bug 1244786 SUSE bug 1244787 SUSE bug 1244788 SUSE bug 1244790 SUSE bug 1244791 SUSE bug 1244793 SUSE bug 1244794 SUSE bug 1244796 SUSE bug 1244797 SUSE bug 1244798 SUSE bug 1244800 SUSE bug 1244802 SUSE bug 1244804 SUSE bug 1244805 SUSE bug 1244806 SUSE bug 1244807 SUSE bug 1244808 SUSE bug 1244811 SUSE bug 1244813 SUSE bug 1244814 SUSE bug 1244815 SUSE bug 1244816 SUSE bug 1244819 SUSE bug 1244820 SUSE bug 1244823 SUSE bug 1244824 SUSE bug 1244825 SUSE bug 1244826 SUSE bug 1244827 SUSE bug 1244830 SUSE bug 1244831 SUSE bug 1244832 SUSE bug 1244834 SUSE bug 1244836 SUSE bug 1244838 SUSE bug 1244839 SUSE bug 1244840 SUSE bug 1244841 SUSE bug 1244842 SUSE bug 1244843 SUSE bug 1244845 SUSE bug 1244846 SUSE bug 1244848 SUSE bug 1244849 SUSE bug 1244851 SUSE bug 1244853 SUSE bug 1244854 SUSE bug 1244856 SUSE bug 1244858 SUSE bug 1244860 SUSE bug 1244861 SUSE bug 1244866 SUSE bug 1244867 SUSE bug 1244868 SUSE bug 1244869 SUSE bug 1244870 SUSE bug 1244871 SUSE bug 1244872 SUSE bug 1244873 SUSE bug 1244875 SUSE bug 1244876 SUSE bug 1244878 SUSE bug 1244879 SUSE bug 1244881 SUSE bug 1244883 SUSE bug 1244884 SUSE bug 1244886 SUSE bug 1244887 SUSE bug 1244888 SUSE bug 1244890 SUSE bug 1244892 SUSE bug 1244893 SUSE bug 1244895 SUSE bug 1244898 SUSE bug 1244899 SUSE bug 1244900 SUSE bug 1244901 SUSE bug 1244902 SUSE bug 1244903 SUSE bug 1244904 SUSE bug 1244905 SUSE bug 1244908 SUSE bug 1244911 SUSE bug 1244912 SUSE bug 1244914 SUSE bug 1244915 SUSE bug 1244928 SUSE bug 1244936 SUSE bug 1244940 SUSE bug 1244941 SUSE bug 1244942 SUSE bug 1244943 SUSE bug 1244944 SUSE bug 1244945 SUSE bug 1244948 SUSE bug 1244949 SUSE bug 1244950 SUSE bug 1244953 SUSE bug 1244955 SUSE bug 1244956 SUSE bug 1244957 SUSE bug 1244958 SUSE bug 1244959 SUSE bug 1244960 SUSE bug 1244961 SUSE bug 1244965 SUSE bug 1244966 SUSE bug 1244967 SUSE bug 1244968 SUSE bug 1244969 SUSE bug 1244970 SUSE bug 1244973 SUSE bug 1244974 SUSE bug 1244976 SUSE bug 1244977 SUSE bug 1244978 SUSE bug 1244979 SUSE bug 1244983 SUSE bug 1244984 SUSE bug 1244985 SUSE bug 1244986 SUSE bug 1244987 SUSE bug 1244991 SUSE bug 1244992 SUSE bug 1244993 SUSE bug 1245006 SUSE bug 1245007 SUSE bug 1245009 SUSE bug 1245011 SUSE bug 1245012 SUSE bug 1245015 SUSE bug 1245018 SUSE bug 1245019 SUSE bug 1245023 SUSE bug 1245024 SUSE bug 1245028 SUSE bug 1245031 SUSE bug 1245032 SUSE bug 1245033 SUSE bug 1245038 SUSE bug 1245039 SUSE bug 1245040 SUSE bug 1245041 SUSE bug 1245047 SUSE bug 1245048 SUSE bug 1245051 SUSE bug 1245052 SUSE bug 1245057 SUSE bug 1245058 SUSE bug 1245060 SUSE bug 1245062 SUSE bug 1245063 SUSE bug 1245064 SUSE bug 1245069 SUSE bug 1245070 SUSE bug 1245072 SUSE bug 1245073 SUSE bug 1245088 SUSE bug 1245089 SUSE bug 1245092 SUSE bug 1245093 SUSE bug 1245094 SUSE bug 1245098 SUSE bug 1245103 SUSE bug 1245116 SUSE bug 1245117 SUSE bug 1245118 SUSE bug 1245119 SUSE bug 1245121 SUSE bug 1245122 SUSE bug 1245125 SUSE bug 1245129 SUSE bug 1245131 SUSE bug 1245133 SUSE bug 1245134 SUSE bug 1245135 SUSE bug 1245136 SUSE bug 1245138 SUSE bug 1245139 SUSE bug 1245140 SUSE bug 1245142 SUSE bug 1245146 SUSE bug 1245147 SUSE bug 1245149 SUSE bug 1245152 SUSE bug 1245154 SUSE bug 1245155 SUSE bug 1245180 SUSE bug 1245183 SUSE bug 1245189 SUSE bug 1245191 SUSE bug 1245195 SUSE bug 1245197 SUSE bug 1245265 SUSE bug 1245340 SUSE bug 1245348 SUSE bug 1245431 SUSE bug 1245455 CVE-2021-47557 at SUSE CVE-2021-47557 at NVD CVE-2021-47595 at SUSE CVE-2021-47595 at NVD CVE-2022-1679 at SUSE CVE-2022-1679 at NVD CVE-2022-2585 at SUSE CVE-2022-2585 at NVD CVE-2022-2586 at SUSE CVE-2022-2586 at NVD CVE-2022-2905 at SUSE CVE-2022-2905 at NVD CVE-2022-3903 at SUSE CVE-2022-3903 at NVD CVE-2022-4095 at SUSE CVE-2022-4095 at NVD CVE-2022-4662 at SUSE CVE-2022-4662 at NVD CVE-2022-49934 at SUSE CVE-2022-49934 at NVD CVE-2022-49935 at SUSE CVE-2022-49935 at NVD CVE-2022-49936 at SUSE CVE-2022-49936 at NVD CVE-2022-49937 at SUSE CVE-2022-49937 at NVD CVE-2022-49938 at SUSE CVE-2022-49938 at NVD CVE-2022-49940 at SUSE CVE-2022-49940 at NVD CVE-2022-49942 at SUSE CVE-2022-49942 at NVD CVE-2022-49943 at SUSE CVE-2022-49943 at NVD CVE-2022-49944 at SUSE CVE-2022-49944 at NVD CVE-2022-49945 at SUSE CVE-2022-49945 at NVD CVE-2022-49946 at SUSE CVE-2022-49946 at NVD CVE-2022-49948 at SUSE CVE-2022-49948 at NVD CVE-2022-49949 at SUSE CVE-2022-49949 at NVD CVE-2022-49950 at SUSE CVE-2022-49950 at NVD CVE-2022-49951 at SUSE CVE-2022-49951 at NVD CVE-2022-49952 at SUSE CVE-2022-49952 at NVD CVE-2022-49954 at SUSE CVE-2022-49954 at NVD CVE-2022-49956 at SUSE CVE-2022-49956 at NVD CVE-2022-49957 at SUSE CVE-2022-49957 at NVD CVE-2022-49958 at SUSE CVE-2022-49958 at NVD CVE-2022-49960 at SUSE CVE-2022-49960 at NVD CVE-2022-49962 at SUSE CVE-2022-49962 at NVD CVE-2022-49963 at SUSE CVE-2022-49963 at NVD CVE-2022-49964 at SUSE CVE-2022-49964 at NVD CVE-2022-49965 at SUSE CVE-2022-49965 at NVD CVE-2022-49966 at SUSE CVE-2022-49966 at NVD CVE-2022-49968 at SUSE CVE-2022-49968 at NVD CVE-2022-49969 at SUSE CVE-2022-49969 at NVD CVE-2022-49971 at SUSE CVE-2022-49971 at NVD CVE-2022-49972 at SUSE CVE-2022-49972 at NVD CVE-2022-49977 at SUSE CVE-2022-49977 at NVD CVE-2022-49978 at SUSE CVE-2022-49978 at NVD CVE-2022-49980 at SUSE CVE-2022-49980 at NVD CVE-2022-49981 at SUSE CVE-2022-49981 at NVD CVE-2022-49982 at SUSE CVE-2022-49982 at NVD CVE-2022-49983 at SUSE CVE-2022-49983 at NVD CVE-2022-49984 at SUSE CVE-2022-49984 at NVD CVE-2022-49985 at SUSE CVE-2022-49985 at NVD CVE-2022-49986 at SUSE CVE-2022-49986 at NVD CVE-2022-49987 at SUSE CVE-2022-49987 at NVD CVE-2022-49989 at SUSE CVE-2022-49989 at NVD CVE-2022-49990 at SUSE CVE-2022-49990 at NVD CVE-2022-49993 at SUSE CVE-2022-49993 at NVD CVE-2022-49995 at SUSE CVE-2022-49995 at NVD CVE-2022-49999 at SUSE CVE-2022-49999 at NVD CVE-2022-50002 at SUSE CVE-2022-50002 at NVD CVE-2022-50003 at SUSE CVE-2022-50003 at NVD CVE-2022-50005 at SUSE CVE-2022-50005 at NVD CVE-2022-50006 at SUSE CVE-2022-50006 at NVD CVE-2022-50008 at SUSE CVE-2022-50008 at NVD CVE-2022-50010 at SUSE CVE-2022-50010 at NVD CVE-2022-50011 at SUSE CVE-2022-50011 at NVD CVE-2022-50012 at SUSE CVE-2022-50012 at NVD CVE-2022-50015 at SUSE CVE-2022-50015 at NVD CVE-2022-50016 at SUSE CVE-2022-50016 at NVD CVE-2022-50019 at SUSE CVE-2022-50019 at NVD CVE-2022-50020 at SUSE CVE-2022-50020 at NVD CVE-2022-50021 at SUSE CVE-2022-50021 at NVD CVE-2022-50022 at SUSE CVE-2022-50022 at NVD CVE-2022-50023 at SUSE CVE-2022-50023 at NVD CVE-2022-50024 at SUSE CVE-2022-50024 at NVD CVE-2022-50026 at SUSE CVE-2022-50026 at NVD CVE-2022-50027 at SUSE CVE-2022-50027 at NVD CVE-2022-50028 at SUSE CVE-2022-50028 at NVD CVE-2022-50029 at SUSE CVE-2022-50029 at NVD CVE-2022-50030 at SUSE CVE-2022-50030 at NVD CVE-2022-50031 at SUSE CVE-2022-50031 at NVD CVE-2022-50032 at SUSE CVE-2022-50032 at NVD CVE-2022-50033 at SUSE CVE-2022-50033 at NVD CVE-2022-50034 at SUSE CVE-2022-50034 at NVD CVE-2022-50035 at SUSE CVE-2022-50035 at NVD CVE-2022-50036 at SUSE CVE-2022-50036 at NVD CVE-2022-50037 at SUSE CVE-2022-50037 at NVD CVE-2022-50038 at SUSE CVE-2022-50038 at NVD CVE-2022-50039 at SUSE CVE-2022-50039 at NVD CVE-2022-50040 at SUSE CVE-2022-50040 at NVD CVE-2022-50041 at SUSE CVE-2022-50041 at NVD CVE-2022-50044 at SUSE CVE-2022-50044 at NVD CVE-2022-50045 at SUSE CVE-2022-50045 at NVD CVE-2022-50046 at SUSE CVE-2022-50046 at NVD CVE-2022-50047 at SUSE CVE-2022-50047 at NVD CVE-2022-50049 at SUSE CVE-2022-50049 at NVD CVE-2022-50050 at SUSE CVE-2022-50050 at NVD CVE-2022-50051 at SUSE CVE-2022-50051 at NVD CVE-2022-50052 at SUSE CVE-2022-50052 at NVD CVE-2022-50053 at SUSE CVE-2022-50053 at NVD CVE-2022-50054 at SUSE CVE-2022-50054 at NVD CVE-2022-50055 at SUSE CVE-2022-50055 at NVD CVE-2022-50059 at SUSE CVE-2022-50059 at NVD CVE-2022-50060 at SUSE CVE-2022-50060 at NVD CVE-2022-50061 at SUSE CVE-2022-50061 at NVD CVE-2022-50062 at SUSE CVE-2022-50062 at NVD CVE-2022-50065 at SUSE CVE-2022-50065 at NVD CVE-2022-50066 at SUSE CVE-2022-50066 at NVD CVE-2022-50067 at SUSE CVE-2022-50067 at NVD CVE-2022-50068 at SUSE CVE-2022-50068 at NVD CVE-2022-50072 at SUSE CVE-2022-50072 at NVD CVE-2022-50073 at SUSE CVE-2022-50073 at NVD CVE-2022-50074 at SUSE CVE-2022-50074 at NVD CVE-2022-50076 at SUSE CVE-2022-50076 at NVD CVE-2022-50077 at SUSE CVE-2022-50077 at NVD CVE-2022-50079 at SUSE CVE-2022-50079 at NVD CVE-2022-50083 at SUSE CVE-2022-50083 at NVD CVE-2022-50084 at SUSE CVE-2022-50084 at NVD CVE-2022-50085 at SUSE CVE-2022-50085 at NVD CVE-2022-50086 at SUSE CVE-2022-50086 at NVD CVE-2022-50087 at SUSE CVE-2022-50087 at NVD CVE-2022-50092 at SUSE CVE-2022-50092 at NVD CVE-2022-50093 at SUSE CVE-2022-50093 at NVD CVE-2022-50094 at SUSE CVE-2022-50094 at NVD CVE-2022-50095 at SUSE CVE-2022-50095 at NVD CVE-2022-50097 at SUSE CVE-2022-50097 at NVD CVE-2022-50098 at SUSE CVE-2022-50098 at NVD CVE-2022-50099 at SUSE CVE-2022-50099 at NVD CVE-2022-50100 at SUSE CVE-2022-50100 at NVD CVE-2022-50101 at SUSE CVE-2022-50101 at NVD CVE-2022-50102 at SUSE CVE-2022-50102 at NVD CVE-2022-50103 at SUSE CVE-2022-50103 at NVD CVE-2022-50104 at SUSE CVE-2022-50104 at NVD CVE-2022-50108 at SUSE CVE-2022-50108 at NVD CVE-2022-50109 at SUSE CVE-2022-50109 at NVD CVE-2022-50110 at SUSE CVE-2022-50110 at NVD CVE-2022-50111 at SUSE CVE-2022-50111 at NVD CVE-2022-50112 at SUSE CVE-2022-50112 at NVD CVE-2022-50115 at SUSE CVE-2022-50115 at NVD CVE-2022-50116 at SUSE CVE-2022-50116 at NVD CVE-2022-50117 at SUSE CVE-2022-50117 at NVD CVE-2022-50118 at SUSE CVE-2022-50118 at NVD CVE-2022-50120 at SUSE CVE-2022-50120 at NVD CVE-2022-50121 at SUSE CVE-2022-50121 at NVD CVE-2022-50124 at SUSE CVE-2022-50124 at NVD CVE-2022-50125 at SUSE CVE-2022-50125 at NVD CVE-2022-50126 at SUSE CVE-2022-50126 at NVD CVE-2022-50127 at SUSE CVE-2022-50127 at NVD CVE-2022-50129 at SUSE CVE-2022-50129 at NVD CVE-2022-50131 at SUSE CVE-2022-50131 at NVD CVE-2022-50132 at SUSE CVE-2022-50132 at NVD CVE-2022-50133 at SUSE CVE-2022-50133 at NVD CVE-2022-50134 at SUSE CVE-2022-50134 at NVD CVE-2022-50135 at SUSE CVE-2022-50135 at NVD CVE-2022-50136 at SUSE CVE-2022-50136 at NVD CVE-2022-50137 at SUSE CVE-2022-50137 at NVD CVE-2022-50138 at SUSE CVE-2022-50138 at NVD CVE-2022-50139 at SUSE CVE-2022-50139 at NVD CVE-2022-50140 at SUSE CVE-2022-50140 at NVD CVE-2022-50141 at SUSE CVE-2022-50141 at NVD CVE-2022-50142 at SUSE CVE-2022-50142 at NVD CVE-2022-50143 at SUSE CVE-2022-50143 at NVD CVE-2022-50144 at SUSE CVE-2022-50144 at NVD CVE-2022-50145 at SUSE CVE-2022-50145 at NVD CVE-2022-50146 at SUSE CVE-2022-50146 at NVD CVE-2022-50149 at SUSE CVE-2022-50149 at NVD CVE-2022-50151 at SUSE CVE-2022-50151 at NVD CVE-2022-50152 at SUSE CVE-2022-50152 at NVD CVE-2022-50153 at SUSE CVE-2022-50153 at NVD CVE-2022-50154 at SUSE CVE-2022-50154 at NVD CVE-2022-50155 at SUSE CVE-2022-50155 at NVD CVE-2022-50156 at SUSE CVE-2022-50156 at NVD CVE-2022-50157 at SUSE CVE-2022-50157 at NVD CVE-2022-50158 at SUSE CVE-2022-50158 at NVD CVE-2022-50160 at SUSE CVE-2022-50160 at NVD CVE-2022-50161 at SUSE CVE-2022-50161 at NVD CVE-2022-50162 at SUSE CVE-2022-50162 at NVD CVE-2022-50164 at SUSE CVE-2022-50164 at NVD CVE-2022-50165 at SUSE CVE-2022-50165 at NVD CVE-2022-50166 at SUSE CVE-2022-50166 at NVD CVE-2022-50169 at SUSE CVE-2022-50169 at NVD CVE-2022-50171 at SUSE CVE-2022-50171 at NVD CVE-2022-50172 at SUSE CVE-2022-50172 at NVD CVE-2022-50173 at SUSE CVE-2022-50173 at NVD CVE-2022-50175 at SUSE CVE-2022-50175 at NVD CVE-2022-50176 at SUSE CVE-2022-50176 at NVD CVE-2022-50178 at SUSE CVE-2022-50178 at NVD CVE-2022-50179 at SUSE CVE-2022-50179 at NVD CVE-2022-50181 at SUSE CVE-2022-50181 at NVD CVE-2022-50183 at SUSE CVE-2022-50183 at NVD CVE-2022-50184 at SUSE CVE-2022-50184 at NVD CVE-2022-50185 at SUSE CVE-2022-50185 at NVD CVE-2022-50186 at SUSE CVE-2022-50186 at NVD CVE-2022-50187 at SUSE CVE-2022-50187 at NVD CVE-2022-50188 at SUSE CVE-2022-50188 at NVD CVE-2022-50190 at SUSE CVE-2022-50190 at NVD CVE-2022-50191 at SUSE CVE-2022-50191 at NVD CVE-2022-50192 at SUSE CVE-2022-50192 at NVD CVE-2022-50194 at SUSE CVE-2022-50194 at NVD CVE-2022-50196 at SUSE CVE-2022-50196 at NVD CVE-2022-50197 at SUSE CVE-2022-50197 at NVD CVE-2022-50198 at SUSE CVE-2022-50198 at NVD CVE-2022-50199 at SUSE CVE-2022-50199 at NVD CVE-2022-50200 at SUSE CVE-2022-50200 at NVD CVE-2022-50201 at SUSE CVE-2022-50201 at NVD CVE-2022-50202 at SUSE CVE-2022-50202 at NVD CVE-2022-50203 at SUSE CVE-2022-50203 at NVD CVE-2022-50204 at SUSE CVE-2022-50204 at NVD CVE-2022-50206 at SUSE CVE-2022-50206 at NVD CVE-2022-50207 at SUSE CVE-2022-50207 at NVD CVE-2022-50208 at SUSE CVE-2022-50208 at NVD CVE-2022-50209 at SUSE CVE-2022-50209 at NVD CVE-2022-50211 at SUSE CVE-2022-50211 at NVD CVE-2022-50212 at SUSE CVE-2022-50212 at NVD CVE-2022-50213 at SUSE CVE-2022-50213 at NVD CVE-2022-50215 at SUSE CVE-2022-50215 at NVD CVE-2022-50218 at SUSE CVE-2022-50218 at NVD CVE-2022-50220 at SUSE CVE-2022-50220 at NVD CVE-2022-50221 at SUSE CVE-2022-50221 at NVD CVE-2022-50222 at SUSE CVE-2022-50222 at NVD CVE-2022-50226 at SUSE CVE-2022-50226 at NVD CVE-2022-50228 at SUSE CVE-2022-50228 at NVD CVE-2022-50229 at SUSE CVE-2022-50229 at NVD CVE-2022-50231 at SUSE CVE-2022-50231 at NVD CVE-2023-3111 at SUSE CVE-2023-3111 at NVD CVE-2023-52924 at SUSE CVE-2023-52924 at NVD CVE-2023-52925 at SUSE CVE-2023-52925 at NVD CVE-2023-53046 at SUSE CVE-2023-53046 at NVD CVE-2023-53048 at SUSE CVE-2023-53048 at NVD CVE-2023-53076 at SUSE CVE-2023-53076 at NVD CVE-2023-53097 at SUSE CVE-2023-53097 at NVD CVE-2024-26808 at SUSE CVE-2024-26808 at NVD CVE-2024-26924 at SUSE CVE-2024-26924 at NVD CVE-2024-26935 at SUSE CVE-2024-26935 at NVD CVE-2024-27397 at SUSE CVE-2024-27397 at NVD CVE-2024-35840 at SUSE CVE-2024-35840 at NVD CVE-2024-36978 at SUSE CVE-2024-36978 at NVD CVE-2024-46800 at SUSE CVE-2024-46800 at NVD CVE-2024-53125 at SUSE CVE-2024-53125 at NVD CVE-2024-53141 at SUSE CVE-2024-53141 at NVD CVE-2024-53197 at SUSE CVE-2024-53197 at NVD CVE-2024-56770 at SUSE CVE-2024-56770 at NVD CVE-2024-57999 at SUSE CVE-2024-57999 at NVD CVE-2025-21700 at SUSE CVE-2025-21700 at NVD CVE-2025-21702 at SUSE CVE-2025-21702 at NVD CVE-2025-21703 at SUSE CVE-2025-21703 at NVD CVE-2025-21756 at SUSE CVE-2025-21756 at NVD CVE-2025-23141 at SUSE CVE-2025-23141 at NVD CVE-2025-23145 at SUSE CVE-2025-23145 at NVD CVE-2025-37752 at SUSE CVE-2025-37752 at NVD CVE-2025-37798 at SUSE CVE-2025-37798 at NVD CVE-2025-37823 at SUSE CVE-2025-37823 at NVD CVE-2025-37890 at SUSE CVE-2025-37890 at NVD CVE-2025-37932 at SUSE CVE-2025-37932 at NVD CVE-2025-37948 at SUSE CVE-2025-37948 at NVD CVE-2025-37953 at SUSE CVE-2025-37953 at NVD CVE-2025-37963 at SUSE CVE-2025-37963 at NVD CVE-2025-37997 at SUSE CVE-2025-37997 at NVD CVE-2025-38000 at SUSE CVE-2025-38000 at NVD CVE-2025-38001 at SUSE CVE-2025-38001 at NVD CVE-2025-38014 at SUSE CVE-2025-38014 at NVD CVE-2025-38060 at SUSE CVE-2025-38060 at NVD CVE-2025-38083 at SUSE CVE-2025-38083 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libssh (Important) SUSE Linux Enterprise Micro 5.5 This update for libssh fixes the following issues: - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions (bsc#1245309). - CVE-2025-4878: Fixed use of uninitialized variable in privatekey_from_file() (bsc#1245310). - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management (bsc#1245311). - CVE-2025-5372: Fixed ssh_kdf() returns a success code on certain failures (bsc#1245314). Important SUSE bug 1245309 SUSE bug 1245310 SUSE bug 1245311 SUSE bug 1245314 CVE-2025-4877 at SUSE CVE-2025-4877 at NVD CVE-2025-4878 at SUSE CVE-2025-4878 at NVD CVE-2025-5318 at SUSE CVE-2025-5318 at NVD CVE-2025-5372 at SUSE CVE-2025-5372 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker (Moderate) SUSE Linux Enterprise Micro 5.5 This update for docker fixes the following issues: Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114): - CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765) - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830). Other fixes: - Update to docker-buildx v0.22.0. - Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035). - Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534) - Now that the only blocker for docker-buildx support was removed for SLE-16, enable docker-buildx for SLE-16 as well. (jsc#PED-8905) - SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150). Moderate SUSE bug 1239765 SUSE bug 1240150 SUSE bug 1241830 SUSE bug 1242114 SUSE bug 1243833 SUSE bug 1244035 CVE-2025-0495 at SUSE CVE-2025-0495 at NVD CVE-2025-22872 at SUSE CVE-2025-22872 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332). - CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694). - CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045). - CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288). - CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823). - CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044). - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). - CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). - CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809). - CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453). - CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854). - CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166). - CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157). - CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419). - CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038). - CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050). - CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127). - CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324). - CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096). - CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200). - CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239). - CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485). - CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547). - CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550). - CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568). - CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558). - CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564). - CVE-2024-53090: afs: Fix lock recursion (bsc#1233637). - CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769). - CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077). - CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072). - CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073). - CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076). - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). - CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219). - CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220). - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827). - CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811). - CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856). - CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). - CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971). - CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973). - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). - CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912). - CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). - CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037). - CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). - CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920). The following non-security bugs were fixed: - ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294) - amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295). - arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes). - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes). - arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes). - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes). - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes). - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes). - arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605) - autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes). - autofs: use flexible array in ioctl structure (git-fixes). - devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422). - devlink: do not require setting features before registration (bsc#1231388 bsc#1230422). - dma-fence: Fix reference leak on fence merge failure path (git-fixes). - dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357). - dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357). - Documentation: Add x86/amd_hsmp driver (jsc#PED-1295). - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes). - drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes). - drm/v3d: Enable Performance Counters before clearing them (git-fixes). - exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes). - hfsplus: do not query the device logical block size multiple times (git-fixes). - idpf: add support for SW triggered interrupts (bsc#1235507). - idpf: enable WB_ON_ITR (bsc#1235507). - idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). - ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727). - jffs2: Fix rtime decompressor (git-fixes). - jffs2: fix use of uninitialized variable (git-fixes). - jffs2: Prevent rtime decompress memory corruption (git-fixes). - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes). - jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes). - jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes). - jfs: fix shift-out-of-bounds in dbSplit (git-fixes). - jfs: xattr: check invalid xattr size more strictly (git-fixes). - kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth - kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639). - KVM: x86: fix sending PV IPI (git-fixes). - memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763). - mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120). - mmc: core: Further prevent card detect during shutdown (git-fixes). - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). - net/ipv6: release expired exception dst cached in socket (bsc#1216813). - NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes). - NFSD: Fix nfsd4_shutdown_copy() (git-fixes). - nfsd: make sure exp active before svc_export_show (git-fixes). - NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472). - NFSD: Prevent a potential integer overflow (git-fixes). - NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes). - NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472). - nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472). - nfsd: restore callback functionality for NFSv4.0 (git-fixes). - NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes). - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes). - nilfs2: prevent use of deleted inode (git-fixes). - ocfs2: uncache inode which has failed entering the group (bsc#1234087). - PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes). - phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763). - platform/x86: Add AMD system management interface (jsc#PED-1295). - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes). - pwm: tegra: Improve required rate calculation (jsc#PED-1763). - RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes) - regmap: detach regmap from dev on regmap_exit (git-fixes). - scatterlist: fix incorrect func name in kernel-doc (git-fixes). - scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo - scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). - serial: tegra: Read DMA status before terminating (jsc#PED-1763). - smb: client: fix TCP timers deadlock after rmmod (git-fixes) (bsc#1233642). - spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes). - SUNRPC: make sure cache entry active before cache_show (git-fixes). - sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git-fixes). - svcrdma: Address an integer overflow (git-fixes). - svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes). - tpm_tis_spi: Release chip select when flow control fails (bsc#1234338) - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes). - ubifs: Correct the total block count by deducting journal reservation (git-fixes). - udf: Handle error when adding extent to a file (bsc#1234437). - udf: refactor udf_current_aext() to handle error (bsc#1234240). - udf: refactor udf_next_aext() to handle error (bsc#1234241). - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). - usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes). - x86: Annotate call_on_stack() (git-fixes). - x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). - x86/fpu: Remove unused supervisor only offsets (git-fixes). - x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). - x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). - x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). - x86/mce: Allow instrumentation during task work queueing (git-fixes). - x86/mce: Mark mce_end() noinstr (git-fixes). - x86/mce: Mark mce_panic() noinstr (git-fixes). - x86/mce: Mark mce_read_aux() noinstr (git-fixes). - x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). - x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes). - x86/sgx: Free backing memory after faulting the enclave page (git-fixes). - x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes). - x86/uaccess: Move variable into switch case statement (git-fixes). - xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). - zonefs: fix zone report size in __zonefs_io_error() (git-fixes). Important SUSE bug 1135481 SUSE bug 1170891 SUSE bug 1171420 SUSE bug 1173139 SUSE bug 1175543 SUSE bug 1181006 SUSE bug 1185010 SUSE bug 1187211 SUSE bug 1187619 SUSE bug 1188412 SUSE bug 1188616 SUSE bug 1188700 SUSE bug 1188983 SUSE bug 1188985 SUSE bug 1189760 SUSE bug 1189762 SUSE bug 1189870 SUSE bug 1189872 SUSE bug 1190117 SUSE bug 1190131 SUSE bug 1190181 SUSE bug 1190358 SUSE bug 1190412 SUSE bug 1190428 SUSE bug 1203332 SUSE bug 1205521 SUSE bug 1209288 SUSE bug 1209798 SUSE bug 1211593 SUSE bug 1211595 SUSE bug 1215304 SUSE bug 1216813 SUSE bug 1216909 SUSE bug 1219608 SUSE bug 1222878 SUSE bug 1223044 SUSE bug 1225758 SUSE bug 1225820 SUSE bug 1226694 SUSE bug 1228190 SUSE bug 1229809 SUSE bug 1230422 SUSE bug 1230697 SUSE bug 1231388 SUSE bug 1231453 SUSE bug 1231854 SUSE bug 1232045 SUSE bug 1232157 SUSE bug 1232166 SUSE bug 1232419 SUSE bug 1232436 SUSE bug 1232472 SUSE bug 1232823 SUSE bug 1233038 SUSE bug 1233050 SUSE bug 1233070 SUSE bug 1233096 SUSE bug 1233127 SUSE bug 1233200 SUSE bug 1233239 SUSE bug 1233324 SUSE bug 1233467 SUSE bug 1233468 SUSE bug 1233469 SUSE bug 1233485 SUSE bug 1233547 SUSE bug 1233550 SUSE bug 1233558 SUSE bug 1233564 SUSE bug 1233568 SUSE bug 1233637 SUSE bug 1233701 SUSE bug 1233769 SUSE bug 1233837 SUSE bug 1234072 SUSE bug 1234073 SUSE bug 1234075 SUSE bug 1234076 SUSE bug 1234077 SUSE bug 1234087 SUSE bug 1234120 SUSE bug 1234156 SUSE bug 1234219 SUSE bug 1234220 SUSE bug 1234240 SUSE bug 1234241 SUSE bug 1234281 SUSE bug 1234282 SUSE bug 1234294 SUSE bug 1234338 SUSE bug 1234357 SUSE bug 1234437 SUSE bug 1234464 SUSE bug 1234605 SUSE bug 1234639 SUSE bug 1234650 SUSE bug 1234727 SUSE bug 1234811 SUSE bug 1234827 SUSE bug 1234834 SUSE bug 1234843 SUSE bug 1234846 SUSE bug 1234853 SUSE bug 1234856 SUSE bug 1234891 SUSE bug 1234912 SUSE bug 1234920 SUSE bug 1234921 SUSE bug 1234960 SUSE bug 1234963 SUSE bug 1234971 SUSE bug 1234973 SUSE bug 1235004 SUSE bug 1235035 SUSE bug 1235037 SUSE bug 1235039 SUSE bug 1235054 SUSE bug 1235056 SUSE bug 1235061 SUSE bug 1235073 SUSE bug 1235220 SUSE bug 1235224 SUSE bug 1235246 SUSE bug 1235507 CVE-2020-12770 at SUSE CVE-2020-12770 at NVD CVE-2021-34556 at SUSE CVE-2021-34556 at NVD CVE-2021-35477 at SUSE CVE-2021-35477 at NVD CVE-2021-38160 at SUSE CVE-2021-38160 at NVD CVE-2021-47202 at SUSE CVE-2021-47202 at NVD CVE-2022-36280 at SUSE CVE-2022-36280 at NVD CVE-2022-48742 at SUSE CVE-2022-48742 at NVD CVE-2022-49033 at SUSE CVE-2022-49033 at NVD CVE-2022-49035 at SUSE CVE-2022-49035 at NVD CVE-2023-1382 at SUSE CVE-2023-1382 at NVD CVE-2023-33951 at SUSE CVE-2023-33951 at NVD CVE-2023-33952 at SUSE CVE-2023-33952 at NVD CVE-2023-52920 at SUSE CVE-2023-52920 at NVD CVE-2024-24860 at SUSE CVE-2024-24860 at NVD CVE-2024-26886 at SUSE CVE-2024-26886 at NVD CVE-2024-26924 at SUSE CVE-2024-26924 at NVD CVE-2024-36915 at SUSE CVE-2024-36915 at NVD CVE-2024-42232 at SUSE CVE-2024-42232 at NVD CVE-2024-44934 at SUSE CVE-2024-44934 at NVD CVE-2024-47666 at SUSE CVE-2024-47666 at NVD CVE-2024-47678 at SUSE CVE-2024-47678 at NVD CVE-2024-49944 at SUSE CVE-2024-49944 at NVD CVE-2024-49952 at SUSE CVE-2024-49952 at NVD CVE-2024-50018 at SUSE CVE-2024-50018 at NVD CVE-2024-50143 at SUSE CVE-2024-50143 at NVD CVE-2024-50154 at SUSE CVE-2024-50154 at NVD CVE-2024-50166 at SUSE CVE-2024-50166 at NVD CVE-2024-50181 at SUSE CVE-2024-50181 at NVD CVE-2024-50202 at SUSE CVE-2024-50202 at NVD CVE-2024-50211 at SUSE CVE-2024-50211 at NVD CVE-2024-50256 at SUSE CVE-2024-50256 at NVD CVE-2024-50262 at SUSE CVE-2024-50262 at NVD CVE-2024-50278 at SUSE CVE-2024-50278 at NVD CVE-2024-50279 at SUSE CVE-2024-50279 at NVD CVE-2024-50280 at SUSE CVE-2024-50280 at NVD CVE-2024-50296 at SUSE CVE-2024-50296 at NVD CVE-2024-53051 at SUSE CVE-2024-53051 at NVD CVE-2024-53055 at SUSE CVE-2024-53055 at NVD CVE-2024-53056 at SUSE CVE-2024-53056 at NVD CVE-2024-53064 at SUSE CVE-2024-53064 at NVD CVE-2024-53072 at SUSE CVE-2024-53072 at NVD CVE-2024-53090 at SUSE CVE-2024-53090 at NVD CVE-2024-53101 at SUSE CVE-2024-53101 at NVD CVE-2024-53113 at SUSE CVE-2024-53113 at NVD CVE-2024-53114 at SUSE CVE-2024-53114 at NVD CVE-2024-53119 at SUSE CVE-2024-53119 at NVD CVE-2024-53120 at SUSE CVE-2024-53120 at NVD CVE-2024-53122 at SUSE CVE-2024-53122 at NVD CVE-2024-53125 at SUSE CVE-2024-53125 at NVD CVE-2024-53130 at SUSE CVE-2024-53130 at NVD CVE-2024-53131 at SUSE CVE-2024-53131 at NVD CVE-2024-53142 at SUSE CVE-2024-53142 at NVD CVE-2024-53146 at SUSE CVE-2024-53146 at NVD CVE-2024-53150 at SUSE CVE-2024-53150 at NVD CVE-2024-53156 at SUSE CVE-2024-53156 at NVD CVE-2024-53157 at SUSE CVE-2024-53157 at NVD CVE-2024-53158 at SUSE CVE-2024-53158 at NVD CVE-2024-53161 at SUSE CVE-2024-53161 at NVD CVE-2024-53162 at SUSE CVE-2024-53162 at NVD CVE-2024-53173 at SUSE CVE-2024-53173 at NVD CVE-2024-53179 at SUSE CVE-2024-53179 at NVD CVE-2024-53206 at SUSE CVE-2024-53206 at NVD CVE-2024-53210 at SUSE CVE-2024-53210 at NVD CVE-2024-53213 at SUSE CVE-2024-53213 at NVD CVE-2024-53214 at SUSE CVE-2024-53214 at NVD CVE-2024-53239 at SUSE CVE-2024-53239 at NVD CVE-2024-53240 at SUSE CVE-2024-53240 at NVD CVE-2024-53241 at SUSE CVE-2024-53241 at NVD CVE-2024-56539 at SUSE CVE-2024-56539 at NVD CVE-2024-56548 at SUSE CVE-2024-56548 at NVD CVE-2024-56549 at SUSE CVE-2024-56549 at NVD CVE-2024-56570 at SUSE CVE-2024-56570 at NVD CVE-2024-56571 at SUSE CVE-2024-56571 at NVD CVE-2024-56575 at SUSE CVE-2024-56575 at NVD CVE-2024-56598 at SUSE CVE-2024-56598 at NVD CVE-2024-56604 at SUSE CVE-2024-56604 at NVD CVE-2024-56605 at SUSE CVE-2024-56605 at NVD CVE-2024-56619 at SUSE CVE-2024-56619 at NVD CVE-2024-56755 at SUSE CVE-2024-56755 at NVD CVE-2024-8805 at SUSE CVE-2024-8805 at NVD cpe:/o:suse:sle-micro:5.5 Security update for protobuf (Moderate) SUSE Linux Enterprise Micro 5.5 This update for protobuf fixes the following issues: - CVE-2025-4565: Fix parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages that can lead to crash due to RecursionError (bsc#1244663). Moderate SUSE bug 1244663 CVE-2025-4565 at SUSE CVE-2025-4565 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554) - CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557) - CVE-2025-49795: Fixed a null pointer dereference which could lead to denial of service. (bsc#1244555) - CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700) - CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590) Important SUSE bug 1244554 SUSE bug 1244555 SUSE bug 1244557 SUSE bug 1244590 SUSE bug 1244700 CVE-2025-49794 at SUSE CVE-2025-49794 at NVD CVE-2025-49795 at SUSE CVE-2025-49795 at NVD CVE-2025-49796 at SUSE CVE-2025-49796 at NVD CVE-2025-6021 at SUSE CVE-2025-6021 at NVD CVE-2025-6170 at SUSE CVE-2025-6170 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1207361 bsc#1225468). - CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552). - CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821). - CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822). - CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). - CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820). - CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095). - CVE-2024-28956: x86/its: Add support for ITS-safe indirect thunk (bsc#1242006). - CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). - CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827). - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156). - CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). - CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (bsc#1235464). - CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637). - CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159). - CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312). - CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313). - CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876). - CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782). - CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504). - CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640). - CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924). - CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330). - CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832). - CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277). - CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234). - CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732). - CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155). - CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183). The following non-security bugs were fixed: - ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes). - Fix conditional for selecting gcc-13 Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).') - Fix reference in 'net_sched: sch_sfq: use a temporary work area for validating configuration' (bsc#1242504) - MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') - MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ('bs-upload-kernel: Pass limit_packages also on multibuild') - MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed. - Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82 - Use gcc-13 for build on SLE16 (jsc#PED-10028). - add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE. - bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') Fixes: 747f601d4156 ('bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)') - check-for-config-changes: Fix flag name typo - doc/README.SUSE: Point to the updated version of LKMPG - hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431). - kernel-obs-qa: Use srchash for dependency as well - kernel-source: Also replace bin/env - kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 ('kernel-source: Also replace bin/env' - kernel-source: Remove log.sh from sources - mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431). - mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431). - net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312) - net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504) - ovl: fix use inode directly in rcu-walk mode (bsc#1241900). - packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).') - powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). - powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). - rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN - rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used - rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE - rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang. - rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64. - rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038). - rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check. - rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev & systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659) - rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454) - rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303) - rpm/package-descriptions: Add rt and rt_debug descriptions - rpm/release-projects: Update the ALP projects again (bsc#1231293). - rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570) - rpm: Stop using is_kotd_qa macro - scsi: storvsc: Do not report the host packet status as the hv status (git-fixes). - scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455). Important SUSE bug 1065729 SUSE bug 1156395 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1198410 SUSE bug 1199356 SUSE bug 1199487 SUSE bug 1201160 SUSE bug 1201956 SUSE bug 1202094 SUSE bug 1202095 SUSE bug 1202564 SUSE bug 1202716 SUSE bug 1202823 SUSE bug 1202860 SUSE bug 1203197 SUSE bug 1203361 SUSE bug 1205220 SUSE bug 1205514 SUSE bug 1205701 SUSE bug 1206451 SUSE bug 1206664 SUSE bug 1206878 SUSE bug 1206880 SUSE bug 1207361 SUSE bug 1207638 SUSE bug 1211226 SUSE bug 1212051 SUSE bug 1213090 SUSE bug 1218184 SUSE bug 1218234 SUSE bug 1218470 SUSE bug 1222634 SUSE bug 1223675 SUSE bug 1224095 SUSE bug 1224597 SUSE bug 1225468 SUSE bug 1225820 SUSE bug 1226514 SUSE bug 1226552 SUSE bug 1228659 SUSE bug 1230827 SUSE bug 1231293 SUSE bug 1232504 SUSE bug 1234156 SUSE bug 1234381 SUSE bug 1234454 SUSE bug 1235464 SUSE bug 1235637 SUSE bug 1236821 SUSE bug 1236822 SUSE bug 1237159 SUSE bug 1237312 SUSE bug 1237313 SUSE bug 1238303 SUSE bug 1238526 SUSE bug 1238570 SUSE bug 1238876 SUSE bug 1239986 SUSE bug 1240785 SUSE bug 1241038 SUSE bug 1241640 SUSE bug 1241900 SUSE bug 1242006 SUSE bug 1242221 SUSE bug 1242414 SUSE bug 1242504 SUSE bug 1242596 SUSE bug 1242778 SUSE bug 1242782 SUSE bug 1242924 SUSE bug 1243330 SUSE bug 1243543 SUSE bug 1243627 SUSE bug 1243649 SUSE bug 1243660 SUSE bug 1243832 SUSE bug 1244114 SUSE bug 1244179 SUSE bug 1244180 SUSE bug 1244234 SUSE bug 1244241 SUSE bug 1244277 SUSE bug 1244309 SUSE bug 1244337 SUSE bug 1244732 SUSE bug 1244764 SUSE bug 1244765 SUSE bug 1244767 SUSE bug 1244770 SUSE bug 1244771 SUSE bug 1244772 SUSE bug 1244773 SUSE bug 1244774 SUSE bug 1244776 SUSE bug 1244779 SUSE bug 1244780 SUSE bug 1244781 SUSE bug 1244782 SUSE bug 1244783 SUSE bug 1244784 SUSE bug 1244786 SUSE bug 1244787 SUSE bug 1244788 SUSE bug 1244790 SUSE bug 1244791 SUSE bug 1244793 SUSE bug 1244794 SUSE bug 1244796 SUSE bug 1244797 SUSE bug 1244798 SUSE bug 1244800 SUSE bug 1244802 SUSE bug 1244804 SUSE bug 1244805 SUSE bug 1244806 SUSE bug 1244807 SUSE bug 1244808 SUSE bug 1244811 SUSE bug 1244813 SUSE bug 1244814 SUSE bug 1244815 SUSE bug 1244816 SUSE bug 1244819 SUSE bug 1244820 SUSE bug 1244823 SUSE bug 1244824 SUSE bug 1244825 SUSE bug 1244826 SUSE bug 1244827 SUSE bug 1244830 SUSE bug 1244831 SUSE bug 1244832 SUSE bug 1244834 SUSE bug 1244836 SUSE bug 1244838 SUSE bug 1244839 SUSE bug 1244840 SUSE bug 1244841 SUSE bug 1244842 SUSE bug 1244843 SUSE bug 1244845 SUSE bug 1244846 SUSE bug 1244848 SUSE bug 1244849 SUSE bug 1244851 SUSE bug 1244853 SUSE bug 1244854 SUSE bug 1244856 SUSE bug 1244858 SUSE bug 1244860 SUSE bug 1244861 SUSE bug 1244866 SUSE bug 1244867 SUSE bug 1244868 SUSE bug 1244869 SUSE bug 1244870 SUSE bug 1244871 SUSE bug 1244872 SUSE bug 1244873 SUSE bug 1244875 SUSE bug 1244876 SUSE bug 1244878 SUSE bug 1244879 SUSE bug 1244881 SUSE bug 1244883 SUSE bug 1244884 SUSE bug 1244886 SUSE bug 1244887 SUSE bug 1244888 SUSE bug 1244890 SUSE bug 1244892 SUSE bug 1244893 SUSE bug 1244895 SUSE bug 1244898 SUSE bug 1244899 SUSE bug 1244900 SUSE bug 1244901 SUSE bug 1244902 SUSE bug 1244903 SUSE bug 1244904 SUSE bug 1244905 SUSE bug 1244908 SUSE bug 1244911 SUSE bug 1244912 SUSE bug 1244914 SUSE bug 1244915 SUSE bug 1244928 SUSE bug 1244936 SUSE bug 1244940 SUSE bug 1244941 SUSE bug 1244942 SUSE bug 1244943 SUSE bug 1244944 SUSE bug 1244945 SUSE bug 1244948 SUSE bug 1244949 SUSE bug 1244950 SUSE bug 1244953 SUSE bug 1244955 SUSE bug 1244956 SUSE bug 1244957 SUSE bug 1244958 SUSE bug 1244959 SUSE bug 1244960 SUSE bug 1244961 SUSE bug 1244965 SUSE bug 1244966 SUSE bug 1244967 SUSE bug 1244968 SUSE bug 1244969 SUSE bug 1244970 SUSE bug 1244973 SUSE bug 1244974 SUSE bug 1244976 SUSE bug 1244977 SUSE bug 1244978 SUSE bug 1244979 SUSE bug 1244983 SUSE bug 1244984 SUSE bug 1244985 SUSE bug 1244986 SUSE bug 1244987 SUSE bug 1244991 SUSE bug 1244992 SUSE bug 1244993 SUSE bug 1245006 SUSE bug 1245007 SUSE bug 1245009 SUSE bug 1245011 SUSE bug 1245012 SUSE bug 1245015 SUSE bug 1245018 SUSE bug 1245019 SUSE bug 1245023 SUSE bug 1245024 SUSE bug 1245028 SUSE bug 1245031 SUSE bug 1245032 SUSE bug 1245033 SUSE bug 1245038 SUSE bug 1245039 SUSE bug 1245040 SUSE bug 1245041 SUSE bug 1245047 SUSE bug 1245048 SUSE bug 1245051 SUSE bug 1245052 SUSE bug 1245057 SUSE bug 1245058 SUSE bug 1245060 SUSE bug 1245062 SUSE bug 1245063 SUSE bug 1245064 SUSE bug 1245069 SUSE bug 1245070 SUSE bug 1245072 SUSE bug 1245073 SUSE bug 1245088 SUSE bug 1245089 SUSE bug 1245092 SUSE bug 1245093 SUSE bug 1245094 SUSE bug 1245098 SUSE bug 1245103 SUSE bug 1245116 SUSE bug 1245117 SUSE bug 1245118 SUSE bug 1245119 SUSE bug 1245121 SUSE bug 1245122 SUSE bug 1245125 SUSE bug 1245129 SUSE bug 1245131 SUSE bug 1245133 SUSE bug 1245134 SUSE bug 1245135 SUSE bug 1245136 SUSE bug 1245138 SUSE bug 1245139 SUSE bug 1245140 SUSE bug 1245142 SUSE bug 1245146 SUSE bug 1245147 SUSE bug 1245149 SUSE bug 1245152 SUSE bug 1245154 SUSE bug 1245155 SUSE bug 1245180 SUSE bug 1245183 SUSE bug 1245189 SUSE bug 1245191 SUSE bug 1245195 SUSE bug 1245197 SUSE bug 1245265 SUSE bug 1245340 SUSE bug 1245348 SUSE bug 1245431 SUSE bug 1245455 CVE-2021-47557 at SUSE CVE-2021-47557 at NVD CVE-2021-47595 at SUSE CVE-2021-47595 at NVD CVE-2022-1679 at SUSE CVE-2022-1679 at NVD CVE-2022-2585 at SUSE CVE-2022-2585 at NVD CVE-2022-2586 at SUSE CVE-2022-2586 at NVD CVE-2022-2905 at SUSE CVE-2022-2905 at NVD CVE-2022-3903 at SUSE CVE-2022-3903 at NVD CVE-2022-4095 at SUSE CVE-2022-4095 at NVD CVE-2022-4662 at SUSE CVE-2022-4662 at NVD CVE-2022-49934 at SUSE CVE-2022-49934 at NVD CVE-2022-49935 at SUSE CVE-2022-49935 at NVD CVE-2022-49936 at SUSE CVE-2022-49936 at NVD CVE-2022-49937 at SUSE CVE-2022-49937 at NVD CVE-2022-49938 at SUSE CVE-2022-49938 at NVD CVE-2022-49940 at SUSE CVE-2022-49940 at NVD CVE-2022-49942 at SUSE CVE-2022-49942 at NVD CVE-2022-49943 at SUSE CVE-2022-49943 at NVD CVE-2022-49944 at SUSE CVE-2022-49944 at NVD CVE-2022-49945 at SUSE CVE-2022-49945 at NVD CVE-2022-49946 at SUSE CVE-2022-49946 at NVD CVE-2022-49948 at SUSE CVE-2022-49948 at NVD CVE-2022-49949 at SUSE CVE-2022-49949 at NVD CVE-2022-49950 at SUSE CVE-2022-49950 at NVD CVE-2022-49951 at SUSE CVE-2022-49951 at NVD CVE-2022-49952 at SUSE CVE-2022-49952 at NVD CVE-2022-49954 at SUSE CVE-2022-49954 at NVD CVE-2022-49956 at SUSE CVE-2022-49956 at NVD CVE-2022-49957 at SUSE CVE-2022-49957 at NVD CVE-2022-49958 at SUSE CVE-2022-49958 at NVD CVE-2022-49960 at SUSE CVE-2022-49960 at NVD CVE-2022-49962 at SUSE CVE-2022-49962 at NVD CVE-2022-49963 at SUSE CVE-2022-49963 at NVD CVE-2022-49964 at SUSE CVE-2022-49964 at NVD CVE-2022-49965 at SUSE CVE-2022-49965 at NVD CVE-2022-49966 at SUSE CVE-2022-49966 at NVD CVE-2022-49968 at SUSE CVE-2022-49968 at NVD CVE-2022-49969 at SUSE CVE-2022-49969 at NVD CVE-2022-49971 at SUSE CVE-2022-49971 at NVD CVE-2022-49972 at SUSE CVE-2022-49972 at NVD CVE-2022-49977 at SUSE CVE-2022-49977 at NVD CVE-2022-49978 at SUSE CVE-2022-49978 at NVD CVE-2022-49980 at SUSE CVE-2022-49980 at NVD CVE-2022-49981 at SUSE CVE-2022-49981 at NVD CVE-2022-49982 at SUSE CVE-2022-49982 at NVD CVE-2022-49983 at SUSE CVE-2022-49983 at NVD CVE-2022-49984 at SUSE CVE-2022-49984 at NVD CVE-2022-49985 at SUSE CVE-2022-49985 at NVD CVE-2022-49986 at SUSE CVE-2022-49986 at NVD CVE-2022-49987 at SUSE CVE-2022-49987 at NVD CVE-2022-49989 at SUSE CVE-2022-49989 at NVD CVE-2022-49990 at SUSE CVE-2022-49990 at NVD CVE-2022-49993 at SUSE CVE-2022-49993 at NVD CVE-2022-49995 at SUSE CVE-2022-49995 at NVD CVE-2022-49999 at SUSE CVE-2022-49999 at NVD CVE-2022-50002 at SUSE CVE-2022-50002 at NVD CVE-2022-50003 at SUSE CVE-2022-50003 at NVD CVE-2022-50005 at SUSE CVE-2022-50005 at NVD CVE-2022-50006 at SUSE CVE-2022-50006 at NVD CVE-2022-50008 at SUSE CVE-2022-50008 at NVD CVE-2022-50010 at SUSE CVE-2022-50010 at NVD CVE-2022-50011 at SUSE CVE-2022-50011 at NVD CVE-2022-50012 at SUSE CVE-2022-50012 at NVD CVE-2022-50015 at SUSE CVE-2022-50015 at NVD CVE-2022-50016 at SUSE CVE-2022-50016 at NVD CVE-2022-50019 at SUSE CVE-2022-50019 at NVD CVE-2022-50020 at SUSE CVE-2022-50020 at NVD CVE-2022-50021 at SUSE CVE-2022-50021 at NVD CVE-2022-50022 at SUSE CVE-2022-50022 at NVD CVE-2022-50023 at SUSE CVE-2022-50023 at NVD CVE-2022-50024 at SUSE CVE-2022-50024 at NVD CVE-2022-50026 at SUSE CVE-2022-50026 at NVD CVE-2022-50027 at SUSE CVE-2022-50027 at NVD CVE-2022-50028 at SUSE CVE-2022-50028 at NVD CVE-2022-50029 at SUSE CVE-2022-50029 at NVD CVE-2022-50030 at SUSE CVE-2022-50030 at NVD CVE-2022-50031 at SUSE CVE-2022-50031 at NVD CVE-2022-50032 at SUSE CVE-2022-50032 at NVD CVE-2022-50033 at SUSE CVE-2022-50033 at NVD CVE-2022-50034 at SUSE CVE-2022-50034 at NVD CVE-2022-50035 at SUSE CVE-2022-50035 at NVD CVE-2022-50036 at SUSE CVE-2022-50036 at NVD CVE-2022-50037 at SUSE CVE-2022-50037 at NVD CVE-2022-50038 at SUSE CVE-2022-50038 at NVD CVE-2022-50039 at SUSE CVE-2022-50039 at NVD CVE-2022-50040 at SUSE CVE-2022-50040 at NVD CVE-2022-50041 at SUSE CVE-2022-50041 at NVD CVE-2022-50044 at SUSE CVE-2022-50044 at NVD CVE-2022-50045 at SUSE CVE-2022-50045 at NVD CVE-2022-50046 at SUSE CVE-2022-50046 at NVD CVE-2022-50047 at SUSE CVE-2022-50047 at NVD CVE-2022-50049 at SUSE CVE-2022-50049 at NVD CVE-2022-50050 at SUSE CVE-2022-50050 at NVD CVE-2022-50051 at SUSE CVE-2022-50051 at NVD CVE-2022-50052 at SUSE CVE-2022-50052 at NVD CVE-2022-50053 at SUSE CVE-2022-50053 at NVD CVE-2022-50054 at SUSE CVE-2022-50054 at NVD CVE-2022-50055 at SUSE CVE-2022-50055 at NVD CVE-2022-50059 at SUSE CVE-2022-50059 at NVD CVE-2022-50060 at SUSE CVE-2022-50060 at NVD CVE-2022-50061 at SUSE CVE-2022-50061 at NVD CVE-2022-50062 at SUSE CVE-2022-50062 at NVD CVE-2022-50065 at SUSE CVE-2022-50065 at NVD CVE-2022-50066 at SUSE CVE-2022-50066 at NVD CVE-2022-50067 at SUSE CVE-2022-50067 at NVD CVE-2022-50068 at SUSE CVE-2022-50068 at NVD CVE-2022-50072 at SUSE CVE-2022-50072 at NVD CVE-2022-50073 at SUSE CVE-2022-50073 at NVD CVE-2022-50074 at SUSE CVE-2022-50074 at NVD CVE-2022-50076 at SUSE CVE-2022-50076 at NVD CVE-2022-50077 at SUSE CVE-2022-50077 at NVD CVE-2022-50079 at SUSE CVE-2022-50079 at NVD CVE-2022-50083 at SUSE CVE-2022-50083 at NVD CVE-2022-50084 at SUSE CVE-2022-50084 at NVD CVE-2022-50085 at SUSE CVE-2022-50085 at NVD CVE-2022-50086 at SUSE CVE-2022-50086 at NVD CVE-2022-50087 at SUSE CVE-2022-50087 at NVD CVE-2022-50092 at SUSE CVE-2022-50092 at NVD CVE-2022-50093 at SUSE CVE-2022-50093 at NVD CVE-2022-50094 at SUSE CVE-2022-50094 at NVD CVE-2022-50095 at SUSE CVE-2022-50095 at NVD CVE-2022-50097 at SUSE CVE-2022-50097 at NVD CVE-2022-50098 at SUSE CVE-2022-50098 at NVD CVE-2022-50099 at SUSE CVE-2022-50099 at NVD CVE-2022-50100 at SUSE CVE-2022-50100 at NVD CVE-2022-50101 at SUSE CVE-2022-50101 at NVD CVE-2022-50102 at SUSE CVE-2022-50102 at NVD CVE-2022-50103 at SUSE CVE-2022-50103 at NVD CVE-2022-50104 at SUSE CVE-2022-50104 at NVD CVE-2022-50108 at SUSE CVE-2022-50108 at NVD CVE-2022-50109 at SUSE CVE-2022-50109 at NVD CVE-2022-50110 at SUSE CVE-2022-50110 at NVD CVE-2022-50111 at SUSE CVE-2022-50111 at NVD CVE-2022-50112 at SUSE CVE-2022-50112 at NVD CVE-2022-50115 at SUSE CVE-2022-50115 at NVD CVE-2022-50116 at SUSE CVE-2022-50116 at NVD CVE-2022-50117 at SUSE CVE-2022-50117 at NVD CVE-2022-50118 at SUSE CVE-2022-50118 at NVD CVE-2022-50120 at SUSE CVE-2022-50120 at NVD CVE-2022-50121 at SUSE CVE-2022-50121 at NVD CVE-2022-50124 at SUSE CVE-2022-50124 at NVD CVE-2022-50125 at SUSE CVE-2022-50125 at NVD CVE-2022-50126 at SUSE CVE-2022-50126 at NVD CVE-2022-50127 at SUSE CVE-2022-50127 at NVD CVE-2022-50129 at SUSE CVE-2022-50129 at NVD CVE-2022-50131 at SUSE CVE-2022-50131 at NVD CVE-2022-50132 at SUSE CVE-2022-50132 at NVD CVE-2022-50133 at SUSE CVE-2022-50133 at NVD CVE-2022-50134 at SUSE CVE-2022-50134 at NVD CVE-2022-50135 at SUSE CVE-2022-50135 at NVD CVE-2022-50136 at SUSE CVE-2022-50136 at NVD CVE-2022-50137 at SUSE CVE-2022-50137 at NVD CVE-2022-50138 at SUSE CVE-2022-50138 at NVD CVE-2022-50139 at SUSE CVE-2022-50139 at NVD CVE-2022-50140 at SUSE CVE-2022-50140 at NVD CVE-2022-50141 at SUSE CVE-2022-50141 at NVD CVE-2022-50142 at SUSE CVE-2022-50142 at NVD CVE-2022-50143 at SUSE CVE-2022-50143 at NVD CVE-2022-50144 at SUSE CVE-2022-50144 at NVD CVE-2022-50145 at SUSE CVE-2022-50145 at NVD CVE-2022-50146 at SUSE CVE-2022-50146 at NVD CVE-2022-50149 at SUSE CVE-2022-50149 at NVD CVE-2022-50151 at SUSE CVE-2022-50151 at NVD CVE-2022-50152 at SUSE CVE-2022-50152 at NVD CVE-2022-50153 at SUSE CVE-2022-50153 at NVD CVE-2022-50154 at SUSE CVE-2022-50154 at NVD CVE-2022-50155 at SUSE CVE-2022-50155 at NVD CVE-2022-50156 at SUSE CVE-2022-50156 at NVD CVE-2022-50157 at SUSE CVE-2022-50157 at NVD CVE-2022-50158 at SUSE CVE-2022-50158 at NVD CVE-2022-50160 at SUSE CVE-2022-50160 at NVD CVE-2022-50161 at SUSE CVE-2022-50161 at NVD CVE-2022-50162 at SUSE CVE-2022-50162 at NVD CVE-2022-50164 at SUSE CVE-2022-50164 at NVD CVE-2022-50165 at SUSE CVE-2022-50165 at NVD CVE-2022-50166 at SUSE CVE-2022-50166 at NVD CVE-2022-50169 at SUSE CVE-2022-50169 at NVD CVE-2022-50171 at SUSE CVE-2022-50171 at NVD CVE-2022-50172 at SUSE CVE-2022-50172 at NVD CVE-2022-50173 at SUSE CVE-2022-50173 at NVD CVE-2022-50175 at SUSE CVE-2022-50175 at NVD CVE-2022-50176 at SUSE CVE-2022-50176 at NVD CVE-2022-50178 at SUSE CVE-2022-50178 at NVD CVE-2022-50179 at SUSE CVE-2022-50179 at NVD CVE-2022-50181 at SUSE CVE-2022-50181 at NVD CVE-2022-50183 at SUSE CVE-2022-50183 at NVD CVE-2022-50184 at SUSE CVE-2022-50184 at NVD CVE-2022-50185 at SUSE CVE-2022-50185 at NVD CVE-2022-50186 at SUSE CVE-2022-50186 at NVD CVE-2022-50187 at SUSE CVE-2022-50187 at NVD CVE-2022-50188 at SUSE CVE-2022-50188 at NVD CVE-2022-50190 at SUSE CVE-2022-50190 at NVD CVE-2022-50191 at SUSE CVE-2022-50191 at NVD CVE-2022-50192 at SUSE CVE-2022-50192 at NVD CVE-2022-50194 at SUSE CVE-2022-50194 at NVD CVE-2022-50196 at SUSE CVE-2022-50196 at NVD CVE-2022-50197 at SUSE CVE-2022-50197 at NVD CVE-2022-50198 at SUSE CVE-2022-50198 at NVD CVE-2022-50199 at SUSE CVE-2022-50199 at NVD CVE-2022-50200 at SUSE CVE-2022-50200 at NVD CVE-2022-50201 at SUSE CVE-2022-50201 at NVD CVE-2022-50202 at SUSE CVE-2022-50202 at NVD CVE-2022-50203 at SUSE CVE-2022-50203 at NVD CVE-2022-50204 at SUSE CVE-2022-50204 at NVD CVE-2022-50206 at SUSE CVE-2022-50206 at NVD CVE-2022-50207 at SUSE CVE-2022-50207 at NVD CVE-2022-50208 at SUSE CVE-2022-50208 at NVD CVE-2022-50209 at SUSE CVE-2022-50209 at NVD CVE-2022-50211 at SUSE CVE-2022-50211 at NVD CVE-2022-50212 at SUSE CVE-2022-50212 at NVD CVE-2022-50213 at SUSE CVE-2022-50213 at NVD CVE-2022-50215 at SUSE CVE-2022-50215 at NVD CVE-2022-50218 at SUSE CVE-2022-50218 at NVD CVE-2022-50220 at SUSE CVE-2022-50220 at NVD CVE-2022-50221 at SUSE CVE-2022-50221 at NVD CVE-2022-50222 at SUSE CVE-2022-50222 at NVD CVE-2022-50226 at SUSE CVE-2022-50226 at NVD CVE-2022-50228 at SUSE CVE-2022-50228 at NVD CVE-2022-50229 at SUSE CVE-2022-50229 at NVD CVE-2022-50231 at SUSE CVE-2022-50231 at NVD CVE-2023-3111 at SUSE CVE-2023-3111 at NVD CVE-2023-52924 at SUSE CVE-2023-52924 at NVD CVE-2023-52925 at SUSE CVE-2023-52925 at NVD CVE-2023-53046 at SUSE CVE-2023-53046 at NVD CVE-2023-53048 at SUSE CVE-2023-53048 at NVD CVE-2023-53076 at SUSE CVE-2023-53076 at NVD CVE-2023-53097 at SUSE CVE-2023-53097 at NVD CVE-2024-26808 at SUSE CVE-2024-26808 at NVD CVE-2024-26924 at SUSE CVE-2024-26924 at NVD CVE-2024-26935 at SUSE CVE-2024-26935 at NVD CVE-2024-27397 at SUSE CVE-2024-27397 at NVD CVE-2024-28956 at SUSE CVE-2024-28956 at NVD CVE-2024-35840 at SUSE CVE-2024-35840 at NVD CVE-2024-36978 at SUSE CVE-2024-36978 at NVD CVE-2024-46800 at SUSE CVE-2024-46800 at NVD CVE-2024-53125 at SUSE CVE-2024-53125 at NVD CVE-2024-53141 at SUSE CVE-2024-53141 at NVD CVE-2024-53197 at SUSE CVE-2024-53197 at NVD CVE-2024-56770 at SUSE CVE-2024-56770 at NVD CVE-2024-57999 at SUSE CVE-2024-57999 at NVD CVE-2025-21700 at SUSE CVE-2025-21700 at NVD CVE-2025-21702 at SUSE CVE-2025-21702 at NVD CVE-2025-21703 at SUSE CVE-2025-21703 at NVD CVE-2025-21756 at SUSE CVE-2025-21756 at NVD CVE-2025-23141 at SUSE CVE-2025-23141 at NVD CVE-2025-23145 at SUSE CVE-2025-23145 at NVD CVE-2025-37752 at SUSE CVE-2025-37752 at NVD CVE-2025-37785 at SUSE CVE-2025-37785 at NVD CVE-2025-37798 at SUSE CVE-2025-37798 at NVD CVE-2025-37823 at SUSE CVE-2025-37823 at NVD CVE-2025-37890 at SUSE CVE-2025-37890 at NVD CVE-2025-37932 at SUSE CVE-2025-37932 at NVD CVE-2025-37948 at SUSE CVE-2025-37948 at NVD CVE-2025-37953 at SUSE CVE-2025-37953 at NVD CVE-2025-37963 at SUSE CVE-2025-37963 at NVD CVE-2025-37997 at SUSE CVE-2025-37997 at NVD CVE-2025-38000 at SUSE CVE-2025-38000 at NVD CVE-2025-38001 at SUSE CVE-2025-38001 at NVD CVE-2025-38014 at SUSE CVE-2025-38014 at NVD CVE-2025-38060 at SUSE CVE-2025-38060 at NVD CVE-2025-38083 at SUSE CVE-2025-38083 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471) - CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470) Important SUSE bug 1238896 SUSE bug 1244644 SUSE bug 1246112 CVE-2024-36350 at SUSE CVE-2024-36350 at NVD CVE-2024-36357 at SUSE CVE-2024-36357 at NVD CVE-2025-27465 at SUSE CVE-2025-27465 at NVD cpe:/o:suse:sle-micro:5.5 Security update for coreutils (Moderate) SUSE Linux Enterprise Micro 5.5 This update for coreutils fixes the following issues: - CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data (bsc#1243767) Moderate SUSE bug 1243767 CVE-2025-5278 at SUSE CVE-2025-5278 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2025-4373: integer overflow in the `g_string_insert_unichar()` function can lead to buffer underwrite and memory corruption (bsc#1242844). Moderate SUSE bug 1242844 CVE-2025-4373 at SUSE CVE-2025-4373 at NVD cpe:/o:suse:sle-micro:5.5 Security update for jq (Moderate) SUSE Linux Enterprise Micro 5.5 This update for jq fixes the following issues: - CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write (bsc#1243450). Moderate SUSE bug 1243450 CVE-2024-23337 at SUSE CVE-2024-23337 at NVD cpe:/o:suse:sle-micro:5.5 Security update for iputils (Moderate) SUSE Linux Enterprise Micro 5.5 This update for iputils fixes the following issues: - CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp (bsc#1243772). Moderate SUSE bug 1243772 CVE-2025-48964 at SUSE CVE-2025-48964 at NVD cpe:/o:suse:sle-micro:5.5 Security update for salt (Important) SUSE Linux Enterprise Micro 5.5 This update for salt fixes the following issues: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation (bsc#1244561) - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564) - CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565) - CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566) - CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567) - CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568) - CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570) - CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality (bsc#1244571) - CVE-2025-22238: Fixed the master's default cache vulnerability to a directory traversal attack (bsc#1244572) - CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574) - CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575) - CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268) - Other bugs fixed: - Added subsystem filter to udev.exportdb (bsc#1236621) - Fixed Ubuntu 24.04 test failures - Fixed refresh of osrelease and related grains on Python 3.10+ - Fixed issue requiring proper Python flavor for dependencies Important SUSE bug 1236621 SUSE bug 1243268 SUSE bug 1244561 SUSE bug 1244564 SUSE bug 1244565 SUSE bug 1244566 SUSE bug 1244567 SUSE bug 1244568 SUSE bug 1244570 SUSE bug 1244571 SUSE bug 1244572 SUSE bug 1244574 SUSE bug 1244575 CVE-2024-38822 at SUSE CVE-2024-38822 at NVD CVE-2024-38823 at SUSE CVE-2024-38823 at NVD CVE-2024-38824 at SUSE CVE-2024-38824 at NVD CVE-2024-38825 at SUSE CVE-2024-38825 at NVD CVE-2025-22236 at SUSE CVE-2025-22236 at NVD CVE-2025-22237 at SUSE CVE-2025-22237 at NVD CVE-2025-22238 at SUSE CVE-2025-22238 at NVD CVE-2025-22239 at SUSE CVE-2025-22239 at NVD CVE-2025-22240 at SUSE CVE-2025-22240 at NVD CVE-2025-22241 at SUSE CVE-2025-22241 at NVD CVE-2025-22242 at SUSE CVE-2025-22242 at NVD CVE-2025-47287 at SUSE CVE-2025-47287 at NVD cpe:/o:suse:sle-micro:5.5 Security update for polkit (Important) SUSE Linux Enterprise Micro 5.5 This update for polkit fixes the following issues: - CVE-2025-7519: Fixed a XML policy file with a large number of nested elements that may lead to out-of-bounds write. (bsc#1246472) Important SUSE bug 1246472 CVE-2025-7519 at SUSE CVE-2025-7519 at NVD cpe:/o:suse:sle-micro:5.5 Security update for boost (Important) SUSE Linux Enterprise Micro 5.5 This update for boost fixes the following issues: - CVE-2016-9840: Fixed out-of-bounds pointer arithmetic in zlib in beast (bsc#1245936) Important SUSE bug 1245936 CVE-2016-9840 at SUSE CVE-2016-9840 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). - CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). - CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). - CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). - CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333). - CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417). - CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). - CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). - CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). - CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). - CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). - CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). - CVE-2025-38289: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1246287). The following non-security bugs were fixed: - Revert 'hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).' - Revert 'mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race' - Revert 'mm/hugetlb: unshare page tables during VMA split, not before' - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (bsc#1244523). - net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480 bsc#1246555). Important SUSE bug 1206051 SUSE bug 1221829 SUSE bug 1233551 SUSE bug 1234480 SUSE bug 1234863 SUSE bug 1236104 SUSE bug 1236333 SUSE bug 1238160 SUSE bug 1239644 SUSE bug 1242417 SUSE bug 1244523 SUSE bug 1245217 SUSE bug 1245431 SUSE bug 1246000 SUSE bug 1246029 SUSE bug 1246037 SUSE bug 1246045 SUSE bug 1246073 SUSE bug 1246186 SUSE bug 1246287 SUSE bug 1246555 CVE-2022-49138 at SUSE CVE-2022-49138 at NVD CVE-2022-49770 at SUSE CVE-2022-49770 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-52927 at SUSE CVE-2023-52927 at NVD CVE-2024-26643 at SUSE CVE-2024-26643 at NVD CVE-2024-53057 at SUSE CVE-2024-53057 at NVD CVE-2024-53164 at SUSE CVE-2024-53164 at NVD CVE-2024-57947 at SUSE CVE-2024-57947 at NVD CVE-2025-37797 at SUSE CVE-2025-37797 at NVD CVE-2025-38079 at SUSE CVE-2025-38079 at NVD CVE-2025-38181 at SUSE CVE-2025-38181 at NVD CVE-2025-38200 at SUSE CVE-2025-38200 at NVD CVE-2025-38206 at SUSE CVE-2025-38206 at NVD CVE-2025-38212 at SUSE CVE-2025-38212 at NVD CVE-2025-38213 at SUSE CVE-2025-38213 at NVD CVE-2025-38257 at SUSE CVE-2025-38257 at NVD CVE-2025-38289 at SUSE CVE-2025-38289 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Important) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299) - CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232) - CVE-2025-32989: Fix heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233) - CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267) Important SUSE bug 1246232 SUSE bug 1246233 SUSE bug 1246267 SUSE bug 1246299 CVE-2025-32988 at SUSE CVE-2025-32988 at NVD CVE-2025-32989 at SUSE CVE-2025-32989 at NVD CVE-2025-32990 at SUSE CVE-2025-32990 at NVD CVE-2025-6395 at SUSE CVE-2025-6395 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sqlite3 (Important) SUSE Linux Enterprise Micro 5.5 This update for sqlite3 fixes the following issues: - Update to version 3.50.2 - CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. (bsc#1246597) Important SUSE bug 1246597 CVE-2025-6965 at SUSE CVE-2025-6965 at NVD cpe:/o:suse:sle-micro:5.5 Security update for systemd (Moderate) SUSE Linux Enterprise Micro 5.5 This update for systemd fixes the following issues: - CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump (bsc#1243935). Moderate SUSE bug 1243935 CVE-2025-4598 at SUSE CVE-2025-4598 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cairo (Low) SUSE Linux Enterprise Micro 5.5 This update for cairo fixes the following issues: - CVE-2019-6461: avoid assert when drawing arcs with NaN angles (bsc#1122338). Low SUSE bug 1122338 CVE-2019-6461 at SUSE CVE-2019-6461 at NVD cpe:/o:suse:sle-micro:5.5 Security update for grub2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for grub2 fixes the following issues: - CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) Moderate SUSE bug 1234959 CVE-2024-56738 at SUSE CVE-2024-56738 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libarchive (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libarchive fixes the following issues: - CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272) - CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273) - CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270) - CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336) - CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279) Moderate SUSE bug 1244270 SUSE bug 1244272 SUSE bug 1244273 SUSE bug 1244279 SUSE bug 1244336 CVE-2025-5914 at SUSE CVE-2025-5914 at NVD CVE-2025-5915 at SUSE CVE-2025-5915 at NVD CVE-2025-5916 at SUSE CVE-2025-5916 at NVD CVE-2025-5917 at SUSE CVE-2025-5917 at NVD CVE-2025-5918 at SUSE CVE-2025-5918 at NVD cpe:/o:suse:sle-micro:5.5 Security update for dpkg (Moderate) SUSE Linux Enterprise Micro 5.5 This update for dpkg fixes the following issues: - CVE-2025-6297: Fixed an improper sanitization of directory permissions that could lead to DoS. (bsc#1245573) Moderate SUSE bug 1245573 CVE-2025-6297 at SUSE CVE-2025-6297 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296) Important SUSE bug 1246296 CVE-2025-7425 at SUSE CVE-2025-7425 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libgcrypt (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts (bsc#1221107). Moderate SUSE bug 1221107 CVE-2024-2236 at SUSE CVE-2024-2236 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler (bsc#1243273). - CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory (bsc#1244056) - CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the modification of some file metadata (bsc#1244059) - CVE-2025-4330: Fixed extraction filter bypass that allowed linking outside extraction directory (bsc#1244060) - CVE-2025-4435: Fixed Tarfile extracts filtered members when errorlevel=0 (bsc#1244061) - CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter='data' (bsc#1244032) - CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705) - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249) Other fixes: - Limit buffer size for IPv6 address parsing (bsc#1244401). Important SUSE bug 1233012 SUSE bug 1243273 SUSE bug 1244032 SUSE bug 1244056 SUSE bug 1244059 SUSE bug 1244060 SUSE bug 1244061 SUSE bug 1244401 SUSE bug 1244705 SUSE bug 1247249 SUSE bug 831629 CVE-2024-12718 at SUSE CVE-2024-12718 at NVD CVE-2025-4138 at SUSE CVE-2025-4138 at NVD CVE-2025-4330 at SUSE CVE-2025-4330 at NVD CVE-2025-4435 at SUSE CVE-2025-4435 at NVD CVE-2025-4516 at SUSE CVE-2025-4516 at NVD CVE-2025-4517 at SUSE CVE-2025-4517 at NVD CVE-2025-6069 at SUSE CVE-2025-6069 at NVD CVE-2025-8194 at SUSE CVE-2025-8194 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gstreamer-plugins-base (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gstreamer-plugins-base fixes the following issues: - CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404). - CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403). - CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser (bsc#1244407). Moderate SUSE bug 1244403 SUSE bug 1244404 SUSE bug 1244407 CVE-2025-47806 at SUSE CVE-2025-47806 at NVD CVE-2025-47807 at SUSE CVE-2025-47807 at NVD CVE-2025-47808 at SUSE CVE-2025-47808 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate (bsc#1245320) Important SUSE bug 1245320 CVE-2025-6032 at SUSE CVE-2025-6032 at NVD cpe:/o:suse:sle-micro:5.5 Security update for rust-keylime (Important) SUSE Linux Enterprise Micro 5.5 This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: * CVE-2025-58266: shlex: Fixed command injection (bsc#1247193) - Update to version 0.2.7+117: * CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames (bsc#1210344). * CVE-2024-12224: rust-keylime: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243861). * CVE-2024-32650: rust-keylime: rust-rustls: Infinite loop in rustls::conn::ConnectionCommon:complete_io() with proper client input (bsc#1223234). * CVE-2024-43806: rust-keylime: rustix: rustix::fs::Dir iterator with the linux_raw backend can cause memory explosion (bsc#1229952). * CVE-2025-3416: rust-keylime: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242623). * rust-shlex: Multiple issues involving quote API ( RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27, bsc#1230029) Important SUSE bug 1210344 SUSE bug 1223234 SUSE bug 1229952 SUSE bug 1230029 SUSE bug 1242623 SUSE bug 1243861 SUSE bug 1247193 CVE-2023-26964 at SUSE CVE-2023-26964 at NVD CVE-2024-12224 at SUSE CVE-2024-12224 at NVD CVE-2024-32650 at SUSE CVE-2024-32650 at NVD CVE-2024-43806 at SUSE CVE-2024-43806 at NVD CVE-2025-3416 at SUSE CVE-2025-3416 at NVD CVE-2025-58266 at SUSE CVE-2025-58266 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Important) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c (bsc#1247108) - CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow() when processing malformed TIFF files (bsc#1247106) Important SUSE bug 1247106 SUSE bug 1247108 CVE-2025-8176 at SUSE CVE-2025-8176 at NVD CVE-2025-8177 at SUSE CVE-2025-8177 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). - CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). - CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). - CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). - CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). - CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164). - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). - CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417). - CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). - CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). - CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). - CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). - CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). - CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186). - CVE-2025-38289: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1246287). - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). - CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). - CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314). - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: - Revert 'hugetlb: unshare some PMDs when splitting VMAs' (bsc#1245431). - Revert 'mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race' - Revert 'mm/hugetlb: unshare page tables during VMA split, not before' - bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (bsc#1244523). - net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480 bsc#1246555). Important SUSE bug 1206051 SUSE bug 1221829 SUSE bug 1233551 SUSE bug 1234480 SUSE bug 1234863 SUSE bug 1236104 SUSE bug 1236333 SUSE bug 1237164 SUSE bug 1238160 SUSE bug 1239644 SUSE bug 1240799 SUSE bug 1242414 SUSE bug 1242417 SUSE bug 1244309 SUSE bug 1244523 SUSE bug 1245217 SUSE bug 1245431 SUSE bug 1245506 SUSE bug 1245711 SUSE bug 1245986 SUSE bug 1246000 SUSE bug 1246029 SUSE bug 1246037 SUSE bug 1246045 SUSE bug 1246073 SUSE bug 1246186 SUSE bug 1246287 SUSE bug 1246555 SUSE bug 1246781 SUSE bug 1247314 SUSE bug 1247347 SUSE bug 1247348 SUSE bug 1247349 SUSE bug 1247437 CVE-2022-49138 at SUSE CVE-2022-49138 at NVD CVE-2022-49770 at SUSE CVE-2022-49770 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-52927 at SUSE CVE-2023-52927 at NVD CVE-2024-26643 at SUSE CVE-2024-26643 at NVD CVE-2024-53057 at SUSE CVE-2024-53057 at NVD CVE-2024-53164 at SUSE CVE-2024-53164 at NVD CVE-2024-57947 at SUSE CVE-2024-57947 at NVD CVE-2025-21701 at SUSE CVE-2025-21701 at NVD CVE-2025-21971 at SUSE CVE-2025-21971 at NVD CVE-2025-37797 at SUSE CVE-2025-37797 at NVD CVE-2025-37798 at SUSE CVE-2025-37798 at NVD CVE-2025-38079 at SUSE CVE-2025-38079 at NVD CVE-2025-38088 at SUSE CVE-2025-38088 at NVD CVE-2025-38120 at SUSE CVE-2025-38120 at NVD CVE-2025-38177 at SUSE CVE-2025-38177 at NVD CVE-2025-38181 at SUSE CVE-2025-38181 at NVD CVE-2025-38200 at SUSE CVE-2025-38200 at NVD CVE-2025-38206 at SUSE CVE-2025-38206 at NVD CVE-2025-38212 at SUSE CVE-2025-38212 at NVD CVE-2025-38213 at SUSE CVE-2025-38213 at NVD CVE-2025-38257 at SUSE CVE-2025-38257 at NVD CVE-2025-38289 at SUSE CVE-2025-38289 at NVD CVE-2025-38350 at SUSE CVE-2025-38350 at NVD CVE-2025-38468 at SUSE CVE-2025-38468 at NVD CVE-2025-38477 at SUSE CVE-2025-38477 at NVD CVE-2025-38494 at SUSE CVE-2025-38494 at NVD CVE-2025-38495 at SUSE CVE-2025-38495 at NVD CVE-2025-38497 at SUSE CVE-2025-38497 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-Jinja2 (Important) SUSE Linux Enterprise Micro 5.5 This update for python-Jinja2 fixes the following issues: - CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method (bsc#1234809) Important SUSE bug 1234809 CVE-2024-56326 at SUSE CVE-2024-56326 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker (Moderate) SUSE Linux Enterprise Micro 5.5 This update for docker fixes the following issues: - Update to Docker 28.3.3-ce. - CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367) Moderate SUSE bug 1246556 SUSE bug 1247367 CVE-2025-54388 at SUSE CVE-2025-54388 at NVD cpe:/o:suse:sle-micro:5.5 Security update for jq (Moderate) SUSE Linux Enterprise Micro 5.5 This update for jq fixes the following issues: - CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (bsc#1244116) Moderate SUSE bug 1244116 CVE-2025-48060 at SUSE CVE-2025-48060 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ignition (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 (bsc#1236518) Moderate SUSE bug 1236518 CVE-2023-45288 at SUSE CVE-2023-45288 at NVD cpe:/o:suse:sle-micro:5.5 Security update for rust-keylime (Moderate) SUSE Linux Enterprise Micro 5.5 This update for rust-keylime fixes the following issues: - Update slab to version 0.4.11: * CVE-2025-55159: Fixed incorrect bounds check in get_disjoint_mut function (bsc#1248006) - Update to version 0.2.8+12: * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump cfg-if from 1.0.0 to 1.0.1 * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump clap from 4.5.39 to 4.5.45 * build(deps): bump pest from 2.8.0 to 2.8.1 * Fix clippy warnings * Use verifier-provided interval for continuous attestation timing * Add meta object with seconds_to_next_attestation to evidence response * Fix boot time retrieval * Fix IMA log format (it must be ['text/plain']) (#1073) * Remove unnecessary configuration fields * cargo: Bump retry-policies to version 0.4.0 Moderate SUSE bug 1248006 CVE-2025-55159 at SUSE CVE-2025-55159 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gdk-pixbuf (Important) SUSE Linux Enterprise Micro 5.5 This update for gdk-pixbuf fixes the following issues: - CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory contents leak (bsc#1245227) - CVE-2025-7345: Fixed heap buffer overflow within the gdk_pixbuf__jpeg_image_load_increment function (bsc#1246114) Important SUSE bug 1245227 SUSE bug 1246114 CVE-2025-6199 at SUSE CVE-2025-6199 at NVD CVE-2025-7345 at SUSE CVE-2025-7345 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam (Moderate) SUSE Linux Enterprise Micro 5.5 This update for pam fixes the following issues: - Improve previous CVE-2024-10041 fix which led to CPU performance issues (bsc#1232234) Moderate SUSE bug 1232234 SUSE bug 1246221 CVE-2024-10041 at SUSE CVE-2024-10041 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3 fixes the following issues: - CVE-2025-50181: Pool managers now properly control redirects when retries is passed. (bsc#1244925) Moderate SUSE bug 1244925 CVE-2025-50181 at SUSE CVE-2025-50181 at NVD cpe:/o:suse:sle-micro:5.5 Security update for udisks2 (Important) SUSE Linux Enterprise Micro 5.5 This update for udisks2 fixes the following issues: - CVE-2025-8067: Fixed missing bounds check can lead to out-of-bounds read in udisks daemon (bsc#1248502) Important SUSE bug 1248502 CVE-2025-8067 at SUSE CVE-2025-8067 at NVD cpe:/o:suse:sle-micro:5.5 Security update for google-osconfig-agent (Moderate) SUSE Linux Enterprise Micro 5.5 This update for google-osconfig-agent fixes the following issues: - Update to version 20250115.01 (bsc#1236406, bsc#1236407) - CVE-2024-24790: Bump the golang compiler version to 1.22.4 (bsc#1225974) Moderate SUSE bug 1225974 SUSE bug 1236406 SUSE bug 1236407 CVE-2024-24790 at SUSE CVE-2024-24790 at NVD cpe:/o:suse:sle-micro:5.5 Security update for git (Important) SUSE Linux Enterprise Micro 5.5 This update for git fixes the following issues: Updated to 2.43.7 (jsc#PED-13447): - CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk (bsc#1245938) - CVE-2025-27614: Fixed arbitrary script execution via repo clonation in Gitk (bsc#1245939) - CVE-2025-46835: Fixed arbitrary writable file creation via untrusted repository clonation in Git GUI (bsc#1245942) - CVE-2025-48384: Fixed arbitrary writable file creation when cloning untrusted repositories with submodules using the --recursive flag (bsc#1245943) - CVE-2025-48385: Fixed arbitrary code execution due to protocol injection via fetching advertised bundle (bsc#1245946) Other fixes: - Drop git-credential-gnome-keyring package as it was dropped upstream, use git-credential-libsecret instead - git-add--interactive was removed upstream in favor of built in implementation, which was already the default in SLE. Important SUSE bug 1245938 SUSE bug 1245939 SUSE bug 1245942 SUSE bug 1245943 SUSE bug 1245946 CVE-2025-27613 at SUSE CVE-2025-27613 at NVD CVE-2025-27614 at SUSE CVE-2025-27614 at NVD CVE-2025-46835 at SUSE CVE-2025-46835 at NVD CVE-2025-48384 at SUSE CVE-2025-48384 at NVD CVE-2025-48385 at SUSE CVE-2025-48385 at NVD cpe:/o:suse:sle-micro:5.5 Security update for krb5 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for krb5 fixes the following issues: - CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash (bsc#1236619). Moderate SUSE bug 1236619 CVE-2025-24528 at SUSE CVE-2025-24528 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-future (Important) SUSE Linux Enterprise Micro 5.5 This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py (bsc#1248124) Important SUSE bug 1248124 CVE-2025-50817 at SUSE CVE-2025-50817 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20250812 release (bsc#1248438) - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access. - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - Update for functional issues. - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5 | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6 | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3 | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores New Disclosures Updated in Prior Releases: All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025. Important SUSE bug 1248438 CVE-2025-20053 at SUSE CVE-2025-20053 at NVD CVE-2025-20109 at SUSE CVE-2025-20109 at NVD CVE-2025-22839 at SUSE CVE-2025-22839 at NVD CVE-2025-22840 at SUSE CVE-2025-22840 at NVD CVE-2025-22889 at SUSE CVE-2025-22889 at NVD CVE-2025-26403 at SUSE CVE-2025-26403 at NVD CVE-2025-32086 at SUSE CVE-2025-32086 at NVD cpe:/o:suse:sle-micro:5.5 Security update for nvidia-open-driver-G06-signed (Important) SUSE Linux Enterprise Micro 5.5 This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.65.06: - CVE-2025-23277: Fixed access memory outside bounds permitted under normal use cases in NVIDIA Display Driver (bsc#1247528) - CVE-2025-23278: Fixed improper index validation by issuing a call with crafted parameters in NVIDIA Display Driver (bsc#1247529) - CVE-2025-23286: Fixed invalid memory read in NVIDIA GPU Display Driver (bsc#1247530) - CVE-2025-23283: Fixed stack buffer overflow triggerable by a malicious guest in Virtual GPU Manager in NVIDIA vGPU software (bsc#1247531) - CVE-2025-23279: Fixed race condition that lead to privileges escalations in NVIDIA .run Installer (bsc#1247532) Updated non-CUDA variant to 570.172.08 (bsc#1246327) Important SUSE bug 1236191 SUSE bug 1236658 SUSE bug 1236746 SUSE bug 1237308 SUSE bug 1237585 SUSE bug 1239139 SUSE bug 1239653 SUSE bug 1241231 SUSE bug 1242054 SUSE bug 1243192 SUSE bug 1244614 SUSE bug 1246010 SUSE bug 1246327 SUSE bug 1247528 SUSE bug 1247529 SUSE bug 1247530 SUSE bug 1247531 SUSE bug 1247532 CVE-2025-23277 at SUSE CVE-2025-23277 at NVD CVE-2025-23278 at SUSE CVE-2025-23278 at NVD CVE-2025-23279 at SUSE CVE-2025-23279 at NVD CVE-2025-23283 at SUSE CVE-2025-23283 at NVD CVE-2025-23286 at SUSE CVE-2025-23286 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Low) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2025-4945: Fixed Integer Overflow in Cookie Expiration Date Handling in libsoup (bsc#1243314). Low SUSE bug 1243314 CVE-2025-4945 at SUSE CVE-2025-4945 at NVD cpe:/o:suse:sle-micro:5.5 Security update for regionServiceClientConfigAzure (Critical) SUSE Linux Enterprise Micro 5.5 This update for regionServiceClientConfigAzure contains the following fixes: - Update to version 3.0.0.(bsc#1246995) + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update dependency name for metadata package, name change in SLE 16. (bsc#1243419) + Replacing certificate for rgnsrv-azure-southeastasia to get rid of weird chain cert Critical SUSE bug 1243419 SUSE bug 1246995 cpe:/o:suse:sle-micro:5.5 Security update for regionServiceClientConfigEC2 (Critical) SUSE Linux Enterprise Micro 5.5 This update for regionServiceClientConfigEC2 contains the following fixes: - Update to version 5.0.0. (bsc#1246995) + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update dependency to accomodate metadata binary package name change in SLE 16. (bsc#1243419) + New 4096 certificate for rgnsrv-ec2-us-east1 Critical SUSE bug 1243419 SUSE bug 1246995 cpe:/o:suse:sle-micro:5.5 Security update for regionServiceClientConfigGCE (Critical) SUSE Linux Enterprise Micro 5.5 This update for regionServiceClientConfigGCE contains the following fixes: - Update to version 5.0.0 (bsc#1246995) + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update conditional to handle name change of metadata package in SLE 16. (bsc#1242063) + Add noipv6 patch Critical SUSE bug 1242063 SUSE bug 1246995 cpe:/o:suse:sle-micro:5.5 Security update for clamav (Important) SUSE Linux Enterprise Micro 5.5 This update for clamav fixes the following issues: New version 1.4.2: * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to access user files. (bsc#1232242) - New version 1.4.1: * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html - New version 1.4.0: * Added support for extracting ALZ archives. * Added support for extracting LHA/LZH archives. * Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document. * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html - New version 1.3.2: * CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service condition. * Removed unused Python modules from freshclam tests including deprecated 'cgi' module that is expected to cause test failures in Python 3.13. * Fix unit test caused by expiring signing certificate. * Fixed a build issue on Windows with newer versions of Rust. Also upgraded GitHub Actions imports to fix CI failures. * Fixed an unaligned pointer dereference issue on select architectures. * Fixes to Jenkins CI pipeline. - New Version: 1.3.1: * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition. * Updated select Rust dependencies to the latest versions. * Fixed a bug causing some text to be truncated when converting from UTF-16. * Fixed assorted complaints identified by Coverity static analysis. * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL * Added the new 'valhalla' database name to the list of optional databases in preparation for future work. - New version: 1.3.0: * Added support for extracting and scanning attachments found in Microsoft OneNote section files. OneNote parsing will be enabled by default, but may be optionally disabled. * Added file type recognition for compiled Python ('.pyc') files. * Improved support for decrypting PDFs with empty passwords. * Fixed a warning when scanning some HTML files. * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist. * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a scan. - New version: 1.2.0: * Added support for extracting Universal Disk Format (UDF) partitions. * Added an option to customize the size of ClamAV's clean file cache. * Raised the MaxScanSize limit so the total amount of data scanned when scanning a file or archive may exceed 4 gigabytes. * Added ability for Freshclam to use a client certificate PEM file and a private key PEM file for authentication to a private mirror. * Fix an issue extracting files from ISO9660 partitions where the files are listed in the plain ISO tree and there also exists an empty Joliet tree. * PID and socket are now located under /run/clamav/clamd.pid and /run/clamav/clamd.sock . * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load process after partially loading an invalid signature. - New version 1.1.0: * https://blog.clamav.net/2023/05/clamav-110-released.html * Added the ability to extract images embedded in HTML CSS <style> blocks. * Updated to Sigtool so that the '--vba' option will extract VBA code from Microsoft Office documents the same way that libclamav extracts VBA. * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and FailIfCvdOlderThan to clamd.conf * Added a new function 'cl_cvdgetage()' to the libclamav API. * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API. - bsc#1180296: Integrate clamonacc as a service. - New version 1.0.1 LTS (including changes in 0.104 and 0.105): * As of ClamAV 0.104, CMake is required to build ClamAV. * As of ClamAV 0.105, Rust is now required to compile ClamAV. * Increased the default limits for file and scan size: * MaxScanSize: 100M to 400M * MaxFileSize: 25M to 100M * StreamMaxLength: 25M to 100M * PCREMaxFileSize: 25M to 100M * MaxEmbeddedPE: 10M to 40M * MaxHTMLNormalize: 10M to 40M * MaxScriptNormalize: 5M to 20M * MaxHTMLNoTags: 2M to 8M * Added image fuzzy hash subsignatures for logical signatures. * Support for decrypting read-only OLE2-based XLS files that are encrypted with the default password. * Overhauled the implementation of the all-match feature. * Added a new callback to the public API for inspecting file content during a scan at each layer of archive extraction. * Added a new function to the public API for unpacking CVD signature archives. * The option to build with an external TomsFastMath library has been removed. ClamAV requires non-default build options for TomsFastMath to support bigger floating point numbers. * For a full list of changes see the release announcements: * https://blog.clamav.net/2022/11/clamav-100-lts-released.html * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html * https://blog.clamav.net/2021/09/clamav-01040-released.html - Build clamd with systemd support. * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+ file parser. (bsc#1214342) * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized da (bsc#1103032) - Package huge .html documentation in a separate subpackage. - Update to 0.103.7 (bsc#1202986) - Zip parser: tolerate 2-byte overlap in file entries - Fix bug with logical signature Intermediates feature - Update to UnRAR v6.1.7 - Patch UnRAR: allow skipping files in solid archives - Patch UnRAR: limit dict winsize to 1GB - Use a split-provides for clamav-milter instead of recommending it. - Package clamav-milter in a subpackage - Remove virus signatures upon uninstall - Check for database existence before starting clamd - Restart clamd when it exits - Don't daemonize freshclam, but use a systemd timer instead to trigger updates Important SUSE bug 1102840 SUSE bug 1103032 SUSE bug 1180296 SUSE bug 1202986 SUSE bug 1211594 SUSE bug 1214342 SUSE bug 1232242 SUSE bug 1236307 CVE-2018-14679 at SUSE CVE-2018-14679 at NVD CVE-2023-20197 at SUSE CVE-2023-20197 at NVD CVE-2024-20380 at SUSE CVE-2024-20380 at NVD CVE-2024-20505 at SUSE CVE-2024-20505 at NVD CVE-2024-20506 at SUSE CVE-2024-20506 at NVD CVE-2025-20128 at SUSE CVE-2025-20128 at NVD cpe:/o:suse:sle-micro:5.5 Security update for net-tools (Moderate) SUSE Linux Enterprise Micro 5.5 This update for net-tools fixes the following issues: Security issues fixed: - CVE-2025-46836: missing bounds check in `get_name` may lead to a stack buffer overflow (bsc#1243581). - Avoid unsafe use of `memcpy` in `ifconfig` (bsc#1248687). - Prevent overflow in `ax25` and `netrom` (bsc#1248687). - Fix stack buffer overflow in `parse_hex` (bsc#1248687). - Fix stack buffer overflow in `proc_gen_fmt` (bsc#1248687). Other issues fixed: - Allow use of long interface names after CVE-2025-46836 fix, even if they are not accepted by the kernel (bsc#1248410). - Fix netrom support. Moderate SUSE bug 1243581 SUSE bug 1246608 SUSE bug 1248410 SUSE bug 1248687 SUSE bug 142461 CVE-2025-46836 at SUSE CVE-2025-46836 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cups (Important) SUSE Linux Enterprise Micro 5.5 This update for cups fixes the following issues: - CVE-2024-47175: no validation of IPP attributes in `ppdCreatePPDFromIPP2` when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD (bsc#1230932). - CVE-2025-58060: no password check when `AuthType` is set to anything but `Basic` and a request is made with an `Authorization: Basic` header (bsc#1249049). - CVE-2025-58364: unsafe deserialization and validation of printer attributes leads to NULL pointer dereference (bsc#1249128). Important SUSE bug 1230932 SUSE bug 1246533 SUSE bug 1249049 SUSE bug 1249128 CVE-2024-47175 at SUSE CVE-2024-47175 at NVD CVE-2025-58060 at SUSE CVE-2025-58060 at NVD CVE-2025-58364 at SUSE CVE-2025-58364 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Important) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: Security issues fixed: - CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer (bsc#1249191). - CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server (bsc#1249348). Other issues fixed: - Fix the --ftp-pasv option in curl v8.14.1 (bsc#1246197). * tool_getparam: fix --ftp-pasv [5f805ee] - Update to version 8.14.1 (jsc#PED-13055, jsc#PED-13056). * TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs. * websocket: add option to disable auto-pong reply. * huge number of bugfixes. Please see https://curl.se/ch/ for full changelogs. Important SUSE bug 1246197 SUSE bug 1249191 SUSE bug 1249348 SUSE bug 1249367 CVE-2025-10148 at SUSE CVE-2025-10148 at NVD CVE-2025-9086 at SUSE CVE-2025-9086 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Important) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: Security issues fixed: - CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer (bsc#1249191). - CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server (bsc#1249348). Other issues fixed: - Fix the --ftp-pasv option in curl v8.14.1 (bsc#1246197). * tool_getparam: fix --ftp-pasv [5f805ee] - Update to version 8.14.1 (jsc#PED-13055, jsc#PED-13056). * TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs. * websocket: add option to disable auto-pong reply. * huge number of bugfixes. Please see https://curl.se/ch/ for full changelogs. Important SUSE bug 1246197 SUSE bug 1249191 SUSE bug 1249348 SUSE bug 1249367 CVE-2025-10148 at SUSE CVE-2025-10148 at NVD CVE-2025-9086 at SUSE CVE-2025-9086 at NVD cpe:/o:suse:sle-micro:5.5 Security update for bluez (Moderate) SUSE Linux Enterprise Micro 5.5 This update for bluez fixes the following issues: - CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections (bsc#1217877). Moderate SUSE bug 1217877 CVE-2023-45866 at SUSE CVE-2023-45866 at NVD cpe:/o:suse:sle-micro:5.5 Security update for krb5 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for krb5 fixes the following issues: - CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 (bsc#1241219). Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current cryptographic standards. To avoid problems with those, SUSE has by default now disabled those alorithms. The following algorithms have been removed from valid krb5 enctypes: - des3-cbc-sha1 - arcfour-hmac-md5 To reenable those algorithms, you can use allow options in krb5.conf: [libdefaults] allow_des3 = true allow_rc4 = true to reenable them. Moderate SUSE bug 1241219 CVE-2025-3576 at SUSE CVE-2025-3576 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cairo (Low) SUSE Linux Enterprise Micro 5.5 This update for cairo fixes the following issues: - CVE-2025-50422: NULL pointer access in `active_edges_to_traps()` can lead to crash in Poppler (bsc#1247589). Low SUSE bug 1247589 CVE-2025-50422 at SUSE CVE-2025-50422 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usb_udc_uevent() (bsc#1245110). - CVE-2022-50116: tty: n_gsm: fix deadlock and link starvation in outgoing data path (bsc#1244824). - CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#122824 bsc#1233640). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1248614). - CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956). - CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). - CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). - CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). - CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). - CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976). - CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223). - CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248297). - CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312). - CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306). - CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338). - CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621). - CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511). - CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748). The following non-security bugs were fixed: - Disable N_GSM (jsc#PED-8240, bsc#1244824). - NFSv4.1: fix backchannel max_resp_sz verification check (bsc#1247518). - NFSv4: fairly test all delegations on a SEQ4_ revocation (bsc#1246211). - kabi fix for NFSv4: fairly test all delegations on a SEQ4_ revocation (bsc#1246211). - security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375). - selinux: Implement mptcp_add_subflow hook (bsc#1240375). Important SUSE bug 1229334 SUSE bug 1233640 SUSE bug 1234896 SUSE bug 1240375 SUSE bug 1242780 SUSE bug 1244824 SUSE bug 1245110 SUSE bug 1245956 SUSE bug 1245970 SUSE bug 1246211 SUSE bug 1246473 SUSE bug 1246911 SUSE bug 1247143 SUSE bug 1247374 SUSE bug 1247518 SUSE bug 1247976 SUSE bug 1248223 SUSE bug 1248297 SUSE bug 1248306 SUSE bug 1248312 SUSE bug 1248338 SUSE bug 1248511 SUSE bug 1248614 SUSE bug 1248621 SUSE bug 1248748 CVE-2022-49980 at SUSE CVE-2022-49980 at NVD CVE-2022-50116 at SUSE CVE-2022-50116 at NVD CVE-2023-53117 at SUSE CVE-2023-53117 at NVD CVE-2024-42265 at SUSE CVE-2024-42265 at NVD CVE-2024-53093 at SUSE CVE-2024-53093 at NVD CVE-2024-53177 at SUSE CVE-2024-53177 at NVD CVE-2024-58239 at SUSE CVE-2024-58239 at NVD CVE-2025-38180 at SUSE CVE-2025-38180 at NVD CVE-2025-38184 at SUSE CVE-2025-38184 at NVD CVE-2025-38323 at SUSE CVE-2025-38323 at NVD CVE-2025-38352 at SUSE CVE-2025-38352 at NVD CVE-2025-38460 at SUSE CVE-2025-38460 at NVD CVE-2025-38498 at SUSE CVE-2025-38498 at NVD CVE-2025-38499 at SUSE CVE-2025-38499 at NVD CVE-2025-38546 at SUSE CVE-2025-38546 at NVD CVE-2025-38555 at SUSE CVE-2025-38555 at NVD CVE-2025-38560 at SUSE CVE-2025-38560 at NVD CVE-2025-38563 at SUSE CVE-2025-38563 at NVD CVE-2025-38608 at SUSE CVE-2025-38608 at NVD CVE-2025-38617 at SUSE CVE-2025-38617 at NVD CVE-2025-38618 at SUSE CVE-2025-38618 at NVD CVE-2025-38644 at SUSE CVE-2025-38644 at NVD cpe:/o:suse:sle-micro:5.5 Security update for vim (Moderate) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin (bsc#1246604) - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip (bsc#1246602) - CVE-2025-55157: Fixed use-after-free in internal tuple reference management (bsc#1247938) - CVE-2025-55158: Fixed double-free in internal typed value (typval_T) management (bsc#1247939) Moderate SUSE bug 1246602 SUSE bug 1246604 SUSE bug 1247938 SUSE bug 1247939 CVE-2025-53905 at SUSE CVE-2025-53905 at NVD CVE-2025-53906 at SUSE CVE-2025-53906 at NVD CVE-2025-55157 at SUSE CVE-2025-55157 at NVD CVE-2025-55158 at SUSE CVE-2025-55158 at NVD cpe:/o:suse:sle-micro:5.5 Security update for avahi (Moderate) SUSE Linux Enterprise Micro 5.5 This update for avahi fixes the following issues: - CVE-2024-52615: wide-area DNS uses constant source port for queries and can expose the Avahi-daemon to DNS spoofing attacks (bsc#1233421). Moderate SUSE bug 1233421 CVE-2024-52615 at SUSE CVE-2024-52615 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usb_udc_uevent() (bsc#1245110). - CVE-2022-50116: kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path (bsc#1244824). - CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780). - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). - CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#1233640). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-58239: tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1248614). - CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164). - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). - CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970). - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956). - CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473). - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). - CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911). - CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143). - CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). - CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247314). - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). - CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374). - CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976). - CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223). - CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248297). - CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312). - CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306). - CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338). - CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621). - CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511). - CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748). The following non-security bugs were fixed: - Disable N_GSM (jsc#PED-8240). - NFSv4.1: fix backchannel max_resp_sz verification check (bsc#1247518). - NFSv4: fairly test all delegations on a SEQ4_ revocation (bsc#1246211). - kabi fix for NFSv4: fairly test all delegations on a SEQ4_ revocation (bsc#1246211). Important SUSE bug 1229334 SUSE bug 1233640 SUSE bug 1234896 SUSE bug 1236333 SUSE bug 1237164 SUSE bug 1240799 SUSE bug 1242414 SUSE bug 1242780 SUSE bug 1244309 SUSE bug 1244824 SUSE bug 1245110 SUSE bug 1245506 SUSE bug 1245711 SUSE bug 1245956 SUSE bug 1245970 SUSE bug 1245986 SUSE bug 1246211 SUSE bug 1246473 SUSE bug 1246781 SUSE bug 1246911 SUSE bug 1247143 SUSE bug 1247314 SUSE bug 1247347 SUSE bug 1247348 SUSE bug 1247349 SUSE bug 1247374 SUSE bug 1247437 SUSE bug 1247518 SUSE bug 1247976 SUSE bug 1248223 SUSE bug 1248297 SUSE bug 1248306 SUSE bug 1248312 SUSE bug 1248338 SUSE bug 1248511 SUSE bug 1248614 SUSE bug 1248621 SUSE bug 1248748 SUSE bug 1249353 CVE-2022-49980 at SUSE CVE-2022-49980 at NVD CVE-2022-50116 at SUSE CVE-2022-50116 at NVD CVE-2023-53117 at SUSE CVE-2023-53117 at NVD CVE-2024-42265 at SUSE CVE-2024-42265 at NVD CVE-2024-53093 at SUSE CVE-2024-53093 at NVD CVE-2024-53177 at SUSE CVE-2024-53177 at NVD CVE-2024-57947 at SUSE CVE-2024-57947 at NVD CVE-2024-58239 at SUSE CVE-2024-58239 at NVD CVE-2025-21701 at SUSE CVE-2025-21701 at NVD CVE-2025-21971 at SUSE CVE-2025-21971 at NVD CVE-2025-37798 at SUSE CVE-2025-37798 at NVD CVE-2025-38088 at SUSE CVE-2025-38088 at NVD CVE-2025-38120 at SUSE CVE-2025-38120 at NVD CVE-2025-38177 at SUSE CVE-2025-38177 at NVD CVE-2025-38180 at SUSE CVE-2025-38180 at NVD CVE-2025-38184 at SUSE CVE-2025-38184 at NVD CVE-2025-38323 at SUSE CVE-2025-38323 at NVD CVE-2025-38350 at SUSE CVE-2025-38350 at NVD CVE-2025-38352 at SUSE CVE-2025-38352 at NVD CVE-2025-38460 at SUSE CVE-2025-38460 at NVD CVE-2025-38468 at SUSE CVE-2025-38468 at NVD CVE-2025-38477 at SUSE CVE-2025-38477 at NVD CVE-2025-38494 at SUSE CVE-2025-38494 at NVD CVE-2025-38495 at SUSE CVE-2025-38495 at NVD CVE-2025-38497 at SUSE CVE-2025-38497 at NVD CVE-2025-38498 at SUSE CVE-2025-38498 at NVD CVE-2025-38499 at SUSE CVE-2025-38499 at NVD CVE-2025-38546 at SUSE CVE-2025-38546 at NVD CVE-2025-38555 at SUSE CVE-2025-38555 at NVD CVE-2025-38560 at SUSE CVE-2025-38560 at NVD CVE-2025-38563 at SUSE CVE-2025-38563 at NVD CVE-2025-38608 at SUSE CVE-2025-38608 at NVD CVE-2025-38617 at SUSE CVE-2025-38617 at NVD CVE-2025-38618 at SUSE CVE-2025-38618 at NVD CVE-2025-38644 at SUSE CVE-2025-38644 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Low) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2025-9165: local execution manipulation leading to memory leak (bsc#1248330). - CVE-2025-8534: null pointer dereference in function PS_Lvl2page (bsc#1247582). - CVE-2025-8961: segmentation fault via main function of tiffcrop utility (bsc#1248117). Low SUSE bug 1247582 SUSE bug 1248117 SUSE bug 1248330 CVE-2025-8534 at SUSE CVE-2025-8534 at NVD CVE-2025-8961 at SUSE CVE-2025-8961 at NVD CVE-2025-9165 at SUSE CVE-2025-9165 at NVD cpe:/o:suse:sle-micro:5.5 Security update for rsync (Moderate) SUSE Linux Enterprise Micro 5.5 This update for rsync fixes the following issues: - Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities. Moderate SUSE bug 1233760 cpe:/o:suse:sle-micro:5.5 Security update for open-vm-tools (Important) SUSE Linux Enterprise Micro 5.5 This update for open-vm-tools fixes the following issues: - CVE-2025-41244: local privilege escalation via the Service Discovery Plugin (bsc#1250373). Important SUSE bug 1250373 CVE-2025-41244 at SUSE CVE-2025-41244 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Important) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap (bsc#1250232). Important SUSE bug 1250232 CVE-2025-9230 at SUSE CVE-2025-9230 at NVD cpe:/o:suse:sle-micro:5.5 Security update for orc (Important) SUSE Linux Enterprise Micro 5.5 This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files (bsc#1228184) Important SUSE bug 1228184 CVE-2024-40897 at SUSE CVE-2024-40897 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation (bsc#1236136) Moderate SUSE bug 1236136 CVE-2024-13176 at SUSE CVE-2024-13176 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460) Important SUSE bug 1236460 CVE-2022-49043 at SUSE CVE-2022-49043 at NVD cpe:/o:suse:sle-micro:5.5 Security update for haproxy (Moderate) SUSE Linux Enterprise Micro 5.5 This update for haproxy fixes the following issues: - CVE-2025-11230: Fixed issue in the mjson JSON decoder, that could have let to excessive resource consumption when processing numbers with large exponents (bsc#1250983). Moderate SUSE bug 1250983 CVE-2025-11230 at SUSE CVE-2025-11230 at NVD cpe:/o:suse:sle-micro:5.5 Security update for bind (Important) SUSE Linux Enterprise Micro 5.5 This update for bind fixes the following issues: - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section (bsc#1236596) Important SUSE bug 1236596 CVE-2024-11187 at SUSE CVE-2024-11187 at NVD cpe:/o:suse:sle-micro:5.5 Security update for samba (Critical) SUSE Linux Enterprise Micro 5.5 This update for samba fixes the following issues: - CVE-2025-9640: Fixed uninitialized memory disclosure via vfs_streams_xattr (bsc#1251279). - CVE-2025-10230: Fixed command Injection in WINS server hook script (bsc#1251280). Critical SUSE bug 1251279 SUSE bug 1251280 CVE-2025-10230 at SUSE CVE-2025-10230 at NVD CVE-2025-9640 at SUSE CVE-2025-9640 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} (bsc#1246968). - CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846). - CVE-2022-50409: net: If sock is dead do not access sock's sk_wq in sk_stream_wait_memory (bsc#1250392). - CVE-2023-53178: mm: fix zswap writeback race condition (bsc#1249827). - CVE-2023-53257: wifi: mac80211: check S1G action frame size (bsc#1249869). - CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313). - CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180). - CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846). - CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539). - CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732). - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1245666). - CVE-2025-38380: i2c/designware: Fix an initialization issue (bsc#1247028). - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239). - CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255). - CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399). - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639). - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628). - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126). - CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220). - CVE-2025-38706: ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (bsc#1249195). - CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200). - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324). - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374). - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315). - CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266). - CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516). - CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538). - CVE-2025-39790: bus: mhi: host: Detect events pointing to unexpected TREs (bsc#1249548). - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002). - CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007). - CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247). - CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406). The following non-security bugs were fixed: - !CONFIG & reference -> this is bug, immediate fail - CONFIG & no reference -> OK temporarily, must be resolved eventually - Do not self obsolete older kernel variants - Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186). - Limit patch filenames to 100 characters (bsc#1249604). - Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108). - Update config files. (bsc#1249186) Enable where we define KABI refs + rely on Kconfig deps. - build_bug.h: Add KABI assert (bsc#1249186). - hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111). - kernel-binary: Another installation ordering fix (bsc#1241353). - kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). - kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346) - kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). - net/sched: ets: use old 'nbands' while purging unused classes (git-fixes). - rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879). - rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) - rpm: Configure KABI checkingness macro (bsc#1249186). - rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186). - rpm: Link arch-symbols script from scripts directory. - rpm: Link guards script from scripts directory. - supported.conf: mark hyperv_drm as external - use uniform permission checks for all mount propagation changes (git-fixes). - xfs: rework datasync tracking and execution (bsc#1237449). Important SUSE bug 1065729 SUSE bug 1164051 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1202700 SUSE bug 1203063 SUSE bug 1203332 SUSE bug 1204228 SUSE bug 1205128 SUSE bug 1205205 SUSE bug 1206451 SUSE bug 1206456 SUSE bug 1206468 SUSE bug 1206843 SUSE bug 1206883 SUSE bug 1206884 SUSE bug 1207158 SUSE bug 1207361 SUSE bug 1207621 SUSE bug 1207624 SUSE bug 1207625 SUSE bug 1207628 SUSE bug 1207629 SUSE bug 1207631 SUSE bug 1207645 SUSE bug 1207651 SUSE bug 1208607 SUSE bug 1209287 SUSE bug 1209291 SUSE bug 1209980 SUSE bug 1210584 SUSE bug 1211960 SUSE bug 1212603 SUSE bug 1213015 SUSE bug 1213016 SUSE bug 1213040 SUSE bug 1213041 SUSE bug 1213061 SUSE bug 1213099 SUSE bug 1213104 SUSE bug 1213533 SUSE bug 1213666 SUSE bug 1213747 SUSE bug 1214073 SUSE bug 1214953 SUSE bug 1214967 SUSE bug 1215150 SUSE bug 1215696 SUSE bug 1215911 SUSE bug 1216976 SUSE bug 1217790 SUSE bug 1220185 SUSE bug 1220186 SUSE bug 1223959 SUSE bug 1234639 SUSE bug 1236104 SUSE bug 1237449 SUSE bug 1238160 SUSE bug 1241353 SUSE bug 1242846 SUSE bug 1243539 SUSE bug 1244337 SUSE bug 1244732 SUSE bug 1245666 SUSE bug 1246879 SUSE bug 1246968 SUSE bug 1247028 SUSE bug 1247172 SUSE bug 1247239 SUSE bug 1248108 SUSE bug 1248111 SUSE bug 1248255 SUSE bug 1248399 SUSE bug 1248628 SUSE bug 1248639 SUSE bug 1248847 SUSE bug 1249126 SUSE bug 1249158 SUSE bug 1249159 SUSE bug 1249186 SUSE bug 1249195 SUSE bug 1249200 SUSE bug 1249220 SUSE bug 1249266 SUSE bug 1249315 SUSE bug 1249324 SUSE bug 1249346 SUSE bug 1249374 SUSE bug 1249516 SUSE bug 1249538 SUSE bug 1249548 SUSE bug 1249604 SUSE bug 1249638 SUSE bug 1249639 SUSE bug 1249641 SUSE bug 1249642 SUSE bug 1249648 SUSE bug 1249650 SUSE bug 1249651 SUSE bug 1249658 SUSE bug 1249661 SUSE bug 1249664 SUSE bug 1249667 SUSE bug 1249669 SUSE bug 1249673 SUSE bug 1249677 SUSE bug 1249681 SUSE bug 1249683 SUSE bug 1249685 SUSE bug 1249687 SUSE bug 1249695 SUSE bug 1249696 SUSE bug 1249699 SUSE bug 1249700 SUSE bug 1249701 SUSE bug 1249704 SUSE bug 1249705 SUSE bug 1249706 SUSE bug 1249707 SUSE bug 1249708 SUSE bug 1249709 SUSE bug 1249712 SUSE bug 1249713 SUSE bug 1249715 SUSE bug 1249716 SUSE bug 1249718 SUSE bug 1249722 SUSE bug 1249727 SUSE bug 1249730 SUSE bug 1249733 SUSE bug 1249734 SUSE bug 1249739 SUSE bug 1249740 SUSE bug 1249741 SUSE bug 1249742 SUSE bug 1249743 SUSE bug 1249745 SUSE bug 1249746 SUSE bug 1249747 SUSE bug 1249749 SUSE bug 1249750 SUSE bug 1249751 SUSE bug 1249753 SUSE bug 1249756 SUSE bug 1249757 SUSE bug 1249758 SUSE bug 1249762 SUSE bug 1249767 SUSE bug 1249777 SUSE bug 1249780 SUSE bug 1249781 SUSE bug 1249782 SUSE bug 1249784 SUSE bug 1249791 SUSE bug 1249799 SUSE bug 1249800 SUSE bug 1249802 SUSE bug 1249808 SUSE bug 1249810 SUSE bug 1249816 SUSE bug 1249820 SUSE bug 1249824 SUSE bug 1249825 SUSE bug 1249827 SUSE bug 1249836 SUSE bug 1249840 SUSE bug 1249844 SUSE bug 1249846 SUSE bug 1249853 SUSE bug 1249858 SUSE bug 1249860 SUSE bug 1249861 SUSE bug 1249864 SUSE bug 1249865 SUSE bug 1249866 SUSE bug 1249867 SUSE bug 1249868 SUSE bug 1249869 SUSE bug 1249872 SUSE bug 1249874 SUSE bug 1249877 SUSE bug 1249880 SUSE bug 1249882 SUSE bug 1249883 SUSE bug 1249884 SUSE bug 1249885 SUSE bug 1249890 SUSE bug 1249892 SUSE bug 1249894 SUSE bug 1249908 SUSE bug 1249910 SUSE bug 1249911 SUSE bug 1249913 SUSE bug 1249914 SUSE bug 1249917 SUSE bug 1249918 SUSE bug 1249920 SUSE bug 1249923 SUSE bug 1249924 SUSE bug 1249925 SUSE bug 1249927 SUSE bug 1249928 SUSE bug 1249930 SUSE bug 1249933 SUSE bug 1249934 SUSE bug 1249936 SUSE bug 1249938 SUSE bug 1249939 SUSE bug 1249940 SUSE bug 1249944 SUSE bug 1249947 SUSE bug 1249949 SUSE bug 1249950 SUSE bug 1249951 SUSE bug 1249954 SUSE bug 1249958 SUSE bug 1249979 SUSE bug 1249981 SUSE bug 1249991 SUSE bug 1249994 SUSE bug 1249997 SUSE bug 1250002 SUSE bug 1250006 SUSE bug 1250007 SUSE bug 1250009 SUSE bug 1250010 SUSE bug 1250011 SUSE bug 1250014 SUSE bug 1250015 SUSE bug 1250017 SUSE bug 1250023 SUSE bug 1250024 SUSE bug 1250026 SUSE bug 1250037 SUSE bug 1250039 SUSE bug 1250040 SUSE bug 1250041 SUSE bug 1250042 SUSE bug 1250044 SUSE bug 1250047 SUSE bug 1250049 SUSE bug 1250052 SUSE bug 1250055 SUSE bug 1250058 SUSE bug 1250060 SUSE bug 1250062 SUSE bug 1250065 SUSE bug 1250066 SUSE bug 1250068 SUSE bug 1250070 SUSE bug 1250071 SUSE bug 1250072 SUSE bug 1250075 SUSE bug 1250077 SUSE bug 1250080 SUSE bug 1250081 SUSE bug 1250083 SUSE bug 1250089 SUSE bug 1250103 SUSE bug 1250104 SUSE bug 1250105 SUSE bug 1250106 SUSE bug 1250107 SUSE bug 1250108 SUSE bug 1250112 SUSE bug 1250114 SUSE bug 1250117 SUSE bug 1250118 SUSE bug 1250121 SUSE bug 1250127 SUSE bug 1250128 SUSE bug 1250130 SUSE bug 1250131 SUSE bug 1250132 SUSE bug 1250134 SUSE bug 1250137 SUSE bug 1250138 SUSE bug 1250140 SUSE bug 1250144 SUSE bug 1250145 SUSE bug 1250151 SUSE bug 1250153 SUSE bug 1250156 SUSE bug 1250157 SUSE bug 1250159 SUSE bug 1250161 SUSE bug 1250165 SUSE bug 1250168 SUSE bug 1250178 SUSE bug 1250180 SUSE bug 1250181 SUSE bug 1250182 SUSE bug 1250183 SUSE bug 1250184 SUSE bug 1250187 SUSE bug 1250189 SUSE bug 1250191 SUSE bug 1250197 SUSE bug 1250198 SUSE bug 1250200 SUSE bug 1250201 SUSE bug 1250208 SUSE bug 1250209 SUSE bug 1250211 SUSE bug 1250215 SUSE bug 1250245 SUSE bug 1250247 SUSE bug 1250250 SUSE bug 1250257 SUSE bug 1250264 SUSE bug 1250269 SUSE bug 1250277 SUSE bug 1250278 SUSE bug 1250285 SUSE bug 1250287 SUSE bug 1250293 SUSE bug 1250301 SUSE bug 1250303 SUSE bug 1250306 SUSE bug 1250309 SUSE bug 1250311 SUSE bug 1250313 SUSE bug 1250315 SUSE bug 1250316 SUSE bug 1250322 SUSE bug 1250323 SUSE bug 1250324 SUSE bug 1250325 SUSE bug 1250327 SUSE bug 1250328 SUSE bug 1250331 SUSE bug 1250358 SUSE bug 1250362 SUSE bug 1250363 SUSE bug 1250370 SUSE bug 1250374 SUSE bug 1250391 SUSE bug 1250392 SUSE bug 1250393 SUSE bug 1250394 SUSE bug 1250395 SUSE bug 1250397 SUSE bug 1250406 SUSE bug 1250412 SUSE bug 1250418 SUSE bug 1250425 SUSE bug 1250428 SUSE bug 1250453 SUSE bug 1250454 SUSE bug 1250457 SUSE bug 1250459 SUSE bug 1250522 SUSE bug 1250759 SUSE bug 1250761 SUSE bug 1250762 SUSE bug 1250763 SUSE bug 1250765 SUSE bug 1250767 SUSE bug 1250768 SUSE bug 1250771 SUSE bug 1250774 SUSE bug 1250781 SUSE bug 1250784 SUSE bug 1250786 SUSE bug 1250787 SUSE bug 1250790 SUSE bug 1250791 SUSE bug 1250792 SUSE bug 1250793 SUSE bug 1250797 SUSE bug 1250799 SUSE bug 1250807 SUSE bug 1250810 SUSE bug 1250811 SUSE bug 1250814 SUSE bug 1250818 SUSE bug 1250819 SUSE bug 1250822 SUSE bug 1250823 SUSE bug 1250824 SUSE bug 1250825 SUSE bug 1250829 SUSE bug 1250830 SUSE bug 1250831 SUSE bug 1250832 SUSE bug 1250839 SUSE bug 1250841 SUSE bug 1250842 SUSE bug 1250843 SUSE bug 1250846 SUSE bug 1250847 SUSE bug 1250848 SUSE bug 1250849 SUSE bug 1250850 SUSE bug 1250851 SUSE bug 1250853 SUSE bug 1250856 SUSE bug 1250861 SUSE bug 1250862 SUSE bug 1250863 SUSE bug 1250864 SUSE bug 1250866 SUSE bug 1250867 SUSE bug 1250868 SUSE bug 1250872 SUSE bug 1250873 SUSE bug 1250874 SUSE bug 1250875 SUSE bug 1250877 SUSE bug 1250879 SUSE bug 1250881 SUSE bug 1250883 SUSE bug 1250887 SUSE bug 1250888 SUSE bug 1250889 SUSE bug 1250890 SUSE bug 1250891 SUSE bug 1250905 SUSE bug 1250913 SUSE bug 1250915 SUSE bug 1250917 SUSE bug 1250923 SUSE bug 1250927 SUSE bug 1250928 SUSE bug 1250931 SUSE bug 1250932 SUSE bug 1250948 SUSE bug 1250949 SUSE bug 1250953 SUSE bug 1250963 SUSE bug 1250964 SUSE bug 1250965 CVE-2022-2602 at SUSE CVE-2022-2602 at NVD CVE-2022-2978 at SUSE CVE-2022-2978 at NVD CVE-2022-36280 at SUSE CVE-2022-36280 at NVD CVE-2022-43945 at SUSE CVE-2022-43945 at NVD CVE-2022-49138 at SUSE CVE-2022-49138 at NVD CVE-2022-50233 at SUSE CVE-2022-50233 at NVD CVE-2022-50234 at SUSE CVE-2022-50234 at NVD CVE-2022-50235 at SUSE CVE-2022-50235 at NVD CVE-2022-50239 at SUSE CVE-2022-50239 at NVD CVE-2022-50241 at SUSE CVE-2022-50241 at NVD CVE-2022-50242 at SUSE CVE-2022-50242 at NVD CVE-2022-50246 at SUSE CVE-2022-50246 at NVD CVE-2022-50247 at SUSE CVE-2022-50247 at NVD CVE-2022-50248 at SUSE CVE-2022-50248 at NVD CVE-2022-50249 at SUSE CVE-2022-50249 at NVD CVE-2022-50250 at SUSE CVE-2022-50250 at NVD CVE-2022-50251 at SUSE CVE-2022-50251 at NVD CVE-2022-50252 at SUSE CVE-2022-50252 at NVD CVE-2022-50255 at SUSE CVE-2022-50255 at NVD CVE-2022-50257 at SUSE CVE-2022-50257 at NVD CVE-2022-50258 at SUSE CVE-2022-50258 at NVD CVE-2022-50260 at SUSE CVE-2022-50260 at NVD CVE-2022-50261 at SUSE CVE-2022-50261 at NVD CVE-2022-50264 at SUSE CVE-2022-50264 at NVD CVE-2022-50266 at SUSE CVE-2022-50266 at NVD CVE-2022-50267 at SUSE CVE-2022-50267 at NVD CVE-2022-50268 at SUSE CVE-2022-50268 at NVD CVE-2022-50269 at SUSE CVE-2022-50269 at NVD CVE-2022-50271 at SUSE CVE-2022-50271 at NVD CVE-2022-50272 at SUSE CVE-2022-50272 at NVD CVE-2022-50275 at SUSE CVE-2022-50275 at NVD CVE-2022-50276 at SUSE CVE-2022-50276 at NVD CVE-2022-50277 at SUSE CVE-2022-50277 at NVD CVE-2022-50278 at SUSE CVE-2022-50278 at NVD CVE-2022-50279 at SUSE CVE-2022-50279 at NVD CVE-2022-50282 at SUSE CVE-2022-50282 at NVD CVE-2022-50286 at SUSE CVE-2022-50286 at NVD CVE-2022-50287 at SUSE CVE-2022-50287 at NVD CVE-2022-50288 at SUSE CVE-2022-50288 at NVD CVE-2022-50289 at SUSE CVE-2022-50289 at NVD CVE-2022-50292 at SUSE CVE-2022-50292 at NVD CVE-2022-50294 at SUSE CVE-2022-50294 at NVD CVE-2022-50297 at SUSE CVE-2022-50297 at NVD CVE-2022-50298 at SUSE CVE-2022-50298 at NVD CVE-2022-50299 at SUSE CVE-2022-50299 at NVD CVE-2022-50301 at SUSE CVE-2022-50301 at NVD CVE-2022-50303 at SUSE CVE-2022-50303 at NVD CVE-2022-50308 at SUSE CVE-2022-50308 at NVD CVE-2022-50309 at SUSE CVE-2022-50309 at NVD CVE-2022-50312 at SUSE CVE-2022-50312 at NVD CVE-2022-50317 at SUSE CVE-2022-50317 at NVD CVE-2022-50318 at SUSE CVE-2022-50318 at NVD CVE-2022-50320 at SUSE CVE-2022-50320 at NVD CVE-2022-50321 at SUSE CVE-2022-50321 at NVD CVE-2022-50323 at SUSE CVE-2022-50323 at NVD CVE-2022-50324 at SUSE CVE-2022-50324 at NVD CVE-2022-50325 at SUSE CVE-2022-50325 at NVD CVE-2022-50328 at SUSE CVE-2022-50328 at NVD CVE-2022-50329 at SUSE CVE-2022-50329 at NVD CVE-2022-50330 at SUSE CVE-2022-50330 at NVD CVE-2022-50331 at SUSE CVE-2022-50331 at NVD CVE-2022-50333 at SUSE CVE-2022-50333 at NVD CVE-2022-50339 at SUSE CVE-2022-50339 at NVD CVE-2022-50340 at SUSE CVE-2022-50340 at NVD CVE-2022-50342 at SUSE CVE-2022-50342 at NVD CVE-2022-50344 at SUSE CVE-2022-50344 at NVD CVE-2022-50346 at SUSE CVE-2022-50346 at NVD CVE-2022-50347 at SUSE CVE-2022-50347 at NVD CVE-2022-50348 at SUSE CVE-2022-50348 at NVD CVE-2022-50349 at SUSE CVE-2022-50349 at NVD CVE-2022-50351 at SUSE CVE-2022-50351 at NVD CVE-2022-50353 at SUSE CVE-2022-50353 at NVD CVE-2022-50354 at SUSE CVE-2022-50354 at NVD CVE-2022-50355 at SUSE CVE-2022-50355 at NVD CVE-2022-50356 at SUSE CVE-2022-50356 at NVD CVE-2022-50357 at SUSE CVE-2022-50357 at NVD CVE-2022-50358 at SUSE CVE-2022-50358 at NVD CVE-2022-50359 at SUSE CVE-2022-50359 at NVD CVE-2022-50360 at SUSE CVE-2022-50360 at NVD CVE-2022-50362 at SUSE CVE-2022-50362 at NVD CVE-2022-50364 at SUSE CVE-2022-50364 at NVD CVE-2022-50367 at SUSE CVE-2022-50367 at NVD CVE-2022-50368 at SUSE CVE-2022-50368 at NVD CVE-2022-50369 at SUSE CVE-2022-50369 at NVD CVE-2022-50370 at SUSE CVE-2022-50370 at NVD CVE-2022-50372 at SUSE CVE-2022-50372 at NVD CVE-2022-50373 at SUSE CVE-2022-50373 at NVD CVE-2022-50374 at SUSE CVE-2022-50374 at NVD CVE-2022-50375 at SUSE CVE-2022-50375 at NVD CVE-2022-50376 at SUSE CVE-2022-50376 at NVD CVE-2022-50378 at SUSE CVE-2022-50378 at NVD CVE-2022-50379 at SUSE CVE-2022-50379 at NVD CVE-2022-50381 at SUSE CVE-2022-50381 at NVD CVE-2022-50385 at SUSE CVE-2022-50385 at NVD CVE-2022-50386 at SUSE CVE-2022-50386 at NVD CVE-2022-50388 at SUSE CVE-2022-50388 at NVD CVE-2022-50389 at SUSE CVE-2022-50389 at NVD CVE-2022-50390 at SUSE CVE-2022-50390 at NVD CVE-2022-50391 at SUSE CVE-2022-50391 at NVD CVE-2022-50392 at SUSE CVE-2022-50392 at NVD CVE-2022-50393 at SUSE CVE-2022-50393 at NVD CVE-2022-50394 at SUSE CVE-2022-50394 at NVD CVE-2022-50395 at SUSE CVE-2022-50395 at NVD CVE-2022-50396 at SUSE CVE-2022-50396 at NVD CVE-2022-50398 at SUSE CVE-2022-50398 at NVD CVE-2022-50399 at SUSE CVE-2022-50399 at NVD CVE-2022-50401 at SUSE CVE-2022-50401 at NVD CVE-2022-50402 at SUSE CVE-2022-50402 at NVD CVE-2022-50404 at SUSE CVE-2022-50404 at NVD CVE-2022-50406 at SUSE CVE-2022-50406 at NVD CVE-2022-50408 at SUSE CVE-2022-50408 at NVD CVE-2022-50409 at SUSE CVE-2022-50409 at NVD CVE-2022-50410 at SUSE CVE-2022-50410 at NVD CVE-2022-50411 at SUSE CVE-2022-50411 at NVD CVE-2022-50412 at SUSE CVE-2022-50412 at NVD CVE-2022-50414 at SUSE CVE-2022-50414 at NVD CVE-2022-50417 at SUSE CVE-2022-50417 at NVD CVE-2022-50418 at SUSE CVE-2022-50418 at NVD CVE-2022-50419 at SUSE CVE-2022-50419 at NVD CVE-2022-50422 at SUSE CVE-2022-50422 at NVD CVE-2022-50423 at SUSE CVE-2022-50423 at NVD CVE-2022-50425 at SUSE CVE-2022-50425 at NVD CVE-2022-50427 at SUSE CVE-2022-50427 at NVD CVE-2022-50428 at SUSE CVE-2022-50428 at NVD CVE-2022-50429 at SUSE CVE-2022-50429 at NVD CVE-2022-50430 at SUSE CVE-2022-50430 at NVD CVE-2022-50431 at SUSE CVE-2022-50431 at NVD CVE-2022-50432 at SUSE CVE-2022-50432 at NVD CVE-2022-50433 at SUSE CVE-2022-50433 at NVD CVE-2022-50434 at SUSE CVE-2022-50434 at NVD CVE-2022-50435 at SUSE CVE-2022-50435 at NVD CVE-2022-50436 at SUSE CVE-2022-50436 at NVD CVE-2022-50437 at SUSE CVE-2022-50437 at NVD CVE-2022-50439 at SUSE CVE-2022-50439 at NVD CVE-2022-50440 at SUSE CVE-2022-50440 at NVD CVE-2022-50441 at SUSE CVE-2022-50441 at NVD CVE-2022-50443 at SUSE CVE-2022-50443 at NVD CVE-2022-50444 at SUSE CVE-2022-50444 at NVD CVE-2022-50447 at SUSE CVE-2022-50447 at NVD CVE-2022-50449 at SUSE CVE-2022-50449 at NVD CVE-2022-50452 at SUSE CVE-2022-50452 at NVD CVE-2022-50453 at SUSE CVE-2022-50453 at NVD CVE-2022-50454 at SUSE CVE-2022-50454 at NVD CVE-2022-50456 at SUSE CVE-2022-50456 at NVD CVE-2022-50458 at SUSE CVE-2022-50458 at NVD CVE-2022-50459 at SUSE CVE-2022-50459 at NVD CVE-2022-50460 at SUSE CVE-2022-50460 at NVD CVE-2022-50464 at SUSE CVE-2022-50464 at NVD CVE-2022-50465 at SUSE CVE-2022-50465 at NVD CVE-2022-50466 at SUSE CVE-2022-50466 at NVD CVE-2022-50467 at SUSE CVE-2022-50467 at NVD CVE-2022-50468 at SUSE CVE-2022-50468 at NVD CVE-2022-50469 at SUSE CVE-2022-50469 at NVD CVE-2023-1380 at SUSE CVE-2023-1380 at NVD CVE-2023-28328 at SUSE CVE-2023-28328 at NVD CVE-2023-31248 at SUSE CVE-2023-31248 at NVD CVE-2023-3772 at SUSE CVE-2023-3772 at NVD CVE-2023-39197 at SUSE CVE-2023-39197 at NVD CVE-2023-42753 at SUSE CVE-2023-42753 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-53147 at SUSE CVE-2023-53147 at NVD CVE-2023-53149 at SUSE CVE-2023-53149 at NVD CVE-2023-53150 at SUSE CVE-2023-53150 at NVD CVE-2023-53151 at SUSE CVE-2023-53151 at NVD CVE-2023-53152 at SUSE CVE-2023-53152 at NVD CVE-2023-53153 at SUSE CVE-2023-53153 at NVD CVE-2023-53165 at SUSE CVE-2023-53165 at NVD CVE-2023-53167 at SUSE CVE-2023-53167 at NVD CVE-2023-53168 at SUSE CVE-2023-53168 at NVD CVE-2023-53171 at SUSE CVE-2023-53171 at NVD CVE-2023-53174 at SUSE CVE-2023-53174 at NVD CVE-2023-53176 at SUSE CVE-2023-53176 at NVD CVE-2023-53178 at SUSE CVE-2023-53178 at NVD CVE-2023-53179 at SUSE CVE-2023-53179 at NVD CVE-2023-53181 at SUSE CVE-2023-53181 at NVD CVE-2023-53182 at SUSE CVE-2023-53182 at NVD CVE-2023-53185 at SUSE CVE-2023-53185 at NVD CVE-2023-53189 at SUSE CVE-2023-53189 at NVD CVE-2023-53193 at SUSE CVE-2023-53193 at NVD CVE-2023-53196 at SUSE CVE-2023-53196 at NVD CVE-2023-53197 at SUSE CVE-2023-53197 at NVD CVE-2023-53199 at SUSE CVE-2023-53199 at NVD CVE-2023-53201 at SUSE CVE-2023-53201 at NVD CVE-2023-53205 at SUSE CVE-2023-53205 at NVD CVE-2023-53210 at SUSE CVE-2023-53210 at NVD CVE-2023-53213 at SUSE CVE-2023-53213 at NVD CVE-2023-53215 at SUSE CVE-2023-53215 at NVD CVE-2023-53216 at SUSE CVE-2023-53216 at NVD CVE-2023-53219 at SUSE CVE-2023-53219 at NVD CVE-2023-53222 at SUSE CVE-2023-53222 at NVD CVE-2023-53223 at SUSE CVE-2023-53223 at NVD CVE-2023-53226 at SUSE CVE-2023-53226 at NVD CVE-2023-53229 at SUSE CVE-2023-53229 at NVD CVE-2023-53230 at SUSE CVE-2023-53230 at NVD CVE-2023-53232 at SUSE CVE-2023-53232 at NVD CVE-2023-53234 at SUSE CVE-2023-53234 at NVD CVE-2023-53237 at SUSE CVE-2023-53237 at NVD CVE-2023-53238 at SUSE CVE-2023-53238 at NVD CVE-2023-53239 at SUSE CVE-2023-53239 at NVD CVE-2023-53241 at SUSE CVE-2023-53241 at NVD CVE-2023-53242 at SUSE CVE-2023-53242 at NVD CVE-2023-53244 at SUSE CVE-2023-53244 at NVD CVE-2023-53245 at SUSE CVE-2023-53245 at NVD CVE-2023-53246 at SUSE CVE-2023-53246 at NVD CVE-2023-53249 at SUSE CVE-2023-53249 at NVD CVE-2023-53250 at SUSE CVE-2023-53250 at NVD CVE-2023-53251 at SUSE CVE-2023-53251 at NVD CVE-2023-53252 at SUSE CVE-2023-53252 at NVD CVE-2023-53255 at SUSE CVE-2023-53255 at NVD CVE-2023-53257 at SUSE CVE-2023-53257 at NVD CVE-2023-53258 at SUSE CVE-2023-53258 at NVD CVE-2023-53259 at SUSE CVE-2023-53259 at NVD CVE-2023-53263 at SUSE CVE-2023-53263 at NVD CVE-2023-53265 at SUSE CVE-2023-53265 at NVD CVE-2023-53268 at SUSE CVE-2023-53268 at NVD CVE-2023-53270 at SUSE CVE-2023-53270 at NVD CVE-2023-53272 at SUSE CVE-2023-53272 at NVD CVE-2023-53273 at SUSE CVE-2023-53273 at NVD CVE-2023-53275 at SUSE CVE-2023-53275 at NVD CVE-2023-53276 at SUSE CVE-2023-53276 at NVD CVE-2023-53277 at SUSE CVE-2023-53277 at NVD CVE-2023-53280 at SUSE CVE-2023-53280 at NVD CVE-2023-53281 at SUSE CVE-2023-53281 at NVD CVE-2023-53282 at SUSE CVE-2023-53282 at NVD CVE-2023-53284 at SUSE CVE-2023-53284 at NVD CVE-2023-53286 at SUSE CVE-2023-53286 at NVD CVE-2023-53287 at SUSE CVE-2023-53287 at NVD CVE-2023-53288 at SUSE CVE-2023-53288 at NVD CVE-2023-53295 at SUSE CVE-2023-53295 at NVD CVE-2023-53297 at SUSE CVE-2023-53297 at NVD CVE-2023-53298 at SUSE CVE-2023-53298 at NVD CVE-2023-53299 at SUSE CVE-2023-53299 at NVD CVE-2023-53302 at SUSE CVE-2023-53302 at NVD CVE-2023-53304 at SUSE CVE-2023-53304 at NVD CVE-2023-53305 at SUSE CVE-2023-53305 at NVD CVE-2023-53309 at SUSE CVE-2023-53309 at NVD CVE-2023-53311 at SUSE CVE-2023-53311 at NVD CVE-2023-53313 at SUSE CVE-2023-53313 at NVD CVE-2023-53314 at SUSE CVE-2023-53314 at NVD CVE-2023-53315 at SUSE CVE-2023-53315 at NVD CVE-2023-53316 at SUSE CVE-2023-53316 at NVD CVE-2023-53317 at SUSE CVE-2023-53317 at NVD CVE-2023-53320 at SUSE CVE-2023-53320 at NVD CVE-2023-53321 at SUSE CVE-2023-53321 at NVD CVE-2023-53322 at SUSE CVE-2023-53322 at NVD CVE-2023-53324 at SUSE CVE-2023-53324 at NVD CVE-2023-53326 at SUSE CVE-2023-53326 at NVD CVE-2023-53330 at SUSE CVE-2023-53330 at NVD CVE-2023-53331 at SUSE CVE-2023-53331 at NVD CVE-2023-53332 at SUSE CVE-2023-53332 at NVD CVE-2023-53333 at SUSE CVE-2023-53333 at NVD CVE-2023-53334 at SUSE CVE-2023-53334 at NVD CVE-2023-53335 at SUSE CVE-2023-53335 at NVD CVE-2023-53337 at SUSE CVE-2023-53337 at NVD CVE-2023-53340 at SUSE CVE-2023-53340 at NVD CVE-2023-53344 at SUSE CVE-2023-53344 at NVD CVE-2023-53347 at SUSE CVE-2023-53347 at NVD CVE-2023-53349 at SUSE CVE-2023-53349 at NVD CVE-2023-53352 at SUSE CVE-2023-53352 at NVD CVE-2023-53356 at SUSE CVE-2023-53356 at NVD CVE-2023-53357 at SUSE CVE-2023-53357 at NVD CVE-2023-53359 at SUSE CVE-2023-53359 at NVD CVE-2023-53368 at SUSE CVE-2023-53368 at NVD CVE-2023-53370 at SUSE CVE-2023-53370 at NVD CVE-2023-53371 at SUSE CVE-2023-53371 at NVD CVE-2023-53373 at SUSE CVE-2023-53373 at NVD CVE-2023-53375 at SUSE CVE-2023-53375 at NVD CVE-2023-53377 at SUSE CVE-2023-53377 at NVD CVE-2023-53378 at SUSE CVE-2023-53378 at NVD CVE-2023-53379 at SUSE CVE-2023-53379 at NVD CVE-2023-53380 at SUSE CVE-2023-53380 at NVD CVE-2023-53381 at SUSE CVE-2023-53381 at NVD CVE-2023-53383 at SUSE CVE-2023-53383 at NVD CVE-2023-53384 at SUSE CVE-2023-53384 at NVD CVE-2023-53386 at SUSE CVE-2023-53386 at NVD CVE-2023-53388 at SUSE CVE-2023-53388 at NVD CVE-2023-53390 at SUSE CVE-2023-53390 at NVD CVE-2023-53391 at SUSE CVE-2023-53391 at NVD CVE-2023-53393 at SUSE CVE-2023-53393 at NVD CVE-2023-53395 at SUSE CVE-2023-53395 at NVD CVE-2023-53396 at SUSE CVE-2023-53396 at NVD CVE-2023-53398 at SUSE CVE-2023-53398 at NVD CVE-2023-53400 at SUSE CVE-2023-53400 at NVD CVE-2023-53404 at SUSE CVE-2023-53404 at NVD CVE-2023-53405 at SUSE CVE-2023-53405 at NVD CVE-2023-53406 at SUSE CVE-2023-53406 at NVD CVE-2023-53409 at SUSE CVE-2023-53409 at NVD CVE-2023-53413 at SUSE CVE-2023-53413 at NVD CVE-2023-53414 at SUSE CVE-2023-53414 at NVD CVE-2023-53415 at SUSE CVE-2023-53415 at NVD CVE-2023-53416 at SUSE CVE-2023-53416 at NVD CVE-2023-53422 at SUSE CVE-2023-53422 at NVD CVE-2023-53427 at SUSE CVE-2023-53427 at NVD CVE-2023-53431 at SUSE CVE-2023-53431 at NVD CVE-2023-53435 at SUSE CVE-2023-53435 at NVD CVE-2023-53436 at SUSE CVE-2023-53436 at NVD CVE-2023-53437 at SUSE CVE-2023-53437 at NVD CVE-2023-53438 at SUSE CVE-2023-53438 at NVD CVE-2023-53440 at SUSE CVE-2023-53440 at NVD CVE-2023-53442 at SUSE CVE-2023-53442 at NVD CVE-2023-53443 at SUSE CVE-2023-53443 at NVD CVE-2023-53444 at SUSE CVE-2023-53444 at NVD CVE-2023-53446 at SUSE CVE-2023-53446 at NVD CVE-2023-53448 at SUSE CVE-2023-53448 at NVD CVE-2023-53449 at SUSE CVE-2023-53449 at NVD CVE-2023-53451 at SUSE CVE-2023-53451 at NVD CVE-2023-53452 at SUSE CVE-2023-53452 at NVD CVE-2023-53453 at SUSE CVE-2023-53453 at NVD CVE-2023-53454 at SUSE CVE-2023-53454 at NVD CVE-2023-53456 at SUSE CVE-2023-53456 at NVD CVE-2023-53457 at SUSE CVE-2023-53457 at NVD CVE-2023-53458 at SUSE CVE-2023-53458 at NVD CVE-2023-53463 at SUSE CVE-2023-53463 at NVD CVE-2023-53464 at SUSE CVE-2023-53464 at NVD CVE-2023-53465 at SUSE CVE-2023-53465 at NVD CVE-2023-53466 at SUSE CVE-2023-53466 at NVD CVE-2023-53468 at SUSE CVE-2023-53468 at NVD CVE-2023-53471 at SUSE CVE-2023-53471 at NVD CVE-2023-53472 at SUSE CVE-2023-53472 at NVD CVE-2023-53473 at SUSE CVE-2023-53473 at NVD CVE-2023-53474 at SUSE CVE-2023-53474 at NVD CVE-2023-53475 at SUSE CVE-2023-53475 at NVD CVE-2023-53476 at SUSE CVE-2023-53476 at NVD CVE-2023-53480 at SUSE CVE-2023-53480 at NVD CVE-2023-53482 at SUSE CVE-2023-53482 at NVD CVE-2023-53485 at SUSE CVE-2023-53485 at NVD CVE-2023-53487 at SUSE CVE-2023-53487 at NVD CVE-2023-53488 at SUSE CVE-2023-53488 at NVD CVE-2023-53489 at SUSE CVE-2023-53489 at NVD CVE-2023-53492 at SUSE CVE-2023-53492 at NVD CVE-2023-53494 at SUSE CVE-2023-53494 at NVD CVE-2023-53496 at SUSE CVE-2023-53496 at NVD CVE-2023-53498 at SUSE CVE-2023-53498 at NVD CVE-2023-53499 at SUSE CVE-2023-53499 at NVD CVE-2023-53505 at SUSE CVE-2023-53505 at NVD CVE-2023-53506 at SUSE CVE-2023-53506 at NVD CVE-2023-53509 at SUSE CVE-2023-53509 at NVD CVE-2023-53511 at SUSE CVE-2023-53511 at NVD CVE-2023-53512 at SUSE CVE-2023-53512 at NVD CVE-2023-53515 at SUSE CVE-2023-53515 at NVD CVE-2023-53518 at SUSE CVE-2023-53518 at NVD CVE-2023-53519 at SUSE CVE-2023-53519 at NVD CVE-2023-53521 at SUSE CVE-2023-53521 at NVD CVE-2023-53524 at SUSE CVE-2023-53524 at NVD CVE-2023-53525 at SUSE CVE-2023-53525 at NVD CVE-2023-53526 at SUSE CVE-2023-53526 at NVD CVE-2023-53530 at SUSE CVE-2023-53530 at NVD CVE-2023-53531 at SUSE CVE-2023-53531 at NVD CVE-2023-53532 at SUSE CVE-2023-53532 at NVD CVE-2024-26583 at SUSE CVE-2024-26583 at NVD CVE-2024-26584 at SUSE CVE-2024-26584 at NVD CVE-2024-58240 at SUSE CVE-2024-58240 at NVD CVE-2025-37738 at SUSE CVE-2025-37738 at NVD CVE-2025-37958 at SUSE CVE-2025-37958 at NVD CVE-2025-38014 at SUSE CVE-2025-38014 at NVD CVE-2025-38111 at SUSE CVE-2025-38111 at NVD CVE-2025-38380 at SUSE CVE-2025-38380 at NVD CVE-2025-38488 at SUSE CVE-2025-38488 at NVD CVE-2025-38553 at SUSE CVE-2025-38553 at NVD CVE-2025-38572 at SUSE CVE-2025-38572 at NVD CVE-2025-38659 at SUSE CVE-2025-38659 at NVD CVE-2025-38664 at SUSE CVE-2025-38664 at NVD CVE-2025-38678 at SUSE CVE-2025-38678 at NVD CVE-2025-38683 at SUSE CVE-2025-38683 at NVD CVE-2025-38685 at SUSE CVE-2025-38685 at NVD CVE-2025-38706 at SUSE CVE-2025-38706 at NVD CVE-2025-38713 at SUSE CVE-2025-38713 at NVD CVE-2025-38734 at SUSE CVE-2025-38734 at NVD CVE-2025-39691 at SUSE CVE-2025-39691 at NVD CVE-2025-39703 at SUSE CVE-2025-39703 at NVD CVE-2025-39726 at SUSE CVE-2025-39726 at NVD CVE-2025-39746 at SUSE CVE-2025-39746 at NVD CVE-2025-39751 at SUSE CVE-2025-39751 at NVD CVE-2025-39790 at SUSE CVE-2025-39790 at NVD CVE-2025-39823 at SUSE CVE-2025-39823 at NVD CVE-2025-39824 at SUSE CVE-2025-39824 at NVD CVE-2025-39860 at SUSE CVE-2025-39860 at NVD CVE-2025-39869 at SUSE CVE-2025-39869 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Important) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input (bsc#1249584). Important SUSE bug 1249584 CVE-2025-59375 at SUSE CVE-2025-59375 at NVD cpe:/o:suse:sle-micro:5.5 Security update for wget (Moderate) SUSE Linux Enterprise Micro 5.5 This update for wget fixes the following issues: - CVE-2021-31879: Authorization header disclosed upon redirects to different origins. (bsc#1185551) Moderate SUSE bug 1185551 SUSE bug 1230795 CVE-2021-31879 at SUSE CVE-2021-31879 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590) - CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588) Moderate SUSE bug 1236588 SUSE bug 1236590 CVE-2025-0167 at SUSE CVE-2025-0167 at NVD CVE-2025-0725 at SUSE CVE-2025-0725 at NVD cpe:/o:suse:sle-micro:5.5 Security update for protobuf (Moderate) SUSE Linux Enterprise Micro 5.5 This update for protobuf fixes the following issues: - CVE-2025-4565: parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages can lead to crash due to a `RecursionError` (bsc#1244663). Moderate SUSE bug 1244663 CVE-2025-4565 at SUSE CVE-2025-4565 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} (bsc#1246968). - CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846). - CVE-2022-50409: net: If sock is dead do not access sock's sk_wq in sk_stream_wait_memory (bsc#1250392). - CVE-2023-53178: mm: fix zswap writeback race condition (bsc#1249827). - CVE-2023-53257: wifi: mac80211: check S1G action frame size (bsc#1249869). - CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250313). - CVE-2023-53438: x86/MCE: Always save CS register on AMD Zen IF Poison errors (bsc#1250180). - CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846). - CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539). - CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732). - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1245666). - CVE-2025-38380: i2c/designware: Fix an initialization issue (bsc#1247028). - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239). - CVE-2025-38553: net/sched: Restrict conditions for adding duplicating netems to qdisc tree (bsc#1248255). - CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399). - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639). - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628). - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126). - CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220). - CVE-2025-38706: ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (bsc#1249195). - CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200). - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324). - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374). - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315). - CVE-2025-39726: s390/ism: fix concurrency management in ism_cmd() (bsc#1249266). - CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516). - CVE-2025-39751: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (bsc#1249538). - CVE-2025-39790: bus: mhi: host: Detect events pointing to unexpected TREs (bsc#1249548). - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002). - CVE-2025-39824: HID: asus: fix UAF via HID_CLAIMED_INPUT validation (bsc#1250007). - CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (bsc#1250247). - CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (bsc#1250406). The following non-security bugs were fixed: - Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186). - Limit patch filenames to 100 characters (bsc#1249604). - Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108). - Revert selinux patches that caused regressions (bsc#1249353). - btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1249158). - build_bug.h: Add KABI assert (bsc#1249186). - hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111). - kabi/severities: ignore kABI for atheros helper modules The symbols are used only internally by atheros drivers. - kernel-binary: Another installation ordering fix (bsc#1241353). - kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). - kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346) - kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). - net/sched: ets: use old 'nbands' while purging unused classes (git-fixes). - rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879). - rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337). - rpm: Configure KABI checkingness macro (bsc#1249186). - rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186). - rpm: Link arch-symbols script from scripts directory. - rpm: Link guards script from scripts directory. - supported.conf: mark hyperv_drm as external - use uniform permission checks for all mount propagation changes (git-fixes). - xfs: rework datasync tracking and execution (bsc#1237449). Important SUSE bug 1065729 SUSE bug 1164051 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1202700 SUSE bug 1203063 SUSE bug 1203332 SUSE bug 1204228 SUSE bug 1205128 SUSE bug 1205205 SUSE bug 1206451 SUSE bug 1206456 SUSE bug 1206468 SUSE bug 1206843 SUSE bug 1206883 SUSE bug 1206884 SUSE bug 1207158 SUSE bug 1207361 SUSE bug 1207621 SUSE bug 1207624 SUSE bug 1207625 SUSE bug 1207628 SUSE bug 1207629 SUSE bug 1207631 SUSE bug 1207645 SUSE bug 1207651 SUSE bug 1208607 SUSE bug 1209287 SUSE bug 1209291 SUSE bug 1209980 SUSE bug 1210584 SUSE bug 1211960 SUSE bug 1212603 SUSE bug 1213015 SUSE bug 1213016 SUSE bug 1213040 SUSE bug 1213041 SUSE bug 1213061 SUSE bug 1213099 SUSE bug 1213104 SUSE bug 1213533 SUSE bug 1213666 SUSE bug 1213747 SUSE bug 1214073 SUSE bug 1214953 SUSE bug 1214967 SUSE bug 1215150 SUSE bug 1215696 SUSE bug 1215911 SUSE bug 1216976 SUSE bug 1217790 SUSE bug 1220185 SUSE bug 1220186 SUSE bug 1223959 SUSE bug 1234639 SUSE bug 1236104 SUSE bug 1237449 SUSE bug 1238160 SUSE bug 1241353 SUSE bug 1242846 SUSE bug 1243539 SUSE bug 1244337 SUSE bug 1244732 SUSE bug 1245666 SUSE bug 1246879 SUSE bug 1246968 SUSE bug 1247028 SUSE bug 1247172 SUSE bug 1247239 SUSE bug 1248108 SUSE bug 1248111 SUSE bug 1248255 SUSE bug 1248399 SUSE bug 1248628 SUSE bug 1248639 SUSE bug 1248847 SUSE bug 1249126 SUSE bug 1249158 SUSE bug 1249159 SUSE bug 1249186 SUSE bug 1249195 SUSE bug 1249200 SUSE bug 1249220 SUSE bug 1249266 SUSE bug 1249315 SUSE bug 1249324 SUSE bug 1249346 SUSE bug 1249353 SUSE bug 1249374 SUSE bug 1249516 SUSE bug 1249538 SUSE bug 1249548 SUSE bug 1249604 SUSE bug 1249638 SUSE bug 1249639 SUSE bug 1249641 SUSE bug 1249642 SUSE bug 1249648 SUSE bug 1249650 SUSE bug 1249651 SUSE bug 1249658 SUSE bug 1249661 SUSE bug 1249664 SUSE bug 1249667 SUSE bug 1249669 SUSE bug 1249673 SUSE bug 1249677 SUSE bug 1249681 SUSE bug 1249683 SUSE bug 1249685 SUSE bug 1249687 SUSE bug 1249691 SUSE bug 1249695 SUSE bug 1249696 SUSE bug 1249699 SUSE bug 1249700 SUSE bug 1249701 SUSE bug 1249704 SUSE bug 1249705 SUSE bug 1249706 SUSE bug 1249707 SUSE bug 1249708 SUSE bug 1249709 SUSE bug 1249712 SUSE bug 1249713 SUSE bug 1249715 SUSE bug 1249716 SUSE bug 1249718 SUSE bug 1249722 SUSE bug 1249727 SUSE bug 1249730 SUSE bug 1249733 SUSE bug 1249734 SUSE bug 1249739 SUSE bug 1249740 SUSE bug 1249741 SUSE bug 1249742 SUSE bug 1249743 SUSE bug 1249745 SUSE bug 1249746 SUSE bug 1249747 SUSE bug 1249749 SUSE bug 1249750 SUSE bug 1249751 SUSE bug 1249753 SUSE bug 1249756 SUSE bug 1249757 SUSE bug 1249758 SUSE bug 1249762 SUSE bug 1249767 SUSE bug 1249777 SUSE bug 1249780 SUSE bug 1249781 SUSE bug 1249782 SUSE bug 1249784 SUSE bug 1249791 SUSE bug 1249799 SUSE bug 1249800 SUSE bug 1249802 SUSE bug 1249808 SUSE bug 1249810 SUSE bug 1249816 SUSE bug 1249820 SUSE bug 1249824 SUSE bug 1249825 SUSE bug 1249827 SUSE bug 1249836 SUSE bug 1249840 SUSE bug 1249844 SUSE bug 1249846 SUSE bug 1249853 SUSE bug 1249858 SUSE bug 1249860 SUSE bug 1249861 SUSE bug 1249864 SUSE bug 1249865 SUSE bug 1249866 SUSE bug 1249867 SUSE bug 1249868 SUSE bug 1249869 SUSE bug 1249872 SUSE bug 1249874 SUSE bug 1249877 SUSE bug 1249880 SUSE bug 1249882 SUSE bug 1249883 SUSE bug 1249884 SUSE bug 1249885 SUSE bug 1249890 SUSE bug 1249892 SUSE bug 1249894 SUSE bug 1249908 SUSE bug 1249910 SUSE bug 1249911 SUSE bug 1249913 SUSE bug 1249914 SUSE bug 1249917 SUSE bug 1249918 SUSE bug 1249920 SUSE bug 1249923 SUSE bug 1249924 SUSE bug 1249925 SUSE bug 1249927 SUSE bug 1249928 SUSE bug 1249930 SUSE bug 1249933 SUSE bug 1249934 SUSE bug 1249936 SUSE bug 1249938 SUSE bug 1249939 SUSE bug 1249940 SUSE bug 1249944 SUSE bug 1249947 SUSE bug 1249949 SUSE bug 1249950 SUSE bug 1249951 SUSE bug 1249954 SUSE bug 1249958 SUSE bug 1249979 SUSE bug 1249981 SUSE bug 1249991 SUSE bug 1249994 SUSE bug 1249997 SUSE bug 1250002 SUSE bug 1250006 SUSE bug 1250007 SUSE bug 1250009 SUSE bug 1250010 SUSE bug 1250011 SUSE bug 1250014 SUSE bug 1250015 SUSE bug 1250017 SUSE bug 1250023 SUSE bug 1250024 SUSE bug 1250026 SUSE bug 1250037 SUSE bug 1250039 SUSE bug 1250040 SUSE bug 1250041 SUSE bug 1250042 SUSE bug 1250044 SUSE bug 1250047 SUSE bug 1250049 SUSE bug 1250052 SUSE bug 1250055 SUSE bug 1250058 SUSE bug 1250060 SUSE bug 1250062 SUSE bug 1250065 SUSE bug 1250066 SUSE bug 1250068 SUSE bug 1250070 SUSE bug 1250071 SUSE bug 1250072 SUSE bug 1250075 SUSE bug 1250077 SUSE bug 1250080 SUSE bug 1250081 SUSE bug 1250083 SUSE bug 1250089 SUSE bug 1250103 SUSE bug 1250104 SUSE bug 1250105 SUSE bug 1250106 SUSE bug 1250107 SUSE bug 1250108 SUSE bug 1250112 SUSE bug 1250114 SUSE bug 1250117 SUSE bug 1250118 SUSE bug 1250121 SUSE bug 1250127 SUSE bug 1250128 SUSE bug 1250130 SUSE bug 1250131 SUSE bug 1250132 SUSE bug 1250134 SUSE bug 1250137 SUSE bug 1250138 SUSE bug 1250140 SUSE bug 1250144 SUSE bug 1250145 SUSE bug 1250151 SUSE bug 1250153 SUSE bug 1250156 SUSE bug 1250157 SUSE bug 1250159 SUSE bug 1250161 SUSE bug 1250165 SUSE bug 1250168 SUSE bug 1250178 SUSE bug 1250180 SUSE bug 1250181 SUSE bug 1250182 SUSE bug 1250183 SUSE bug 1250184 SUSE bug 1250187 SUSE bug 1250189 SUSE bug 1250191 SUSE bug 1250197 SUSE bug 1250198 SUSE bug 1250200 SUSE bug 1250201 SUSE bug 1250208 SUSE bug 1250209 SUSE bug 1250211 SUSE bug 1250215 SUSE bug 1250245 SUSE bug 1250247 SUSE bug 1250250 SUSE bug 1250257 SUSE bug 1250264 SUSE bug 1250269 SUSE bug 1250277 SUSE bug 1250278 SUSE bug 1250285 SUSE bug 1250287 SUSE bug 1250293 SUSE bug 1250301 SUSE bug 1250303 SUSE bug 1250306 SUSE bug 1250309 SUSE bug 1250311 SUSE bug 1250313 SUSE bug 1250315 SUSE bug 1250316 SUSE bug 1250322 SUSE bug 1250323 SUSE bug 1250324 SUSE bug 1250325 SUSE bug 1250327 SUSE bug 1250328 SUSE bug 1250331 SUSE bug 1250358 SUSE bug 1250362 SUSE bug 1250363 SUSE bug 1250370 SUSE bug 1250374 SUSE bug 1250391 SUSE bug 1250392 SUSE bug 1250393 SUSE bug 1250394 SUSE bug 1250395 SUSE bug 1250397 SUSE bug 1250406 SUSE bug 1250412 SUSE bug 1250418 SUSE bug 1250425 SUSE bug 1250428 SUSE bug 1250453 SUSE bug 1250454 SUSE bug 1250457 SUSE bug 1250459 SUSE bug 1250522 SUSE bug 1250759 SUSE bug 1250761 SUSE bug 1250762 SUSE bug 1250763 SUSE bug 1250765 SUSE bug 1250767 SUSE bug 1250768 SUSE bug 1250771 SUSE bug 1250774 SUSE bug 1250781 SUSE bug 1250784 SUSE bug 1250786 SUSE bug 1250787 SUSE bug 1250790 SUSE bug 1250791 SUSE bug 1250792 SUSE bug 1250793 SUSE bug 1250797 SUSE bug 1250799 SUSE bug 1250807 SUSE bug 1250810 SUSE bug 1250811 SUSE bug 1250814 SUSE bug 1250818 SUSE bug 1250819 SUSE bug 1250822 SUSE bug 1250823 SUSE bug 1250824 SUSE bug 1250825 SUSE bug 1250829 SUSE bug 1250830 SUSE bug 1250831 SUSE bug 1250832 SUSE bug 1250839 SUSE bug 1250841 SUSE bug 1250842 SUSE bug 1250843 SUSE bug 1250846 SUSE bug 1250847 SUSE bug 1250848 SUSE bug 1250849 SUSE bug 1250850 SUSE bug 1250851 SUSE bug 1250853 SUSE bug 1250856 SUSE bug 1250861 SUSE bug 1250862 SUSE bug 1250863 SUSE bug 1250864 SUSE bug 1250866 SUSE bug 1250867 SUSE bug 1250868 SUSE bug 1250872 SUSE bug 1250873 SUSE bug 1250874 SUSE bug 1250875 SUSE bug 1250877 SUSE bug 1250879 SUSE bug 1250881 SUSE bug 1250883 SUSE bug 1250887 SUSE bug 1250888 SUSE bug 1250889 SUSE bug 1250890 SUSE bug 1250891 SUSE bug 1250905 SUSE bug 1250913 SUSE bug 1250915 SUSE bug 1250917 SUSE bug 1250923 SUSE bug 1250927 SUSE bug 1250928 SUSE bug 1250931 SUSE bug 1250932 SUSE bug 1250948 SUSE bug 1250949 SUSE bug 1250953 SUSE bug 1250963 SUSE bug 1250964 SUSE bug 1250965 CVE-2022-2602 at SUSE CVE-2022-2602 at NVD CVE-2022-2978 at SUSE CVE-2022-2978 at NVD CVE-2022-36280 at SUSE CVE-2022-36280 at NVD CVE-2022-43945 at SUSE CVE-2022-43945 at NVD CVE-2022-49138 at SUSE CVE-2022-49138 at NVD CVE-2022-50233 at SUSE CVE-2022-50233 at NVD CVE-2022-50234 at SUSE CVE-2022-50234 at NVD CVE-2022-50235 at SUSE CVE-2022-50235 at NVD CVE-2022-50239 at SUSE CVE-2022-50239 at NVD CVE-2022-50241 at SUSE CVE-2022-50241 at NVD CVE-2022-50242 at SUSE CVE-2022-50242 at NVD CVE-2022-50246 at SUSE CVE-2022-50246 at NVD CVE-2022-50247 at SUSE CVE-2022-50247 at NVD CVE-2022-50248 at SUSE CVE-2022-50248 at NVD CVE-2022-50249 at SUSE CVE-2022-50249 at NVD CVE-2022-50250 at SUSE CVE-2022-50250 at NVD CVE-2022-50251 at SUSE CVE-2022-50251 at NVD CVE-2022-50252 at SUSE CVE-2022-50252 at NVD CVE-2022-50255 at SUSE CVE-2022-50255 at NVD CVE-2022-50257 at SUSE CVE-2022-50257 at NVD CVE-2022-50258 at SUSE CVE-2022-50258 at NVD CVE-2022-50260 at SUSE CVE-2022-50260 at NVD CVE-2022-50261 at SUSE CVE-2022-50261 at NVD CVE-2022-50264 at SUSE CVE-2022-50264 at NVD CVE-2022-50266 at SUSE CVE-2022-50266 at NVD CVE-2022-50267 at SUSE CVE-2022-50267 at NVD CVE-2022-50268 at SUSE CVE-2022-50268 at NVD CVE-2022-50269 at SUSE CVE-2022-50269 at NVD CVE-2022-50271 at SUSE CVE-2022-50271 at NVD CVE-2022-50272 at SUSE CVE-2022-50272 at NVD CVE-2022-50275 at SUSE CVE-2022-50275 at NVD CVE-2022-50276 at SUSE CVE-2022-50276 at NVD CVE-2022-50277 at SUSE CVE-2022-50277 at NVD CVE-2022-50278 at SUSE CVE-2022-50278 at NVD CVE-2022-50279 at SUSE CVE-2022-50279 at NVD CVE-2022-50282 at SUSE CVE-2022-50282 at NVD CVE-2022-50286 at SUSE CVE-2022-50286 at NVD CVE-2022-50287 at SUSE CVE-2022-50287 at NVD CVE-2022-50288 at SUSE CVE-2022-50288 at NVD CVE-2022-50289 at SUSE CVE-2022-50289 at NVD CVE-2022-50292 at SUSE CVE-2022-50292 at NVD CVE-2022-50294 at SUSE CVE-2022-50294 at NVD CVE-2022-50297 at SUSE CVE-2022-50297 at NVD CVE-2022-50298 at SUSE CVE-2022-50298 at NVD CVE-2022-50299 at SUSE CVE-2022-50299 at NVD CVE-2022-50301 at SUSE CVE-2022-50301 at NVD CVE-2022-50303 at SUSE CVE-2022-50303 at NVD CVE-2022-50308 at SUSE CVE-2022-50308 at NVD CVE-2022-50309 at SUSE CVE-2022-50309 at NVD CVE-2022-50312 at SUSE CVE-2022-50312 at NVD CVE-2022-50317 at SUSE CVE-2022-50317 at NVD CVE-2022-50318 at SUSE CVE-2022-50318 at NVD CVE-2022-50320 at SUSE CVE-2022-50320 at NVD CVE-2022-50321 at SUSE CVE-2022-50321 at NVD CVE-2022-50323 at SUSE CVE-2022-50323 at NVD CVE-2022-50324 at SUSE CVE-2022-50324 at NVD CVE-2022-50325 at SUSE CVE-2022-50325 at NVD CVE-2022-50328 at SUSE CVE-2022-50328 at NVD CVE-2022-50329 at SUSE CVE-2022-50329 at NVD CVE-2022-50330 at SUSE CVE-2022-50330 at NVD CVE-2022-50331 at SUSE CVE-2022-50331 at NVD CVE-2022-50333 at SUSE CVE-2022-50333 at NVD CVE-2022-50339 at SUSE CVE-2022-50339 at NVD CVE-2022-50340 at SUSE CVE-2022-50340 at NVD CVE-2022-50342 at SUSE CVE-2022-50342 at NVD CVE-2022-50344 at SUSE CVE-2022-50344 at NVD CVE-2022-50346 at SUSE CVE-2022-50346 at NVD CVE-2022-50347 at SUSE CVE-2022-50347 at NVD CVE-2022-50348 at SUSE CVE-2022-50348 at NVD CVE-2022-50349 at SUSE CVE-2022-50349 at NVD CVE-2022-50351 at SUSE CVE-2022-50351 at NVD CVE-2022-50353 at SUSE CVE-2022-50353 at NVD CVE-2022-50354 at SUSE CVE-2022-50354 at NVD CVE-2022-50355 at SUSE CVE-2022-50355 at NVD CVE-2022-50356 at SUSE CVE-2022-50356 at NVD CVE-2022-50357 at SUSE CVE-2022-50357 at NVD CVE-2022-50358 at SUSE CVE-2022-50358 at NVD CVE-2022-50359 at SUSE CVE-2022-50359 at NVD CVE-2022-50360 at SUSE CVE-2022-50360 at NVD CVE-2022-50362 at SUSE CVE-2022-50362 at NVD CVE-2022-50364 at SUSE CVE-2022-50364 at NVD CVE-2022-50367 at SUSE CVE-2022-50367 at NVD CVE-2022-50368 at SUSE CVE-2022-50368 at NVD CVE-2022-50369 at SUSE CVE-2022-50369 at NVD CVE-2022-50370 at SUSE CVE-2022-50370 at NVD CVE-2022-50372 at SUSE CVE-2022-50372 at NVD CVE-2022-50373 at SUSE CVE-2022-50373 at NVD CVE-2022-50374 at SUSE CVE-2022-50374 at NVD CVE-2022-50375 at SUSE CVE-2022-50375 at NVD CVE-2022-50376 at SUSE CVE-2022-50376 at NVD CVE-2022-50378 at SUSE CVE-2022-50378 at NVD CVE-2022-50379 at SUSE CVE-2022-50379 at NVD CVE-2022-50381 at SUSE CVE-2022-50381 at NVD CVE-2022-50385 at SUSE CVE-2022-50385 at NVD CVE-2022-50386 at SUSE CVE-2022-50386 at NVD CVE-2022-50388 at SUSE CVE-2022-50388 at NVD CVE-2022-50389 at SUSE CVE-2022-50389 at NVD CVE-2022-50390 at SUSE CVE-2022-50390 at NVD CVE-2022-50391 at SUSE CVE-2022-50391 at NVD CVE-2022-50392 at SUSE CVE-2022-50392 at NVD CVE-2022-50393 at SUSE CVE-2022-50393 at NVD CVE-2022-50394 at SUSE CVE-2022-50394 at NVD CVE-2022-50395 at SUSE CVE-2022-50395 at NVD CVE-2022-50396 at SUSE CVE-2022-50396 at NVD CVE-2022-50398 at SUSE CVE-2022-50398 at NVD CVE-2022-50399 at SUSE CVE-2022-50399 at NVD CVE-2022-50401 at SUSE CVE-2022-50401 at NVD CVE-2022-50402 at SUSE CVE-2022-50402 at NVD CVE-2022-50404 at SUSE CVE-2022-50404 at NVD CVE-2022-50406 at SUSE CVE-2022-50406 at NVD CVE-2022-50408 at SUSE CVE-2022-50408 at NVD CVE-2022-50409 at SUSE CVE-2022-50409 at NVD CVE-2022-50410 at SUSE CVE-2022-50410 at NVD CVE-2022-50411 at SUSE CVE-2022-50411 at NVD CVE-2022-50412 at SUSE CVE-2022-50412 at NVD CVE-2022-50414 at SUSE CVE-2022-50414 at NVD CVE-2022-50417 at SUSE CVE-2022-50417 at NVD CVE-2022-50418 at SUSE CVE-2022-50418 at NVD CVE-2022-50419 at SUSE CVE-2022-50419 at NVD CVE-2022-50422 at SUSE CVE-2022-50422 at NVD CVE-2022-50423 at SUSE CVE-2022-50423 at NVD CVE-2022-50425 at SUSE CVE-2022-50425 at NVD CVE-2022-50427 at SUSE CVE-2022-50427 at NVD CVE-2022-50428 at SUSE CVE-2022-50428 at NVD CVE-2022-50429 at SUSE CVE-2022-50429 at NVD CVE-2022-50430 at SUSE CVE-2022-50430 at NVD CVE-2022-50431 at SUSE CVE-2022-50431 at NVD CVE-2022-50432 at SUSE CVE-2022-50432 at NVD CVE-2022-50433 at SUSE CVE-2022-50433 at NVD CVE-2022-50434 at SUSE CVE-2022-50434 at NVD CVE-2022-50435 at SUSE CVE-2022-50435 at NVD CVE-2022-50436 at SUSE CVE-2022-50436 at NVD CVE-2022-50437 at SUSE CVE-2022-50437 at NVD CVE-2022-50439 at SUSE CVE-2022-50439 at NVD CVE-2022-50440 at SUSE CVE-2022-50440 at NVD CVE-2022-50441 at SUSE CVE-2022-50441 at NVD CVE-2022-50443 at SUSE CVE-2022-50443 at NVD CVE-2022-50444 at SUSE CVE-2022-50444 at NVD CVE-2022-50447 at SUSE CVE-2022-50447 at NVD CVE-2022-50449 at SUSE CVE-2022-50449 at NVD CVE-2022-50452 at SUSE CVE-2022-50452 at NVD CVE-2022-50453 at SUSE CVE-2022-50453 at NVD CVE-2022-50454 at SUSE CVE-2022-50454 at NVD CVE-2022-50456 at SUSE CVE-2022-50456 at NVD CVE-2022-50458 at SUSE CVE-2022-50458 at NVD CVE-2022-50459 at SUSE CVE-2022-50459 at NVD CVE-2022-50460 at SUSE CVE-2022-50460 at NVD CVE-2022-50464 at SUSE CVE-2022-50464 at NVD CVE-2022-50465 at SUSE CVE-2022-50465 at NVD CVE-2022-50466 at SUSE CVE-2022-50466 at NVD CVE-2022-50467 at SUSE CVE-2022-50467 at NVD CVE-2022-50468 at SUSE CVE-2022-50468 at NVD CVE-2022-50469 at SUSE CVE-2022-50469 at NVD CVE-2023-1380 at SUSE CVE-2023-1380 at NVD CVE-2023-28328 at SUSE CVE-2023-28328 at NVD CVE-2023-31248 at SUSE CVE-2023-31248 at NVD CVE-2023-3772 at SUSE CVE-2023-3772 at NVD CVE-2023-39197 at SUSE CVE-2023-39197 at NVD CVE-2023-42753 at SUSE CVE-2023-42753 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-53147 at SUSE CVE-2023-53147 at NVD CVE-2023-53149 at SUSE CVE-2023-53149 at NVD CVE-2023-53150 at SUSE CVE-2023-53150 at NVD CVE-2023-53151 at SUSE CVE-2023-53151 at NVD CVE-2023-53152 at SUSE CVE-2023-53152 at NVD CVE-2023-53153 at SUSE CVE-2023-53153 at NVD CVE-2023-53165 at SUSE CVE-2023-53165 at NVD CVE-2023-53167 at SUSE CVE-2023-53167 at NVD CVE-2023-53168 at SUSE CVE-2023-53168 at NVD CVE-2023-53171 at SUSE CVE-2023-53171 at NVD CVE-2023-53174 at SUSE CVE-2023-53174 at NVD CVE-2023-53176 at SUSE CVE-2023-53176 at NVD CVE-2023-53178 at SUSE CVE-2023-53178 at NVD CVE-2023-53179 at SUSE CVE-2023-53179 at NVD CVE-2023-53181 at SUSE CVE-2023-53181 at NVD CVE-2023-53182 at SUSE CVE-2023-53182 at NVD CVE-2023-53185 at SUSE CVE-2023-53185 at NVD CVE-2023-53189 at SUSE CVE-2023-53189 at NVD CVE-2023-53193 at SUSE CVE-2023-53193 at NVD CVE-2023-53196 at SUSE CVE-2023-53196 at NVD CVE-2023-53197 at SUSE CVE-2023-53197 at NVD CVE-2023-53199 at SUSE CVE-2023-53199 at NVD CVE-2023-53201 at SUSE CVE-2023-53201 at NVD CVE-2023-53205 at SUSE CVE-2023-53205 at NVD CVE-2023-53210 at SUSE CVE-2023-53210 at NVD CVE-2023-53213 at SUSE CVE-2023-53213 at NVD CVE-2023-53215 at SUSE CVE-2023-53215 at NVD CVE-2023-53216 at SUSE CVE-2023-53216 at NVD CVE-2023-53219 at SUSE CVE-2023-53219 at NVD CVE-2023-53222 at SUSE CVE-2023-53222 at NVD CVE-2023-53223 at SUSE CVE-2023-53223 at NVD CVE-2023-53226 at SUSE CVE-2023-53226 at NVD CVE-2023-53229 at SUSE CVE-2023-53229 at NVD CVE-2023-53230 at SUSE CVE-2023-53230 at NVD CVE-2023-53232 at SUSE CVE-2023-53232 at NVD CVE-2023-53234 at SUSE CVE-2023-53234 at NVD CVE-2023-53237 at SUSE CVE-2023-53237 at NVD CVE-2023-53238 at SUSE CVE-2023-53238 at NVD CVE-2023-53239 at SUSE CVE-2023-53239 at NVD CVE-2023-53241 at SUSE CVE-2023-53241 at NVD CVE-2023-53242 at SUSE CVE-2023-53242 at NVD CVE-2023-53244 at SUSE CVE-2023-53244 at NVD CVE-2023-53245 at SUSE CVE-2023-53245 at NVD CVE-2023-53246 at SUSE CVE-2023-53246 at NVD CVE-2023-53249 at SUSE CVE-2023-53249 at NVD CVE-2023-53250 at SUSE CVE-2023-53250 at NVD CVE-2023-53251 at SUSE CVE-2023-53251 at NVD CVE-2023-53252 at SUSE CVE-2023-53252 at NVD CVE-2023-53255 at SUSE CVE-2023-53255 at NVD CVE-2023-53257 at SUSE CVE-2023-53257 at NVD CVE-2023-53258 at SUSE CVE-2023-53258 at NVD CVE-2023-53259 at SUSE CVE-2023-53259 at NVD CVE-2023-53263 at SUSE CVE-2023-53263 at NVD CVE-2023-53265 at SUSE CVE-2023-53265 at NVD CVE-2023-53268 at SUSE CVE-2023-53268 at NVD CVE-2023-53270 at SUSE CVE-2023-53270 at NVD CVE-2023-53272 at SUSE CVE-2023-53272 at NVD CVE-2023-53273 at SUSE CVE-2023-53273 at NVD CVE-2023-53275 at SUSE CVE-2023-53275 at NVD CVE-2023-53276 at SUSE CVE-2023-53276 at NVD CVE-2023-53277 at SUSE CVE-2023-53277 at NVD CVE-2023-53280 at SUSE CVE-2023-53280 at NVD CVE-2023-53281 at SUSE CVE-2023-53281 at NVD CVE-2023-53282 at SUSE CVE-2023-53282 at NVD CVE-2023-53284 at SUSE CVE-2023-53284 at NVD CVE-2023-53286 at SUSE CVE-2023-53286 at NVD CVE-2023-53287 at SUSE CVE-2023-53287 at NVD CVE-2023-53288 at SUSE CVE-2023-53288 at NVD CVE-2023-53295 at SUSE CVE-2023-53295 at NVD CVE-2023-53297 at SUSE CVE-2023-53297 at NVD CVE-2023-53298 at SUSE CVE-2023-53298 at NVD CVE-2023-53299 at SUSE CVE-2023-53299 at NVD CVE-2023-53302 at SUSE CVE-2023-53302 at NVD CVE-2023-53304 at SUSE CVE-2023-53304 at NVD CVE-2023-53305 at SUSE CVE-2023-53305 at NVD CVE-2023-53309 at SUSE CVE-2023-53309 at NVD CVE-2023-53311 at SUSE CVE-2023-53311 at NVD CVE-2023-53313 at SUSE CVE-2023-53313 at NVD CVE-2023-53314 at SUSE CVE-2023-53314 at NVD CVE-2023-53315 at SUSE CVE-2023-53315 at NVD CVE-2023-53316 at SUSE CVE-2023-53316 at NVD CVE-2023-53317 at SUSE CVE-2023-53317 at NVD CVE-2023-53320 at SUSE CVE-2023-53320 at NVD CVE-2023-53321 at SUSE CVE-2023-53321 at NVD CVE-2023-53322 at SUSE CVE-2023-53322 at NVD CVE-2023-53324 at SUSE CVE-2023-53324 at NVD CVE-2023-53326 at SUSE CVE-2023-53326 at NVD CVE-2023-53330 at SUSE CVE-2023-53330 at NVD CVE-2023-53331 at SUSE CVE-2023-53331 at NVD CVE-2023-53332 at SUSE CVE-2023-53332 at NVD CVE-2023-53333 at SUSE CVE-2023-53333 at NVD CVE-2023-53334 at SUSE CVE-2023-53334 at NVD CVE-2023-53335 at SUSE CVE-2023-53335 at NVD CVE-2023-53337 at SUSE CVE-2023-53337 at NVD CVE-2023-53340 at SUSE CVE-2023-53340 at NVD CVE-2023-53344 at SUSE CVE-2023-53344 at NVD CVE-2023-53347 at SUSE CVE-2023-53347 at NVD CVE-2023-53349 at SUSE CVE-2023-53349 at NVD CVE-2023-53352 at SUSE CVE-2023-53352 at NVD CVE-2023-53356 at SUSE CVE-2023-53356 at NVD CVE-2023-53357 at SUSE CVE-2023-53357 at NVD CVE-2023-53359 at SUSE CVE-2023-53359 at NVD CVE-2023-53368 at SUSE CVE-2023-53368 at NVD CVE-2023-53370 at SUSE CVE-2023-53370 at NVD CVE-2023-53371 at SUSE CVE-2023-53371 at NVD CVE-2023-53373 at SUSE CVE-2023-53373 at NVD CVE-2023-53375 at SUSE CVE-2023-53375 at NVD CVE-2023-53377 at SUSE CVE-2023-53377 at NVD CVE-2023-53378 at SUSE CVE-2023-53378 at NVD CVE-2023-53379 at SUSE CVE-2023-53379 at NVD CVE-2023-53380 at SUSE CVE-2023-53380 at NVD CVE-2023-53381 at SUSE CVE-2023-53381 at NVD CVE-2023-53383 at SUSE CVE-2023-53383 at NVD CVE-2023-53384 at SUSE CVE-2023-53384 at NVD CVE-2023-53386 at SUSE CVE-2023-53386 at NVD CVE-2023-53388 at SUSE CVE-2023-53388 at NVD CVE-2023-53390 at SUSE CVE-2023-53390 at NVD CVE-2023-53391 at SUSE CVE-2023-53391 at NVD CVE-2023-53393 at SUSE CVE-2023-53393 at NVD CVE-2023-53395 at SUSE CVE-2023-53395 at NVD CVE-2023-53396 at SUSE CVE-2023-53396 at NVD CVE-2023-53398 at SUSE CVE-2023-53398 at NVD CVE-2023-53400 at SUSE CVE-2023-53400 at NVD CVE-2023-53404 at SUSE CVE-2023-53404 at NVD CVE-2023-53405 at SUSE CVE-2023-53405 at NVD CVE-2023-53406 at SUSE CVE-2023-53406 at NVD CVE-2023-53409 at SUSE CVE-2023-53409 at NVD CVE-2023-53413 at SUSE CVE-2023-53413 at NVD CVE-2023-53414 at SUSE CVE-2023-53414 at NVD CVE-2023-53415 at SUSE CVE-2023-53415 at NVD CVE-2023-53416 at SUSE CVE-2023-53416 at NVD CVE-2023-53422 at SUSE CVE-2023-53422 at NVD CVE-2023-53427 at SUSE CVE-2023-53427 at NVD CVE-2023-53431 at SUSE CVE-2023-53431 at NVD CVE-2023-53435 at SUSE CVE-2023-53435 at NVD CVE-2023-53436 at SUSE CVE-2023-53436 at NVD CVE-2023-53437 at SUSE CVE-2023-53437 at NVD CVE-2023-53438 at SUSE CVE-2023-53438 at NVD CVE-2023-53440 at SUSE CVE-2023-53440 at NVD CVE-2023-53442 at SUSE CVE-2023-53442 at NVD CVE-2023-53443 at SUSE CVE-2023-53443 at NVD CVE-2023-53444 at SUSE CVE-2023-53444 at NVD CVE-2023-53446 at SUSE CVE-2023-53446 at NVD CVE-2023-53448 at SUSE CVE-2023-53448 at NVD CVE-2023-53449 at SUSE CVE-2023-53449 at NVD CVE-2023-53451 at SUSE CVE-2023-53451 at NVD CVE-2023-53452 at SUSE CVE-2023-53452 at NVD CVE-2023-53453 at SUSE CVE-2023-53453 at NVD CVE-2023-53454 at SUSE CVE-2023-53454 at NVD CVE-2023-53456 at SUSE CVE-2023-53456 at NVD CVE-2023-53457 at SUSE CVE-2023-53457 at NVD CVE-2023-53458 at SUSE CVE-2023-53458 at NVD CVE-2023-53463 at SUSE CVE-2023-53463 at NVD CVE-2023-53464 at SUSE CVE-2023-53464 at NVD CVE-2023-53465 at SUSE CVE-2023-53465 at NVD CVE-2023-53466 at SUSE CVE-2023-53466 at NVD CVE-2023-53468 at SUSE CVE-2023-53468 at NVD CVE-2023-53471 at SUSE CVE-2023-53471 at NVD CVE-2023-53472 at SUSE CVE-2023-53472 at NVD CVE-2023-53473 at SUSE CVE-2023-53473 at NVD CVE-2023-53474 at SUSE CVE-2023-53474 at NVD CVE-2023-53475 at SUSE CVE-2023-53475 at NVD CVE-2023-53476 at SUSE CVE-2023-53476 at NVD CVE-2023-53480 at SUSE CVE-2023-53480 at NVD CVE-2023-53482 at SUSE CVE-2023-53482 at NVD CVE-2023-53485 at SUSE CVE-2023-53485 at NVD CVE-2023-53487 at SUSE CVE-2023-53487 at NVD CVE-2023-53488 at SUSE CVE-2023-53488 at NVD CVE-2023-53489 at SUSE CVE-2023-53489 at NVD CVE-2023-53492 at SUSE CVE-2023-53492 at NVD CVE-2023-53494 at SUSE CVE-2023-53494 at NVD CVE-2023-53496 at SUSE CVE-2023-53496 at NVD CVE-2023-53498 at SUSE CVE-2023-53498 at NVD CVE-2023-53499 at SUSE CVE-2023-53499 at NVD CVE-2023-53505 at SUSE CVE-2023-53505 at NVD CVE-2023-53506 at SUSE CVE-2023-53506 at NVD CVE-2023-53509 at SUSE CVE-2023-53509 at NVD CVE-2023-53511 at SUSE CVE-2023-53511 at NVD CVE-2023-53512 at SUSE CVE-2023-53512 at NVD CVE-2023-53515 at SUSE CVE-2023-53515 at NVD CVE-2023-53518 at SUSE CVE-2023-53518 at NVD CVE-2023-53519 at SUSE CVE-2023-53519 at NVD CVE-2023-53521 at SUSE CVE-2023-53521 at NVD CVE-2023-53524 at SUSE CVE-2023-53524 at NVD CVE-2023-53525 at SUSE CVE-2023-53525 at NVD CVE-2023-53526 at SUSE CVE-2023-53526 at NVD CVE-2023-53530 at SUSE CVE-2023-53530 at NVD CVE-2023-53531 at SUSE CVE-2023-53531 at NVD CVE-2023-53532 at SUSE CVE-2023-53532 at NVD CVE-2024-26583 at SUSE CVE-2024-26583 at NVD CVE-2024-26584 at SUSE CVE-2024-26584 at NVD CVE-2024-58240 at SUSE CVE-2024-58240 at NVD CVE-2025-37738 at SUSE CVE-2025-37738 at NVD CVE-2025-37958 at SUSE CVE-2025-37958 at NVD CVE-2025-38014 at SUSE CVE-2025-38014 at NVD CVE-2025-38111 at SUSE CVE-2025-38111 at NVD CVE-2025-38380 at SUSE CVE-2025-38380 at NVD CVE-2025-38488 at SUSE CVE-2025-38488 at NVD CVE-2025-38553 at SUSE CVE-2025-38553 at NVD CVE-2025-38572 at SUSE CVE-2025-38572 at NVD CVE-2025-38659 at SUSE CVE-2025-38659 at NVD CVE-2025-38664 at SUSE CVE-2025-38664 at NVD CVE-2025-38678 at SUSE CVE-2025-38678 at NVD CVE-2025-38683 at SUSE CVE-2025-38683 at NVD CVE-2025-38685 at SUSE CVE-2025-38685 at NVD CVE-2025-38706 at SUSE CVE-2025-38706 at NVD CVE-2025-38713 at SUSE CVE-2025-38713 at NVD CVE-2025-38734 at SUSE CVE-2025-38734 at NVD CVE-2025-39691 at SUSE CVE-2025-39691 at NVD CVE-2025-39703 at SUSE CVE-2025-39703 at NVD CVE-2025-39726 at SUSE CVE-2025-39726 at NVD CVE-2025-39746 at SUSE CVE-2025-39746 at NVD CVE-2025-39751 at SUSE CVE-2025-39751 at NVD CVE-2025-39790 at SUSE CVE-2025-39790 at NVD CVE-2025-39823 at SUSE CVE-2025-39823 at NVD CVE-2025-39824 at SUSE CVE-2025-39824 at NVD CVE-2025-39860 at SUSE CVE-2025-39860 at NVD CVE-2025-39869 at SUSE CVE-2025-39869 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-9566: fixed a case when kube play command could overwrite host files (bsc#1249154). Important SUSE bug 1249154 CVE-2025-9566 at SUSE CVE-2025-9566 at NVD cpe:/o:suse:sle-micro:5.5 Security update for afterburn (Important) SUSE Linux Enterprise Micro 5.5 This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource consumption and denial of service (bsc#1196972). - CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing (bsc#1243850). - CVE-2025-5791: users: `root` user being appended to group listings whenever listing does not have exactly 1024 groups can lead to privilege escalation when information is used for access control (bsc#1244199). - CVE-2025-3416: openssl: passing of `Some(...)` value as `properties` argument to `Md::fetch` or `Cipher::fetch` can lead to use-after-free (bsc#1242665). Other issues fixed: - Fixed in version 5.9.0.git21.a73f509: * cargo: update dependencies * microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat * microsoft/azure: Fix SharedConfig parsing of XML attributes * microsoft/azure: Mock goalstate.SharedConfig output in tests * providers/azure: switch SSH key retrieval from certs endpoint to IMDS as azure stopped providing keys in the old one (bsc#1250471). * upcloud: implement UpCloud provider * Update several build dependencies - Fixed in version 5.9.0: * cargo: update dependencies * dracut: Return 255 in module-setup * oraclecloud: add release note and move base URL to constant * oraclecloud: implement oraclecloud provider * Update several build dependencies - Fixed in version 5.8.2: * cargo: update dependencies * packit: add initial support - Fixed in version 5.7.0.git103.bae893c: * proxmoxve: Add more context to log messages. * proxmoxve: Remove unneeded fields * proxmoxve: Add tests for static network configuration from cloud-init. * proxmoxve: Add support for static network configuration from cloud-init. * providers/openstack: ignore ec2 metadata if not present * proxmox: use noop provider if no configdrive * Update several build dependencies - Fixed in version 5.7.0: * cargo: update dependencies * dhcp: replace dbus_proxy with proxy, and zbus traits * providers/hetzner: private ipv4 addresses in attributes * openstack: Document the two platforms * microsoft/azure: allow empty certificate chain in PKCS12 file * proxmoxve: implement proxmoxve provider * providers/hetzner: fix duplicate attribute prefix * lint: silence deadcode warnings * lint: address latest lint's from msrv update * cargo: update msrv to 1.75 * providers: Add 'akamai' provider * providers/vmware: add missing public functions for non-amd64 * providers/vmware: Process guestinfo.metadata netplan configuration * kubevirt: Run afterburn-hostname service * providers: add support for scaleway * Move away from deprecated `users` to `uzers` * providers/hetzner: add support for Hetzner Cloud * cargo: update MSRV to 1.71 * cargo: specify required features for nix dependency * openstack: Add attribute OPENSTACK_INSTANCE_UUID * cargo: allow openssl 0.10.46 * build-sys: Use new tier = 2 for cargo-vendor-filterer * cargo: fix minimum version of openssl crate * microsoft/crypto/mod: replace deprecated function `parse` with `parse2` * cli: switch to clap derive * cli: add descriptive value names for option arguments in --help * cli: have clap require exactly one of --cmdline/--provider * providers/`*`: move endpoint mocking into retry::Client * retry/client: move URL parsing into helper function * providers/microsoft: import crate::retry * providers/microsoft: use stored client for all fetches * providers/packet: use stored client for boot checkin * initrd: remember to write trailing newline to network kargs file * util: drop obsolete 'OEM' terminology * Inline variables into format strings * Update several build dependencies - Fixed in version 5.4.1: * cargo: add configuration for cargo-vendor-filterer * util: support DHCP option lookup from NetworkManager * util: factor out retries of DHCP option lookup * util: refactor DHCP option query helper into an enum * util: move dns_lease_key_lookup() to a separate module * cargo: update MSRV to 1.66 * cargo: update all packages to fix build error * cargo: continue to support openssh-keys 0.5 * cargo: drop serde_derive crate in favor of serde derive feature * cargo: use consistent declaration syntax for slog dependency * cargo: drop unused dependencies * cargo: continue to support base64 0.13 * cargo: continue to support mailparse 0.13.8 * cargo: continue to support clap 3.1 * cargo: stop enabling LTO in release builds * providers/ibmcloud: avoid error if an ssh key not found in metadata * systemd: add explicit ordering, after multi-user.target * network: fix clippy 1.63.0 lints * cargo: allow serde_yaml 0.8 * cargo: update version ranges for post-1.x deps * providers: Use inline `format!` in a few places * *: bump MSRV to 1.58.0 * cargo: update clap to 3.2.5 * copr: mark git checkout as safe * providers/aws: expose instance availability-zone-id as AWS_AVAILABILITY_ZONE_ID * Update several build dependencies - Fixed in version 5.3.0: * systemd: enable sshkeys on Power VS platform * network: Encode information for systemd-networkd-wait-online * cargo: update to clap 3.1 * cargo: enable clap wrap_help feature * cli: run clap tests * cli: avoid deprecated clap constructs * cargo: update to clap 3.0 * cli: use clap mechanism to require exp subcommand * cargo: declare MSRV in Cargo.toml * cargo: update to Rust 2021; bump MSRV to 1.56.0 * copr: abort if specfile fetch fails * providers/aws: add AWS_IPV6 attribute * providers/aws: bump metadata version to 2021-01-03 * kubevirt: Add KubeVirt platform support * *.service: add/update Documentation field * aws/mock_tests: explicitly drop mocks before resetting * aws/mock_tests: split out IMDS tests * aws/mock_tests: factor out map building * *: use `RemainAfterExit` on all oneshot services * Update several build dependencies Important SUSE bug 1196972 SUSE bug 1242665 SUSE bug 1243850 SUSE bug 1244199 SUSE bug 1244675 SUSE bug 1250471 CVE-2022-24713 at SUSE CVE-2022-24713 at NVD CVE-2024-12224 at SUSE CVE-2024-12224 at NVD CVE-2025-3416 at SUSE CVE-2025-3416 at NVD CVE-2025-5791 at SUSE CVE-2025-5791 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libssh (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libssh fixes the following issues: - CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is repeated with incorrect guesses (bsc#1249375). - CVE-2025-8114: NULL pointer dereference when an allocation error happens during the calculation of the KEX session ID (bsc#1246974). Moderate SUSE bug 1246974 SUSE bug 1249375 CVE-2025-8114 at SUSE CVE-2025-8114 at NVD CVE-2025-8277 at SUSE CVE-2025-8277 at NVD cpe:/o:suse:sle-micro:5.5 Security update for chrony (Moderate) SUSE Linux Enterprise Micro 5.5 This update for chrony fixes the following issues: - Race condition during socket creation by chronyc allows privilege escalation from user chrony to root (bsc#1246544). This update also ships chrony-pool-empty to SLE Micro 5.x (jsc#SMO-587) Moderate SUSE bug 1246544 cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls (bsc#1251271, XSA-475) - CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface (bsc#1248807, XSA-472) Important SUSE bug 1248807 SUSE bug 1251271 CVE-2025-27466 at SUSE CVE-2025-27466 at NVD CVE-2025-58142 at SUSE CVE-2025-58142 at NVD CVE-2025-58143 at SUSE CVE-2025-58143 at NVD CVE-2025-58147 at SUSE CVE-2025-58147 at NVD CVE-2025-58148 at SUSE CVE-2025-58148 at NVD cpe:/o:suse:sle-micro:5.5 Security update for mozilla-nss (Important) SUSE Linux Enterprise Micro 5.5 This update for mozilla-nss fixes the following issues: - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: * Prevent leaks during pkcs12 decoding. * SEC_ASN1Decode* should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: * restore support for finding certificates by decoded serial number. Important SUSE bug 1251263 CVE-2025-9187 at SUSE CVE-2025-9187 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. (bsc#1236270) Important SUSE bug 1236270 CVE-2024-11218 at SUSE CVE-2024-11218 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxslt (Important) SUSE Linux Enterprise Micro 5.5 This update for libxslt fixes the following issues: - CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function leading to denial of service (bsc#1251979) - CVE-2025-10911: last fix caused a regression, patch was temporary disabled (bsc#1250553) Important SUSE bug 1250553 SUSE bug 1251979 CVE-2025-10911 at SUSE CVE-2025-10911 at NVD CVE-2025-11731 at SUSE CVE-2025-11731 at NVD cpe:/o:suse:sle-micro:5.5 Security update for colord (Moderate) SUSE Linux Enterprise Micro 5.5 This update for colord fixes the following issues: - CVE-2021-42523: The original fix was wrong and did not properly free the error, resulting in a crash that has now been addressed (bsc#1250750). Moderate SUSE bug 1250750 CVE-2021-42523 at SUSE CVE-2021-42523 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tiff (Important) SUSE Linux Enterprise Micro 5.5 This update for tiff fixes the following issues: - CVE-2025-9900: Fixed Write-What-Where in libtiff via TIFFReadRGBAImageOriented (bsc#1250413). Important SUSE bug 1250413 CVE-2025-9900 at SUSE CVE-2025-9900 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Important) SUSE Linux Enterprise Micro 5.5 This update for runc fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232). - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232). - CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232). Update to runc v1.2.7. - Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7> Important SUSE bug 1252232 CVE-2025-31133 at SUSE CVE-2025-31133 at NVD CVE-2025-52565 at SUSE CVE-2025-52565 at NVD CVE-2025-52881 at SUSE CVE-2025-52881 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gpg2 (Low) SUSE Linux Enterprise Micro 5.5 This update for gpg2 fixes the following issues: - CVE-2025-30258: fixed a verification denial of service due to a malicious subkey in the keyring (bsc#1239119) Low SUSE bug 1239119 CVE-2025-30258 at SUSE CVE-2025-30258 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ovmf (Important) SUSE Linux Enterprise Micro 5.5 This update for ovmf fixes the following issues: - CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA options in DHCPv6 Advertise messages. (bsc#1218879) - CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. (bsc#1218880) - CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect message with truncated options. (bsc#1218881) - CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the Destination Options header. (bsc#1218882) - CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the Destination Options header. (bsc#1218883) - CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options in a DHCPv6 Advertise message. (bsc#1218884) - CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option in a DHCPv6 proxy Advertise message. (bsc#1218885) - CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network packages. (bsc#1218886) - CVE-2023-45237: use of a weak pseudorandom number generator in edk2. (bsc#1218887) Important SUSE bug 1218879 SUSE bug 1218880 SUSE bug 1218881 SUSE bug 1218882 SUSE bug 1218883 SUSE bug 1218884 SUSE bug 1218885 SUSE bug 1218886 SUSE bug 1218887 CVE-2023-45229 at SUSE CVE-2023-45229 at NVD CVE-2023-45230 at SUSE CVE-2023-45230 at NVD CVE-2023-45231 at SUSE CVE-2023-45231 at NVD CVE-2023-45232 at SUSE CVE-2023-45232 at NVD CVE-2023-45233 at SUSE CVE-2023-45233 at NVD CVE-2023-45234 at SUSE CVE-2023-45234 at NVD CVE-2023-45235 at SUSE CVE-2023-45235 at NVD CVE-2023-45236 at SUSE CVE-2023-45236 at NVD CVE-2023-45237 at SUSE CVE-2023-45237 at NVD cpe:/o:suse:sle-micro:5.5 Security update for runc (Important) SUSE Linux Enterprise Micro 5.5 This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232 * CVE-2025-31133 * CVE-2025-52565 * CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110 - Includes an important fix for the CPUSet translation for cgroupv2. Update to runc v1.3.1. Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.3.1> Update to runc v1.3.0. Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.3.0> Important SUSE bug 1252110 SUSE bug 1252232 CVE-2025-31133 at SUSE CVE-2025-31133 at NVD CVE-2025-52565 at SUSE CVE-2025-52565 at NVD CVE-2025-52881 at SUSE CVE-2025-52881 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252376) - CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252376) - CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252376) Other fixes: - Fix: podman and buildah with runc 1.3.2 fail with lots of warnings as rootless (bsc#1252543) Important SUSE bug 1252376 SUSE bug 1252543 CVE-2025-31133 at SUSE CVE-2025-31133 at NVD CVE-2025-52565 at SUSE CVE-2025-52565 at NVD CVE-2025-52881 at SUSE CVE-2025-52881 at NVD cpe:/o:suse:sle-micro:5.5 Security update for elfutils (Moderate) SUSE Linux Enterprise Micro 5.5 This update for elfutils fixes the following issues: - Fixing build/testsuite for more recent glibc and kernels. - Fixing denial of service and general buffer overflow errors (bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242): - CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip - CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip - CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf - CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf - Fixing testsuite race conditions in run-debuginfod-find.sh. Moderate SUSE bug 1237236 SUSE bug 1237240 SUSE bug 1237241 SUSE bug 1237242 CVE-2025-1352 at SUSE CVE-2025-1352 at NVD CVE-2025-1372 at SUSE CVE-2025-1372 at NVD CVE-2025-1376 at SUSE CVE-2025-1376 at NVD CVE-2025-1377 at SUSE CVE-2025-1377 at NVD cpe:/o:suse:sle-micro:5.5 Security update for bind (Important) SUSE Linux Enterprise Micro 5.5 This update for bind fixes the following issues: - CVE-2025-40778: Address various spoofing attacks (bsc#1252379). - CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator (bsc#1252380). Important SUSE bug 1252379 SUSE bug 1252380 CVE-2025-40778 at SUSE CVE-2025-40778 at NVD CVE-2025-40780 at SUSE CVE-2025-40780 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssh (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssh fixes the following issues: - CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198) - CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199) Moderate SUSE bug 1251198 SUSE bug 1251199 CVE-2025-61984 at SUSE CVE-2025-61984 at NVD CVE-2025-61985 at SUSE CVE-2025-61985 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859). - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (bsc#1249857). - CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251164). - CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741). - CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988). - CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816). - CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052). - CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222). - CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743). - CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763). - CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554). - CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960). - CVE-2025-38084: hugetlb: unshare some PMDs when splitting VMAs (bsc#1245498). - CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245499). - CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1247317). - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249479). - CVE-2025-39797: xfrm: Duplicate SPI Handling (bsc#1249608). - CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230). - CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033). - CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047). - CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035). - CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069). - CVE-2025-39981: Bluetooth: MGMT: Fix possible UAFs (bsc#1252060). - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688). - CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785). The following non security issues were fixed: - NFS: remove revoked delegation from server's delegation list (bsc#1246211). - NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211). - fbcon: Fix OOB access in font allocation (bsc#1252033) - kabi fix for NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211). - mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823). - net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265). - net: mana: Switch to page pool for jumbo frames (bsc#1248754). - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754). - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). No CVE available yet, please see the bugzilla ticket referenced. Important SUSE bug 1065729 SUSE bug 1205128 SUSE bug 1206843 SUSE bug 1206893 SUSE bug 1207612 SUSE bug 1207619 SUSE bug 1210763 SUSE bug 1211162 SUSE bug 1211692 SUSE bug 1213098 SUSE bug 1213114 SUSE bug 1213747 SUSE bug 1214754 SUSE bug 1214954 SUSE bug 1214992 SUSE bug 1215148 SUSE bug 1217366 SUSE bug 1236104 SUSE bug 1242960 SUSE bug 1245498 SUSE bug 1245499 SUSE bug 1246211 SUSE bug 1247317 SUSE bug 1248754 SUSE bug 1249479 SUSE bug 1249608 SUSE bug 1249857 SUSE bug 1249859 SUSE bug 1249988 SUSE bug 1250237 SUSE bug 1250742 SUSE bug 1250816 SUSE bug 1250946 SUSE bug 1251027 SUSE bug 1251032 SUSE bug 1251034 SUSE bug 1251035 SUSE bug 1251037 SUSE bug 1251040 SUSE bug 1251043 SUSE bug 1251045 SUSE bug 1251046 SUSE bug 1251047 SUSE bug 1251052 SUSE bug 1251054 SUSE bug 1251057 SUSE bug 1251059 SUSE bug 1251060 SUSE bug 1251061 SUSE bug 1251063 SUSE bug 1251065 SUSE bug 1251066 SUSE bug 1251068 SUSE bug 1251072 SUSE bug 1251079 SUSE bug 1251080 SUSE bug 1251082 SUSE bug 1251086 SUSE bug 1251087 SUSE bug 1251088 SUSE bug 1251091 SUSE bug 1251092 SUSE bug 1251093 SUSE bug 1251097 SUSE bug 1251099 SUSE bug 1251101 SUSE bug 1251104 SUSE bug 1251105 SUSE bug 1251106 SUSE bug 1251110 SUSE bug 1251113 SUSE bug 1251115 SUSE bug 1251123 SUSE bug 1251128 SUSE bug 1251129 SUSE bug 1251133 SUSE bug 1251136 SUSE bug 1251147 SUSE bug 1251149 SUSE bug 1251153 SUSE bug 1251154 SUSE bug 1251159 SUSE bug 1251162 SUSE bug 1251164 SUSE bug 1251166 SUSE bug 1251167 SUSE bug 1251169 SUSE bug 1251170 SUSE bug 1251173 SUSE bug 1251174 SUSE bug 1251178 SUSE bug 1251180 SUSE bug 1251182 SUSE bug 1251197 SUSE bug 1251200 SUSE bug 1251201 SUSE bug 1251202 SUSE bug 1251208 SUSE bug 1251210 SUSE bug 1251215 SUSE bug 1251218 SUSE bug 1251221 SUSE bug 1251222 SUSE bug 1251223 SUSE bug 1251230 SUSE bug 1251247 SUSE bug 1251268 SUSE bug 1251281 SUSE bug 1251282 SUSE bug 1251283 SUSE bug 1251284 SUSE bug 1251285 SUSE bug 1251286 SUSE bug 1251292 SUSE bug 1251294 SUSE bug 1251295 SUSE bug 1251296 SUSE bug 1251298 SUSE bug 1251299 SUSE bug 1251300 SUSE bug 1251301 SUSE bug 1251302 SUSE bug 1251303 SUSE bug 1251306 SUSE bug 1251307 SUSE bug 1251310 SUSE bug 1251312 SUSE bug 1251315 SUSE bug 1251322 SUSE bug 1251324 SUSE bug 1251325 SUSE bug 1251326 SUSE bug 1251327 SUSE bug 1251329 SUSE bug 1251330 SUSE bug 1251331 SUSE bug 1251519 SUSE bug 1251521 SUSE bug 1251522 SUSE bug 1251527 SUSE bug 1251529 SUSE bug 1251550 SUSE bug 1251723 SUSE bug 1251725 SUSE bug 1251728 SUSE bug 1251730 SUSE bug 1251736 SUSE bug 1251737 SUSE bug 1251738 SUSE bug 1251741 SUSE bug 1251743 SUSE bug 1251750 SUSE bug 1251753 SUSE bug 1251759 SUSE bug 1251761 SUSE bug 1251762 SUSE bug 1251763 SUSE bug 1251764 SUSE bug 1251767 SUSE bug 1251769 SUSE bug 1251772 SUSE bug 1251775 SUSE bug 1251777 SUSE bug 1251785 SUSE bug 1251823 SUSE bug 1251930 SUSE bug 1251967 SUSE bug 1252033 SUSE bug 1252035 SUSE bug 1252047 SUSE bug 1252060 SUSE bug 1252069 SUSE bug 1252265 SUSE bug 1252473 SUSE bug 1252474 SUSE bug 1252475 SUSE bug 1252476 SUSE bug 1252480 SUSE bug 1252484 SUSE bug 1252486 SUSE bug 1252489 SUSE bug 1252490 SUSE bug 1252492 SUSE bug 1252494 SUSE bug 1252495 SUSE bug 1252497 SUSE bug 1252499 SUSE bug 1252501 SUSE bug 1252508 SUSE bug 1252509 SUSE bug 1252513 SUSE bug 1252515 SUSE bug 1252516 SUSE bug 1252519 SUSE bug 1252521 SUSE bug 1252522 SUSE bug 1252523 SUSE bug 1252526 SUSE bug 1252528 SUSE bug 1252529 SUSE bug 1252532 SUSE bug 1252534 SUSE bug 1252535 SUSE bug 1252536 SUSE bug 1252537 SUSE bug 1252538 SUSE bug 1252539 SUSE bug 1252542 SUSE bug 1252545 SUSE bug 1252549 SUSE bug 1252554 SUSE bug 1252560 SUSE bug 1252564 SUSE bug 1252565 SUSE bug 1252568 SUSE bug 1252632 SUSE bug 1252634 SUSE bug 1252688 SUSE bug 1252785 SUSE bug 1252893 CVE-2022-43945 at SUSE CVE-2022-43945 at NVD CVE-2022-50327 at SUSE CVE-2022-50327 at NVD CVE-2022-50334 at SUSE CVE-2022-50334 at NVD CVE-2022-50470 at SUSE CVE-2022-50470 at NVD CVE-2022-50471 at SUSE CVE-2022-50471 at NVD CVE-2022-50472 at SUSE CVE-2022-50472 at NVD CVE-2022-50475 at SUSE CVE-2022-50475 at NVD CVE-2022-50478 at SUSE CVE-2022-50478 at NVD CVE-2022-50479 at SUSE CVE-2022-50479 at NVD CVE-2022-50480 at SUSE CVE-2022-50480 at NVD CVE-2022-50482 at SUSE CVE-2022-50482 at NVD CVE-2022-50484 at SUSE CVE-2022-50484 at NVD CVE-2022-50485 at SUSE CVE-2022-50485 at NVD CVE-2022-50487 at SUSE CVE-2022-50487 at NVD CVE-2022-50488 at SUSE CVE-2022-50488 at NVD CVE-2022-50489 at SUSE CVE-2022-50489 at NVD CVE-2022-50490 at SUSE CVE-2022-50490 at NVD CVE-2022-50492 at SUSE CVE-2022-50492 at NVD CVE-2022-50493 at SUSE CVE-2022-50493 at NVD CVE-2022-50494 at SUSE CVE-2022-50494 at NVD CVE-2022-50496 at SUSE CVE-2022-50496 at NVD CVE-2022-50497 at SUSE CVE-2022-50497 at NVD CVE-2022-50498 at SUSE CVE-2022-50498 at NVD CVE-2022-50499 at SUSE CVE-2022-50499 at NVD CVE-2022-50501 at SUSE CVE-2022-50501 at NVD CVE-2022-50503 at SUSE CVE-2022-50503 at NVD CVE-2022-50504 at SUSE CVE-2022-50504 at NVD CVE-2022-50505 at SUSE CVE-2022-50505 at NVD CVE-2022-50509 at SUSE CVE-2022-50509 at NVD CVE-2022-50511 at SUSE CVE-2022-50511 at NVD CVE-2022-50512 at SUSE CVE-2022-50512 at NVD CVE-2022-50513 at SUSE CVE-2022-50513 at NVD CVE-2022-50514 at SUSE CVE-2022-50514 at NVD CVE-2022-50515 at SUSE CVE-2022-50515 at NVD CVE-2022-50516 at SUSE CVE-2022-50516 at NVD CVE-2022-50519 at SUSE CVE-2022-50519 at NVD CVE-2022-50520 at SUSE CVE-2022-50520 at NVD CVE-2022-50521 at SUSE CVE-2022-50521 at NVD CVE-2022-50523 at SUSE CVE-2022-50523 at NVD CVE-2022-50524 at SUSE CVE-2022-50524 at NVD CVE-2022-50525 at SUSE CVE-2022-50525 at NVD CVE-2022-50526 at SUSE CVE-2022-50526 at NVD CVE-2022-50527 at SUSE CVE-2022-50527 at NVD CVE-2022-50528 at SUSE CVE-2022-50528 at NVD CVE-2022-50529 at SUSE CVE-2022-50529 at NVD CVE-2022-50530 at SUSE CVE-2022-50530 at NVD CVE-2022-50532 at SUSE CVE-2022-50532 at NVD CVE-2022-50534 at SUSE CVE-2022-50534 at NVD CVE-2022-50535 at SUSE CVE-2022-50535 at NVD CVE-2022-50537 at SUSE CVE-2022-50537 at NVD CVE-2022-50541 at SUSE CVE-2022-50541 at NVD CVE-2022-50542 at SUSE CVE-2022-50542 at NVD CVE-2022-50543 at SUSE CVE-2022-50543 at NVD CVE-2022-50544 at SUSE CVE-2022-50544 at NVD CVE-2022-50545 at SUSE CVE-2022-50545 at NVD CVE-2022-50546 at SUSE CVE-2022-50546 at NVD CVE-2022-50549 at SUSE CVE-2022-50549 at NVD CVE-2022-50551 at SUSE CVE-2022-50551 at NVD CVE-2022-50553 at SUSE CVE-2022-50553 at NVD CVE-2022-50556 at SUSE CVE-2022-50556 at NVD CVE-2022-50559 at SUSE CVE-2022-50559 at NVD CVE-2022-50560 at SUSE CVE-2022-50560 at NVD CVE-2022-50561 at SUSE CVE-2022-50561 at NVD CVE-2022-50562 at SUSE CVE-2022-50562 at NVD CVE-2022-50563 at SUSE CVE-2022-50563 at NVD CVE-2022-50564 at SUSE CVE-2022-50564 at NVD CVE-2022-50566 at SUSE CVE-2022-50566 at NVD CVE-2022-50567 at SUSE CVE-2022-50567 at NVD CVE-2022-50568 at SUSE CVE-2022-50568 at NVD CVE-2022-50570 at SUSE CVE-2022-50570 at NVD CVE-2022-50572 at SUSE CVE-2022-50572 at NVD CVE-2022-50574 at SUSE CVE-2022-50574 at NVD CVE-2022-50575 at SUSE CVE-2022-50575 at NVD CVE-2022-50576 at SUSE CVE-2022-50576 at NVD CVE-2022-50577 at SUSE CVE-2022-50577 at NVD CVE-2022-50578 at SUSE CVE-2022-50578 at NVD CVE-2022-50579 at SUSE CVE-2022-50579 at NVD CVE-2022-50580 at SUSE CVE-2022-50580 at NVD CVE-2022-50581 at SUSE CVE-2022-50581 at NVD CVE-2022-50582 at SUSE CVE-2022-50582 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-53365 at SUSE CVE-2023-53365 at NVD CVE-2023-53500 at SUSE CVE-2023-53500 at NVD CVE-2023-53533 at SUSE CVE-2023-53533 at NVD CVE-2023-53534 at SUSE CVE-2023-53534 at NVD CVE-2023-53539 at SUSE CVE-2023-53539 at NVD CVE-2023-53541 at SUSE CVE-2023-53541 at NVD CVE-2023-53542 at SUSE CVE-2023-53542 at NVD CVE-2023-53546 at SUSE CVE-2023-53546 at NVD CVE-2023-53547 at SUSE CVE-2023-53547 at NVD CVE-2023-53548 at SUSE CVE-2023-53548 at NVD CVE-2023-53551 at SUSE CVE-2023-53551 at NVD CVE-2023-53552 at SUSE CVE-2023-53552 at NVD CVE-2023-53553 at SUSE CVE-2023-53553 at NVD CVE-2023-53554 at SUSE CVE-2023-53554 at NVD CVE-2023-53556 at SUSE CVE-2023-53556 at NVD CVE-2023-53557 at SUSE CVE-2023-53557 at NVD CVE-2023-53559 at SUSE CVE-2023-53559 at NVD CVE-2023-53560 at SUSE CVE-2023-53560 at NVD CVE-2023-53562 at SUSE CVE-2023-53562 at NVD CVE-2023-53564 at SUSE CVE-2023-53564 at NVD CVE-2023-53566 at SUSE CVE-2023-53566 at NVD CVE-2023-53567 at SUSE CVE-2023-53567 at NVD CVE-2023-53568 at SUSE CVE-2023-53568 at NVD CVE-2023-53571 at SUSE CVE-2023-53571 at NVD CVE-2023-53572 at SUSE CVE-2023-53572 at NVD CVE-2023-53574 at SUSE CVE-2023-53574 at NVD CVE-2023-53578 at SUSE CVE-2023-53578 at NVD CVE-2023-53579 at SUSE CVE-2023-53579 at NVD CVE-2023-53580 at SUSE CVE-2023-53580 at NVD CVE-2023-53581 at SUSE CVE-2023-53581 at NVD CVE-2023-53582 at SUSE CVE-2023-53582 at NVD CVE-2023-53587 at SUSE CVE-2023-53587 at NVD CVE-2023-53589 at SUSE CVE-2023-53589 at NVD CVE-2023-53591 at SUSE CVE-2023-53591 at NVD CVE-2023-53592 at SUSE CVE-2023-53592 at NVD CVE-2023-53594 at SUSE CVE-2023-53594 at NVD CVE-2023-53597 at SUSE CVE-2023-53597 at NVD CVE-2023-53598 at SUSE CVE-2023-53598 at NVD CVE-2023-53601 at SUSE CVE-2023-53601 at NVD CVE-2023-53603 at SUSE CVE-2023-53603 at NVD CVE-2023-53604 at SUSE CVE-2023-53604 at NVD CVE-2023-53605 at SUSE CVE-2023-53605 at NVD CVE-2023-53607 at SUSE CVE-2023-53607 at NVD CVE-2023-53608 at SUSE CVE-2023-53608 at NVD CVE-2023-53611 at SUSE CVE-2023-53611 at NVD CVE-2023-53612 at SUSE CVE-2023-53612 at NVD CVE-2023-53615 at SUSE CVE-2023-53615 at NVD CVE-2023-53616 at SUSE CVE-2023-53616 at NVD CVE-2023-53617 at SUSE CVE-2023-53617 at NVD CVE-2023-53619 at SUSE CVE-2023-53619 at NVD CVE-2023-53622 at SUSE CVE-2023-53622 at NVD CVE-2023-53625 at SUSE CVE-2023-53625 at NVD CVE-2023-53626 at SUSE CVE-2023-53626 at NVD CVE-2023-53631 at SUSE CVE-2023-53631 at NVD CVE-2023-53637 at SUSE CVE-2023-53637 at NVD CVE-2023-53639 at SUSE CVE-2023-53639 at NVD CVE-2023-53640 at SUSE CVE-2023-53640 at NVD CVE-2023-53641 at SUSE CVE-2023-53641 at NVD CVE-2023-53644 at SUSE CVE-2023-53644 at NVD CVE-2023-53648 at SUSE CVE-2023-53648 at NVD CVE-2023-53650 at SUSE CVE-2023-53650 at NVD CVE-2023-53651 at SUSE CVE-2023-53651 at NVD CVE-2023-53658 at SUSE CVE-2023-53658 at NVD CVE-2023-53659 at SUSE CVE-2023-53659 at NVD CVE-2023-53662 at SUSE CVE-2023-53662 at NVD CVE-2023-53667 at SUSE CVE-2023-53667 at NVD CVE-2023-53668 at SUSE CVE-2023-53668 at NVD CVE-2023-53670 at SUSE CVE-2023-53670 at NVD CVE-2023-53673 at SUSE CVE-2023-53673 at NVD CVE-2023-53674 at SUSE CVE-2023-53674 at NVD CVE-2023-53675 at SUSE CVE-2023-53675 at NVD CVE-2023-53679 at SUSE CVE-2023-53679 at NVD CVE-2023-53680 at SUSE CVE-2023-53680 at NVD CVE-2023-53681 at SUSE CVE-2023-53681 at NVD CVE-2023-53683 at SUSE CVE-2023-53683 at NVD CVE-2023-53687 at SUSE CVE-2023-53687 at NVD CVE-2023-53692 at SUSE CVE-2023-53692 at NVD CVE-2023-53693 at SUSE CVE-2023-53693 at NVD CVE-2023-53695 at SUSE CVE-2023-53695 at NVD CVE-2023-53696 at SUSE CVE-2023-53696 at NVD CVE-2023-53697 at SUSE CVE-2023-53697 at NVD CVE-2023-53700 at SUSE CVE-2023-53700 at NVD CVE-2023-53704 at SUSE CVE-2023-53704 at NVD CVE-2023-53705 at SUSE CVE-2023-53705 at NVD CVE-2023-53707 at SUSE CVE-2023-53707 at NVD CVE-2023-53708 at SUSE CVE-2023-53708 at NVD CVE-2023-53709 at SUSE CVE-2023-53709 at NVD CVE-2023-53711 at SUSE CVE-2023-53711 at NVD CVE-2023-53715 at SUSE CVE-2023-53715 at NVD CVE-2023-53716 at SUSE CVE-2023-53716 at NVD CVE-2023-53717 at SUSE CVE-2023-53717 at NVD CVE-2023-53718 at SUSE CVE-2023-53718 at NVD CVE-2023-53719 at SUSE CVE-2023-53719 at NVD CVE-2023-53722 at SUSE CVE-2023-53722 at NVD CVE-2023-53723 at SUSE CVE-2023-53723 at NVD CVE-2023-53724 at SUSE CVE-2023-53724 at NVD CVE-2023-53725 at SUSE CVE-2023-53725 at NVD CVE-2023-53726 at SUSE CVE-2023-53726 at NVD CVE-2023-53730 at SUSE CVE-2023-53730 at NVD CVE-2023-7324 at SUSE CVE-2023-7324 at NVD CVE-2025-37885 at SUSE CVE-2025-37885 at NVD CVE-2025-38084 at SUSE CVE-2025-38084 at NVD CVE-2025-38085 at SUSE CVE-2025-38085 at NVD CVE-2025-38476 at SUSE CVE-2025-38476 at NVD CVE-2025-39742 at SUSE CVE-2025-39742 at NVD CVE-2025-39797 at SUSE CVE-2025-39797 at NVD CVE-2025-39945 at SUSE CVE-2025-39945 at NVD CVE-2025-39965 at SUSE CVE-2025-39965 at NVD CVE-2025-39967 at SUSE CVE-2025-39967 at NVD CVE-2025-39968 at SUSE CVE-2025-39968 at NVD CVE-2025-39973 at SUSE CVE-2025-39973 at NVD CVE-2025-39978 at SUSE CVE-2025-39978 at NVD CVE-2025-39981 at SUSE CVE-2025-39981 at NVD CVE-2025-40018 at SUSE CVE-2025-40018 at NVD CVE-2025-40044 at SUSE CVE-2025-40044 at NVD cpe:/o:suse:sle-micro:5.5 Security update for grub2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for grub2 fixes the following issues: - CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs refcount (bsc#1252931) - CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933) - CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934) - CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935) - CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932) Other fixes: - Bump upstream SBAT generation to 6 Moderate SUSE bug 1252931 SUSE bug 1252932 SUSE bug 1252933 SUSE bug 1252934 SUSE bug 1252935 CVE-2025-54771 at SUSE CVE-2025-54771 at NVD CVE-2025-61661 at SUSE CVE-2025-61661 at NVD CVE-2025-61662 at SUSE CVE-2025-61662 at NVD CVE-2025-61663 at SUSE CVE-2025-61663 at NVD CVE-2025-61664 at SUSE CVE-2025-61664 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sssd (Important) SUSE Linux Enterprise Micro 5.5 This update for sssd fixes the following issues: - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin (bsc#1251827) Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets (bsc#1244325) Important SUSE bug 1244325 SUSE bug 1251827 CVE-2025-11561 at SUSE CVE-2025-11561 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542) Important SUSE bug 1253542 CVE-2025-47913 at SUSE CVE-2025-47913 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm fixes the following issues: - Update to version 3.19.1 - CVE-2025-53547: Fixed local code execution in Helm Chart. (bsc#1246152) - CVE-2025-58190: Fixed excessive memory consumption by `html.ParseFragment` when processing specially crafted input. (bsc#1251649) - CVE-2025-47911: Fixed various algorithms with quadratic complexity when parsing HTML documents. (bsc#1251442) Important SUSE bug 1246152 SUSE bug 1251442 SUSE bug 1251649 CVE-2025-47911 at SUSE CVE-2025-47911 at NVD CVE-2025-53547 at SUSE CVE-2025-53547 at NVD CVE-2025-58190 at SUSE CVE-2025-58190 at NVD cpe:/o:suse:sle-micro:5.5 Security update for skopeo (Moderate) SUSE Linux Enterprise Micro 5.5 This update for skopeo fixes the following issues: - CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. (bsc#1227056) - CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. (bsc#1236483) Moderate SUSE bug 1227056 SUSE bug 1236483 CVE-2023-45288 at SUSE CVE-2023-45288 at NVD CVE-2024-6104 at SUSE CVE-2024-6104 at NVD cpe:/o:suse:sle-micro:5.5 Security update for containerd (Important) SUSE Linux Enterprise Micro 5.5 This update for containerd fixes the following issues: - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126) - CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132) Important SUSE bug 1253126 SUSE bug 1253132 CVE-2024-25621 at SUSE CVE-2024-25621 at NVD CVE-2025-64329 at SUSE CVE-2025-64329 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cups (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cups fixes the following issues: - CVE-2025-61915: Fixed a local denial-of-service via cupsd.conf update and related issues. (bsc#1253783) - CVE-2025-58436: Fixed an issue where a slow client communication leads to a possible DoS attack. (bsc#1244057) Moderate SUSE bug 1234225 SUSE bug 1244057 SUSE bug 1253783 CVE-2025-58436 at SUSE CVE-2025-58436 at NVD CVE-2025-61915 at SUSE CVE-2025-61915 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757) Moderate SUSE bug 1253757 CVE-2025-11563 at SUSE CVE-2025-11563 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cups (Important) SUSE Linux Enterprise Micro 5.5 This update for cups fixes the following issues: - The fix for CVE-2025-58436 causes a regression where GTK applications will hang. (bsc#1254353) See also https://github.com/OpenPrinting/cups/issues/1429 The fix has been temporary disabled. Important SUSE bug 1254353 CVE-2025-58436 at SUSE CVE-2025-58436 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859). - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (bsc#1249857). - CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251164). - CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741). - CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988). - CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816). - CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052). - CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222). - CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743). - CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763). - CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554). - CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960). - CVE-2025-38084: hugetlb: unshare some PMDs when splitting VMAs (bsc#1245498). - CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245499). - CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1247317). - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249479). - CVE-2025-39797: xfrm: Duplicate SPI Handling (bsc#1249608). - CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230). - CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033). - CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047). - CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035). - CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069). - CVE-2025-39981: Bluetooth: MGMT: Fix possible UAFs (bsc#1252060). - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688). - CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785). The following non security issues were fixed: - NFS: remove revoked delegation from server's delegation list (bsc#1246211). - NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211). - fbcon: Fix OOB access in font allocation (bsc#1252033) - kabi fix for NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211). - kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930). - mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823). - net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265). - net: mana: Switch to page pool for jumbo frames (bsc#1248754). - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754). - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). - rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946) Important SUSE bug 1065729 SUSE bug 1205128 SUSE bug 1206843 SUSE bug 1206893 SUSE bug 1207612 SUSE bug 1207619 SUSE bug 1210763 SUSE bug 1211162 SUSE bug 1211692 SUSE bug 1213098 SUSE bug 1213114 SUSE bug 1213747 SUSE bug 1214754 SUSE bug 1214954 SUSE bug 1214992 SUSE bug 1215148 SUSE bug 1217366 SUSE bug 1236104 SUSE bug 1242960 SUSE bug 1245498 SUSE bug 1245499 SUSE bug 1246211 SUSE bug 1247317 SUSE bug 1248754 SUSE bug 1249479 SUSE bug 1249608 SUSE bug 1249857 SUSE bug 1249859 SUSE bug 1249988 SUSE bug 1250237 SUSE bug 1250742 SUSE bug 1250816 SUSE bug 1250946 SUSE bug 1251027 SUSE bug 1251032 SUSE bug 1251034 SUSE bug 1251035 SUSE bug 1251037 SUSE bug 1251040 SUSE bug 1251043 SUSE bug 1251045 SUSE bug 1251046 SUSE bug 1251047 SUSE bug 1251052 SUSE bug 1251054 SUSE bug 1251057 SUSE bug 1251059 SUSE bug 1251060 SUSE bug 1251061 SUSE bug 1251063 SUSE bug 1251065 SUSE bug 1251066 SUSE bug 1251068 SUSE bug 1251072 SUSE bug 1251079 SUSE bug 1251080 SUSE bug 1251082 SUSE bug 1251086 SUSE bug 1251087 SUSE bug 1251088 SUSE bug 1251091 SUSE bug 1251092 SUSE bug 1251093 SUSE bug 1251097 SUSE bug 1251099 SUSE bug 1251101 SUSE bug 1251104 SUSE bug 1251105 SUSE bug 1251106 SUSE bug 1251110 SUSE bug 1251113 SUSE bug 1251115 SUSE bug 1251123 SUSE bug 1251128 SUSE bug 1251129 SUSE bug 1251133 SUSE bug 1251136 SUSE bug 1251147 SUSE bug 1251149 SUSE bug 1251153 SUSE bug 1251154 SUSE bug 1251159 SUSE bug 1251162 SUSE bug 1251164 SUSE bug 1251166 SUSE bug 1251167 SUSE bug 1251169 SUSE bug 1251170 SUSE bug 1251173 SUSE bug 1251174 SUSE bug 1251178 SUSE bug 1251180 SUSE bug 1251182 SUSE bug 1251197 SUSE bug 1251200 SUSE bug 1251201 SUSE bug 1251202 SUSE bug 1251208 SUSE bug 1251210 SUSE bug 1251215 SUSE bug 1251218 SUSE bug 1251221 SUSE bug 1251222 SUSE bug 1251223 SUSE bug 1251230 SUSE bug 1251247 SUSE bug 1251268 SUSE bug 1251281 SUSE bug 1251282 SUSE bug 1251283 SUSE bug 1251284 SUSE bug 1251285 SUSE bug 1251286 SUSE bug 1251292 SUSE bug 1251294 SUSE bug 1251295 SUSE bug 1251296 SUSE bug 1251298 SUSE bug 1251299 SUSE bug 1251300 SUSE bug 1251301 SUSE bug 1251302 SUSE bug 1251303 SUSE bug 1251306 SUSE bug 1251307 SUSE bug 1251310 SUSE bug 1251312 SUSE bug 1251315 SUSE bug 1251322 SUSE bug 1251324 SUSE bug 1251325 SUSE bug 1251326 SUSE bug 1251327 SUSE bug 1251329 SUSE bug 1251330 SUSE bug 1251331 SUSE bug 1251519 SUSE bug 1251521 SUSE bug 1251522 SUSE bug 1251527 SUSE bug 1251529 SUSE bug 1251550 SUSE bug 1251723 SUSE bug 1251725 SUSE bug 1251728 SUSE bug 1251730 SUSE bug 1251736 SUSE bug 1251737 SUSE bug 1251738 SUSE bug 1251741 SUSE bug 1251743 SUSE bug 1251750 SUSE bug 1251753 SUSE bug 1251759 SUSE bug 1251761 SUSE bug 1251762 SUSE bug 1251763 SUSE bug 1251764 SUSE bug 1251767 SUSE bug 1251769 SUSE bug 1251772 SUSE bug 1251775 SUSE bug 1251777 SUSE bug 1251785 SUSE bug 1251823 SUSE bug 1251930 SUSE bug 1251967 SUSE bug 1252033 SUSE bug 1252035 SUSE bug 1252047 SUSE bug 1252060 SUSE bug 1252069 SUSE bug 1252265 SUSE bug 1252473 SUSE bug 1252474 SUSE bug 1252475 SUSE bug 1252476 SUSE bug 1252480 SUSE bug 1252484 SUSE bug 1252486 SUSE bug 1252489 SUSE bug 1252490 SUSE bug 1252492 SUSE bug 1252494 SUSE bug 1252495 SUSE bug 1252497 SUSE bug 1252499 SUSE bug 1252501 SUSE bug 1252508 SUSE bug 1252509 SUSE bug 1252513 SUSE bug 1252515 SUSE bug 1252516 SUSE bug 1252519 SUSE bug 1252521 SUSE bug 1252522 SUSE bug 1252523 SUSE bug 1252526 SUSE bug 1252528 SUSE bug 1252529 SUSE bug 1252532 SUSE bug 1252534 SUSE bug 1252535 SUSE bug 1252536 SUSE bug 1252537 SUSE bug 1252538 SUSE bug 1252539 SUSE bug 1252542 SUSE bug 1252545 SUSE bug 1252549 SUSE bug 1252554 SUSE bug 1252560 SUSE bug 1252564 SUSE bug 1252565 SUSE bug 1252568 SUSE bug 1252632 SUSE bug 1252634 SUSE bug 1252688 SUSE bug 1252785 SUSE bug 1252893 CVE-2022-43945 at SUSE CVE-2022-43945 at NVD CVE-2022-50327 at SUSE CVE-2022-50327 at NVD CVE-2022-50334 at SUSE CVE-2022-50334 at NVD CVE-2022-50470 at SUSE CVE-2022-50470 at NVD CVE-2022-50471 at SUSE CVE-2022-50471 at NVD CVE-2022-50472 at SUSE CVE-2022-50472 at NVD CVE-2022-50475 at SUSE CVE-2022-50475 at NVD CVE-2022-50478 at SUSE CVE-2022-50478 at NVD CVE-2022-50479 at SUSE CVE-2022-50479 at NVD CVE-2022-50480 at SUSE CVE-2022-50480 at NVD CVE-2022-50482 at SUSE CVE-2022-50482 at NVD CVE-2022-50484 at SUSE CVE-2022-50484 at NVD CVE-2022-50485 at SUSE CVE-2022-50485 at NVD CVE-2022-50487 at SUSE CVE-2022-50487 at NVD CVE-2022-50488 at SUSE CVE-2022-50488 at NVD CVE-2022-50489 at SUSE CVE-2022-50489 at NVD CVE-2022-50490 at SUSE CVE-2022-50490 at NVD CVE-2022-50492 at SUSE CVE-2022-50492 at NVD CVE-2022-50493 at SUSE CVE-2022-50493 at NVD CVE-2022-50494 at SUSE CVE-2022-50494 at NVD CVE-2022-50496 at SUSE CVE-2022-50496 at NVD CVE-2022-50497 at SUSE CVE-2022-50497 at NVD CVE-2022-50498 at SUSE CVE-2022-50498 at NVD CVE-2022-50499 at SUSE CVE-2022-50499 at NVD CVE-2022-50501 at SUSE CVE-2022-50501 at NVD CVE-2022-50503 at SUSE CVE-2022-50503 at NVD CVE-2022-50504 at SUSE CVE-2022-50504 at NVD CVE-2022-50505 at SUSE CVE-2022-50505 at NVD CVE-2022-50509 at SUSE CVE-2022-50509 at NVD CVE-2022-50511 at SUSE CVE-2022-50511 at NVD CVE-2022-50512 at SUSE CVE-2022-50512 at NVD CVE-2022-50513 at SUSE CVE-2022-50513 at NVD CVE-2022-50514 at SUSE CVE-2022-50514 at NVD CVE-2022-50515 at SUSE CVE-2022-50515 at NVD CVE-2022-50516 at SUSE CVE-2022-50516 at NVD CVE-2022-50519 at SUSE CVE-2022-50519 at NVD CVE-2022-50520 at SUSE CVE-2022-50520 at NVD CVE-2022-50521 at SUSE CVE-2022-50521 at NVD CVE-2022-50523 at SUSE CVE-2022-50523 at NVD CVE-2022-50524 at SUSE CVE-2022-50524 at NVD CVE-2022-50525 at SUSE CVE-2022-50525 at NVD CVE-2022-50526 at SUSE CVE-2022-50526 at NVD CVE-2022-50527 at SUSE CVE-2022-50527 at NVD CVE-2022-50528 at SUSE CVE-2022-50528 at NVD CVE-2022-50529 at SUSE CVE-2022-50529 at NVD CVE-2022-50530 at SUSE CVE-2022-50530 at NVD CVE-2022-50532 at SUSE CVE-2022-50532 at NVD CVE-2022-50534 at SUSE CVE-2022-50534 at NVD CVE-2022-50535 at SUSE CVE-2022-50535 at NVD CVE-2022-50537 at SUSE CVE-2022-50537 at NVD CVE-2022-50541 at SUSE CVE-2022-50541 at NVD CVE-2022-50542 at SUSE CVE-2022-50542 at NVD CVE-2022-50543 at SUSE CVE-2022-50543 at NVD CVE-2022-50544 at SUSE CVE-2022-50544 at NVD CVE-2022-50545 at SUSE CVE-2022-50545 at NVD CVE-2022-50546 at SUSE CVE-2022-50546 at NVD CVE-2022-50549 at SUSE CVE-2022-50549 at NVD CVE-2022-50551 at SUSE CVE-2022-50551 at NVD CVE-2022-50553 at SUSE CVE-2022-50553 at NVD CVE-2022-50556 at SUSE CVE-2022-50556 at NVD CVE-2022-50559 at SUSE CVE-2022-50559 at NVD CVE-2022-50560 at SUSE CVE-2022-50560 at NVD CVE-2022-50561 at SUSE CVE-2022-50561 at NVD CVE-2022-50562 at SUSE CVE-2022-50562 at NVD CVE-2022-50563 at SUSE CVE-2022-50563 at NVD CVE-2022-50564 at SUSE CVE-2022-50564 at NVD CVE-2022-50566 at SUSE CVE-2022-50566 at NVD CVE-2022-50567 at SUSE CVE-2022-50567 at NVD CVE-2022-50568 at SUSE CVE-2022-50568 at NVD CVE-2022-50570 at SUSE CVE-2022-50570 at NVD CVE-2022-50572 at SUSE CVE-2022-50572 at NVD CVE-2022-50574 at SUSE CVE-2022-50574 at NVD CVE-2022-50575 at SUSE CVE-2022-50575 at NVD CVE-2022-50576 at SUSE CVE-2022-50576 at NVD CVE-2022-50577 at SUSE CVE-2022-50577 at NVD CVE-2022-50578 at SUSE CVE-2022-50578 at NVD CVE-2022-50579 at SUSE CVE-2022-50579 at NVD CVE-2022-50580 at SUSE CVE-2022-50580 at NVD CVE-2022-50581 at SUSE CVE-2022-50581 at NVD CVE-2022-50582 at SUSE CVE-2022-50582 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-53365 at SUSE CVE-2023-53365 at NVD CVE-2023-53500 at SUSE CVE-2023-53500 at NVD CVE-2023-53533 at SUSE CVE-2023-53533 at NVD CVE-2023-53534 at SUSE CVE-2023-53534 at NVD CVE-2023-53539 at SUSE CVE-2023-53539 at NVD CVE-2023-53541 at SUSE CVE-2023-53541 at NVD CVE-2023-53542 at SUSE CVE-2023-53542 at NVD CVE-2023-53546 at SUSE CVE-2023-53546 at NVD CVE-2023-53547 at SUSE CVE-2023-53547 at NVD CVE-2023-53548 at SUSE CVE-2023-53548 at NVD CVE-2023-53551 at SUSE CVE-2023-53551 at NVD CVE-2023-53552 at SUSE CVE-2023-53552 at NVD CVE-2023-53553 at SUSE CVE-2023-53553 at NVD CVE-2023-53554 at SUSE CVE-2023-53554 at NVD CVE-2023-53556 at SUSE CVE-2023-53556 at NVD CVE-2023-53557 at SUSE CVE-2023-53557 at NVD CVE-2023-53559 at SUSE CVE-2023-53559 at NVD CVE-2023-53560 at SUSE CVE-2023-53560 at NVD CVE-2023-53562 at SUSE CVE-2023-53562 at NVD CVE-2023-53564 at SUSE CVE-2023-53564 at NVD CVE-2023-53566 at SUSE CVE-2023-53566 at NVD CVE-2023-53567 at SUSE CVE-2023-53567 at NVD CVE-2023-53568 at SUSE CVE-2023-53568 at NVD CVE-2023-53571 at SUSE CVE-2023-53571 at NVD CVE-2023-53572 at SUSE CVE-2023-53572 at NVD CVE-2023-53574 at SUSE CVE-2023-53574 at NVD CVE-2023-53578 at SUSE CVE-2023-53578 at NVD CVE-2023-53579 at SUSE CVE-2023-53579 at NVD CVE-2023-53580 at SUSE CVE-2023-53580 at NVD CVE-2023-53581 at SUSE CVE-2023-53581 at NVD CVE-2023-53582 at SUSE CVE-2023-53582 at NVD CVE-2023-53587 at SUSE CVE-2023-53587 at NVD CVE-2023-53589 at SUSE CVE-2023-53589 at NVD CVE-2023-53591 at SUSE CVE-2023-53591 at NVD CVE-2023-53592 at SUSE CVE-2023-53592 at NVD CVE-2023-53594 at SUSE CVE-2023-53594 at NVD CVE-2023-53597 at SUSE CVE-2023-53597 at NVD CVE-2023-53598 at SUSE CVE-2023-53598 at NVD CVE-2023-53601 at SUSE CVE-2023-53601 at NVD CVE-2023-53603 at SUSE CVE-2023-53603 at NVD CVE-2023-53604 at SUSE CVE-2023-53604 at NVD CVE-2023-53605 at SUSE CVE-2023-53605 at NVD CVE-2023-53607 at SUSE CVE-2023-53607 at NVD CVE-2023-53608 at SUSE CVE-2023-53608 at NVD CVE-2023-53611 at SUSE CVE-2023-53611 at NVD CVE-2023-53612 at SUSE CVE-2023-53612 at NVD CVE-2023-53615 at SUSE CVE-2023-53615 at NVD CVE-2023-53616 at SUSE CVE-2023-53616 at NVD CVE-2023-53617 at SUSE CVE-2023-53617 at NVD CVE-2023-53619 at SUSE CVE-2023-53619 at NVD CVE-2023-53622 at SUSE CVE-2023-53622 at NVD CVE-2023-53625 at SUSE CVE-2023-53625 at NVD CVE-2023-53626 at SUSE CVE-2023-53626 at NVD CVE-2023-53631 at SUSE CVE-2023-53631 at NVD CVE-2023-53637 at SUSE CVE-2023-53637 at NVD CVE-2023-53639 at SUSE CVE-2023-53639 at NVD CVE-2023-53640 at SUSE CVE-2023-53640 at NVD CVE-2023-53641 at SUSE CVE-2023-53641 at NVD CVE-2023-53644 at SUSE CVE-2023-53644 at NVD CVE-2023-53648 at SUSE CVE-2023-53648 at NVD CVE-2023-53650 at SUSE CVE-2023-53650 at NVD CVE-2023-53651 at SUSE CVE-2023-53651 at NVD CVE-2023-53658 at SUSE CVE-2023-53658 at NVD CVE-2023-53659 at SUSE CVE-2023-53659 at NVD CVE-2023-53662 at SUSE CVE-2023-53662 at NVD CVE-2023-53667 at SUSE CVE-2023-53667 at NVD CVE-2023-53668 at SUSE CVE-2023-53668 at NVD CVE-2023-53670 at SUSE CVE-2023-53670 at NVD CVE-2023-53673 at SUSE CVE-2023-53673 at NVD CVE-2023-53674 at SUSE CVE-2023-53674 at NVD CVE-2023-53675 at SUSE CVE-2023-53675 at NVD CVE-2023-53679 at SUSE CVE-2023-53679 at NVD CVE-2023-53680 at SUSE CVE-2023-53680 at NVD CVE-2023-53681 at SUSE CVE-2023-53681 at NVD CVE-2023-53683 at SUSE CVE-2023-53683 at NVD CVE-2023-53687 at SUSE CVE-2023-53687 at NVD CVE-2023-53692 at SUSE CVE-2023-53692 at NVD CVE-2023-53693 at SUSE CVE-2023-53693 at NVD CVE-2023-53695 at SUSE CVE-2023-53695 at NVD CVE-2023-53696 at SUSE CVE-2023-53696 at NVD CVE-2023-53697 at SUSE CVE-2023-53697 at NVD CVE-2023-53700 at SUSE CVE-2023-53700 at NVD CVE-2023-53704 at SUSE CVE-2023-53704 at NVD CVE-2023-53705 at SUSE CVE-2023-53705 at NVD CVE-2023-53707 at SUSE CVE-2023-53707 at NVD CVE-2023-53708 at SUSE CVE-2023-53708 at NVD CVE-2023-53709 at SUSE CVE-2023-53709 at NVD CVE-2023-53711 at SUSE CVE-2023-53711 at NVD CVE-2023-53715 at SUSE CVE-2023-53715 at NVD CVE-2023-53716 at SUSE CVE-2023-53716 at NVD CVE-2023-53717 at SUSE CVE-2023-53717 at NVD CVE-2023-53718 at SUSE CVE-2023-53718 at NVD CVE-2023-53719 at SUSE CVE-2023-53719 at NVD CVE-2023-53722 at SUSE CVE-2023-53722 at NVD CVE-2023-53723 at SUSE CVE-2023-53723 at NVD CVE-2023-53724 at SUSE CVE-2023-53724 at NVD CVE-2023-53725 at SUSE CVE-2023-53725 at NVD CVE-2023-53726 at SUSE CVE-2023-53726 at NVD CVE-2023-53730 at SUSE CVE-2023-53730 at NVD CVE-2023-7324 at SUSE CVE-2023-7324 at NVD CVE-2025-37885 at SUSE CVE-2025-37885 at NVD CVE-2025-38084 at SUSE CVE-2025-38084 at NVD CVE-2025-38085 at SUSE CVE-2025-38085 at NVD CVE-2025-38476 at SUSE CVE-2025-38476 at NVD CVE-2025-39742 at SUSE CVE-2025-39742 at NVD CVE-2025-39797 at SUSE CVE-2025-39797 at NVD CVE-2025-39945 at SUSE CVE-2025-39945 at NVD CVE-2025-39965 at SUSE CVE-2025-39965 at NVD CVE-2025-39967 at SUSE CVE-2025-39967 at NVD CVE-2025-39968 at SUSE CVE-2025-39968 at NVD CVE-2025-39973 at SUSE CVE-2025-39973 at NVD CVE-2025-39978 at SUSE CVE-2025-39978 at NVD CVE-2025-39981 at SUSE CVE-2025-39981 at NVD CVE-2025-40018 at SUSE CVE-2025-40018 at NVD CVE-2025-40044 at SUSE CVE-2025-40044 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055) Moderate SUSE bug 1249055 CVE-2025-7039 at SUSE CVE-2025-7039 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Low) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2025-6075: quadratic complexity in `os.path.expandvars()` can lead to performance degradation when values passed to it are user-controlled (bsc#1252974). - CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory (EOCD) record allows for the creation of ZIP archives that are processed inconsistently by the `zipfile` module (bsc#1251305). Low SUSE bug 1251305 SUSE bug 1252974 CVE-2025-6075 at SUSE CVE-2025-6075 at NVD CVE-2025-8291 at SUSE CVE-2025-8291 at NVD cpe:/o:suse:sle-micro:5.5 Security update for unbound (Moderate) SUSE Linux Enterprise Micro 5.5 This update for unbound fixes the following issues: - CVE-2025-11411: Fixed domain hijacking due to promiscuous records (bsc#1252525) Moderate SUSE bug 1252525 CVE-2025-11411 at SUSE CVE-2025-11411 at NVD cpe:/o:suse:sle-micro:5.5 Security update for librsvg (Moderate) SUSE Linux Enterprise Micro 5.5 This update for librsvg fixes the following issues: Update to version 2.52.12. - CVE-2024-12224: idna: incorrect hostname comparisons and URL parsing may be performed due to acceptance of Punycode labels that do not produce any non-ASCII output when decoded (bsc#1243867). - CVE-2024-43806: rustix: unbounded memory explosion leading to an application OOM crash when using the `rustix::fs::Dir` iterator with the `linux_raw` backend (bsc#1229950). Moderate SUSE bug 1229950 SUSE bug 1243867 CVE-2024-12224 at SUSE CVE-2024-12224 at NVD CVE-2024-43806 at SUSE CVE-2024-43806 at NVD cpe:/o:suse:sle-micro:5.5 Security update for cups (Moderate) SUSE Linux Enterprise Micro 5.5 This update for cups fixes the following issues: Security issues fixed: - CVE-2025-58436: single client sending slow messages to cupsd can delay the application and make it unusable for other clients (bsc#1244057). Other issues fixed: - Update the CVE-2025-58436 patch to fix a regression that causes GTK applications to hang (bsc#1254353). Moderate SUSE bug 1244057 SUSE bug 1254353 CVE-2025-58436 at SUSE CVE-2025-58436 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libpng16 (Important) SUSE Linux Enterprise Micro 5.5 This update for libpng16 fixes the following issues: - CVE-2025-65018: Fixed heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` (bsc#1254160) - CVE-2025-66293: Fixed LIBPNG out-of-bounds read in `png_image_read_composite` (bsc#1254480) - CVE-2025-64506: Fixed heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled (bsc#1254158) - CVE-2025-64720: Fixed buffer overflow in `png_image_read_composite` via incorrect palette premultiplication (bsc#1254159) - CVE-2025-64505: Fixed heap buffer over-read in `png_do_quantize` via malformed palette index (bsc#1254157) Important SUSE bug 1254157 SUSE bug 1254158 SUSE bug 1254159 SUSE bug 1254160 SUSE bug 1254480 CVE-2025-64505 at SUSE CVE-2025-64505 at NVD CVE-2025-64506 at SUSE CVE-2025-64506 at NVD CVE-2025-64720 at SUSE CVE-2025-64720 at NVD CVE-2025-65018 at SUSE CVE-2025-65018 at NVD CVE-2025-66293 at SUSE CVE-2025-66293 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm rebuilds it against current GO to fix security issues in go-stdlib. Important cpe:/o:suse:sle-micro:5.5 Security update for salt (Important) SUSE Linux Enterprise Micro 5.5 This update for salt fixes the following issues: - Security issues fixed: - CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257) - CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256) - Backport security fixes for vendored tornado * BDSA-2024-3438 * BDSA-2024-3439 * BDSA-2024-9026 - Other changes and bugs fixed: - Fixed TLS and x509 modules for OSes with older cryptography module - Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244) * Use external tornado on Python > 3.11 * Make tls and x509 to use python-cryptography * Remove usage of spwd - Fixed payload signature verification on Tumbleweed (bsc#1251776) - Fixed broken symlink on migration to Leap 16.0 (bsc#1250755) - Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207) - Improved SL Micro 6.2 detection with grains - Reverted requirement of M2Crypto >= 0.44.0 for SUSE Family distros - Set python-CherryPy as required for python-salt-testsuite Important SUSE bug 1227207 SUSE bug 1250520 SUSE bug 1250755 SUSE bug 1251776 SUSE bug 1252244 SUSE bug 1252285 SUSE bug 1254256 SUSE bug 1254257 CVE-2025-62348 at SUSE CVE-2025-62348 at NVD CVE-2025-62349 at SUSE CVE-2025-62349 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: Update to Xen 4.17.6. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to them (bsc#1252692). Other issues fixed: - Several upstream bug fixes (bsc#1027519). - Failure to restart xenstored (bsc#1254180). Moderate SUSE bug 1027519 SUSE bug 1252692 SUSE bug 1254180 CVE-2025-58149 at SUSE CVE-2025-58149 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Important) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2025-14512: integer overflow in the GIO `escape_byte_string()` function when processing malicious files or remote filesystem attribute values can lead to denial-of-service (bsc#1254878). - CVE-2025-14087: buffer underflow in the GVariant parser `bytestring_parse()` and `string_parse()` functions when processing attacker-influenced data may lead to crash or code execution (bsc#1254662). - CVE-2025-13601: heap-based buffer overflow in the `g_escape_uri_string()` function when processing strings with a large number of unacceptable characters may lead to crash or code execution (bsc#1254297). Important SUSE bug 1254297 SUSE bug 1254662 SUSE bug 1254878 CVE-2025-13601 at SUSE CVE-2025-13601 at NVD CVE-2025-14087 at SUSE CVE-2025-14087 at NVD CVE-2025-14512 at SUSE CVE-2025-14512 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806). - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786). - CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#1233640). - CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780). - CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862). - CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367). - CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431). - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436). The following non-security bugs were fixed: - Fix type signess in fbcon_set_font() (bsc#1252033). - scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267). Important SUSE bug 1233640 SUSE bug 1249806 SUSE bug 1251786 SUSE bug 1252033 SUSE bug 1252267 SUSE bug 1252780 SUSE bug 1252862 SUSE bug 1253367 SUSE bug 1253431 SUSE bug 1253436 CVE-2022-50280 at SUSE CVE-2022-50280 at NVD CVE-2023-53676 at SUSE CVE-2023-53676 at NVD CVE-2024-53093 at SUSE CVE-2024-53093 at NVD CVE-2025-40040 at SUSE CVE-2025-40040 at NVD CVE-2025-40048 at SUSE CVE-2025-40048 at NVD CVE-2025-40121 at SUSE CVE-2025-40121 at NVD CVE-2025-40154 at SUSE CVE-2025-40154 at NVD CVE-2025-40204 at SUSE CVE-2025-40204 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2025-9820: Fixed buffer overflow in gnutls_pkcs11_token_init. (bsc#1254132) Moderate SUSE bug 1254132 CVE-2025-9820 at SUSE CVE-2025-9820 at NVD cpe:/o:suse:sle-micro:5.5 Security update for dpdk22 (Important) SUSE Linux Enterprise Micro 5.5 This update for dpdk22 fixes the following issues: Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver (PMD) allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface (bsc#1254161). Other updates and bugfixes: - Fix SUSE provided DPDK modules tainting the kernel as unsupported (bsc#1214724). Important SUSE bug 1214724 SUSE bug 1254161 CVE-2025-23259 at SUSE CVE-2025-23259 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing them to log files. (bsc#1227052) - CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. (bsc#1236507) Moderate SUSE bug 1227052 SUSE bug 1236507 CVE-2023-45288 at SUSE CVE-2023-45288 at NVD CVE-2024-6104 at SUSE CVE-2024-6104 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Moderate) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2023-42467: Disallow block sizes smaller than 512 (bsc#1215192). Moderate SUSE bug 1215192 CVE-2023-42467 at SUSE CVE-2023-42467 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gstreamer (Important) SUSE Linux Enterprise Micro 5.5 This update for gstreamer fixes the following issues: - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) Important SUSE bug 1234449 CVE-2024-47606 at SUSE CVE-2024-47606 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gstreamer-plugins-base (Important) SUSE Linux Enterprise Micro 5.5 This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) - CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) - CVE-2024-47600: Fixed an out-of-bounds read in gst-discoverer-1.0 commandline tool. (bsc#1234453) - CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) - CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) - CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) - CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) Important SUSE bug 1234415 SUSE bug 1234450 SUSE bug 1234453 SUSE bug 1234455 SUSE bug 1234456 SUSE bug 1234459 SUSE bug 1234460 CVE-2024-47538 at SUSE CVE-2024-47538 at NVD CVE-2024-47541 at SUSE CVE-2024-47541 at NVD CVE-2024-47542 at SUSE CVE-2024-47542 at NVD CVE-2024-47600 at SUSE CVE-2024-47600 at NVD CVE-2024-47607 at SUSE CVE-2024-47607 at NVD CVE-2024-47615 at SUSE CVE-2024-47615 at NVD CVE-2024-47835 at SUSE CVE-2024-47835 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libtasn1 (Important) SUSE Linux Enterprise Micro 5.5 This update for libtasn1 fixes the following issues: - CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. (bsc#1236878) Important SUSE bug 1236878 CVE-2024-12133 at SUSE CVE-2024-12133 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. (bsc#1236705) Moderate SUSE bug 1236705 CVE-2025-0938 at SUSE CVE-2025-0938 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction (bsc#1235969). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). - CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology removal (bsc#1235806). - CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). - CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). - CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768). - CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits (bsc#1235764). - CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). - CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). - CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934). - CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). - CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). - CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). - CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451). - CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433). - CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). - CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). - CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521). - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). - CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123). - CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011). - CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is active (bsc#1235002). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884). - CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). - CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). - CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). - CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). - CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088). - CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736). The following non-security bugs were fixed: - NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). - NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). - NFS: Improve heuristic for readdirplus (bsc#1231847). - NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847). - VFS: use system_unbound_wq for delayed_mntput (bsc#1234683). - ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592). - ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980). - netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454). - powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825). - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes). Important SUSE bug 1194869 SUSE bug 1216813 SUSE bug 1223384 SUSE bug 1225736 SUSE bug 1226848 SUSE bug 1226980 SUSE bug 1228537 SUSE bug 1228592 SUSE bug 1230341 SUSE bug 1230432 SUSE bug 1230527 SUSE bug 1230697 SUSE bug 1231088 SUSE bug 1231847 SUSE bug 1232914 SUSE bug 1233028 SUSE bug 1233055 SUSE bug 1233097 SUSE bug 1233103 SUSE bug 1233112 SUSE bug 1233464 SUSE bug 1233488 SUSE bug 1233642 SUSE bug 1233778 SUSE bug 1234024 SUSE bug 1234025 SUSE bug 1234078 SUSE bug 1234087 SUSE bug 1234153 SUSE bug 1234155 SUSE bug 1234223 SUSE bug 1234381 SUSE bug 1234683 SUSE bug 1234690 SUSE bug 1234825 SUSE bug 1234829 SUSE bug 1234832 SUSE bug 1234884 SUSE bug 1234889 SUSE bug 1234896 SUSE bug 1234899 SUSE bug 1234900 SUSE bug 1234905 SUSE bug 1234909 SUSE bug 1234916 SUSE bug 1234918 SUSE bug 1234922 SUSE bug 1234930 SUSE bug 1234931 SUSE bug 1234934 SUSE bug 1234962 SUSE bug 1234999 SUSE bug 1235002 SUSE bug 1235009 SUSE bug 1235011 SUSE bug 1235053 SUSE bug 1235057 SUSE bug 1235059 SUSE bug 1235100 SUSE bug 1235122 SUSE bug 1235123 SUSE bug 1235133 SUSE bug 1235134 SUSE bug 1235217 SUSE bug 1235222 SUSE bug 1235230 SUSE bug 1235249 SUSE bug 1235410 SUSE bug 1235430 SUSE bug 1235433 SUSE bug 1235441 SUSE bug 1235451 SUSE bug 1235458 SUSE bug 1235466 SUSE bug 1235473 SUSE bug 1235480 SUSE bug 1235491 SUSE bug 1235495 SUSE bug 1235496 SUSE bug 1235521 SUSE bug 1235557 SUSE bug 1235563 SUSE bug 1235570 SUSE bug 1235584 SUSE bug 1235611 SUSE bug 1235635 SUSE bug 1235641 SUSE bug 1235643 SUSE bug 1235645 SUSE bug 1235647 SUSE bug 1235723 SUSE bug 1235739 SUSE bug 1235747 SUSE bug 1235759 SUSE bug 1235764 SUSE bug 1235768 SUSE bug 1235806 SUSE bug 1235812 SUSE bug 1235814 SUSE bug 1235818 SUSE bug 1235842 SUSE bug 1235920 SUSE bug 1235969 SUSE bug 1236628 CVE-2024-26758 at SUSE CVE-2024-26758 at NVD CVE-2024-26943 at SUSE CVE-2024-26943 at NVD CVE-2024-36898 at SUSE CVE-2024-36898 at NVD CVE-2024-38599 at SUSE CVE-2024-38599 at NVD CVE-2024-41047 at SUSE CVE-2024-41047 at NVD CVE-2024-45019 at SUSE CVE-2024-45019 at NVD CVE-2024-46858 at SUSE CVE-2024-46858 at NVD CVE-2024-50051 at SUSE CVE-2024-50051 at NVD CVE-2024-50136 at SUSE CVE-2024-50136 at NVD CVE-2024-50142 at SUSE CVE-2024-50142 at NVD CVE-2024-50151 at SUSE CVE-2024-50151 at NVD CVE-2024-50195 at SUSE CVE-2024-50195 at NVD CVE-2024-50199 at SUSE CVE-2024-50199 at NVD CVE-2024-50210 at SUSE CVE-2024-50210 at NVD CVE-2024-50275 at SUSE CVE-2024-50275 at NVD CVE-2024-50299 at SUSE CVE-2024-50299 at NVD CVE-2024-53095 at SUSE CVE-2024-53095 at NVD CVE-2024-53103 at SUSE CVE-2024-53103 at NVD CVE-2024-53104 at SUSE CVE-2024-53104 at NVD CVE-2024-53112 at SUSE CVE-2024-53112 at NVD CVE-2024-53121 at SUSE CVE-2024-53121 at NVD CVE-2024-53127 at SUSE CVE-2024-53127 at NVD CVE-2024-53129 at SUSE CVE-2024-53129 at NVD CVE-2024-53138 at SUSE CVE-2024-53138 at NVD CVE-2024-53141 at SUSE CVE-2024-53141 at NVD CVE-2024-53144 at SUSE CVE-2024-53144 at NVD CVE-2024-53148 at SUSE CVE-2024-53148 at NVD CVE-2024-53151 at SUSE CVE-2024-53151 at NVD CVE-2024-53166 at SUSE CVE-2024-53166 at NVD CVE-2024-53169 at SUSE CVE-2024-53169 at NVD CVE-2024-53171 at SUSE CVE-2024-53171 at NVD CVE-2024-53174 at SUSE CVE-2024-53174 at NVD CVE-2024-53177 at SUSE CVE-2024-53177 at NVD CVE-2024-53208 at SUSE CVE-2024-53208 at NVD CVE-2024-53209 at SUSE CVE-2024-53209 at NVD CVE-2024-53215 at SUSE CVE-2024-53215 at NVD CVE-2024-53217 at SUSE CVE-2024-53217 at NVD CVE-2024-53224 at SUSE CVE-2024-53224 at NVD CVE-2024-53227 at SUSE CVE-2024-53227 at NVD CVE-2024-53229 at SUSE CVE-2024-53229 at NVD CVE-2024-53690 at SUSE CVE-2024-53690 at NVD CVE-2024-54680 at SUSE CVE-2024-54680 at NVD CVE-2024-55916 at SUSE CVE-2024-55916 at NVD CVE-2024-56531 at SUSE CVE-2024-56531 at NVD CVE-2024-56532 at SUSE CVE-2024-56532 at NVD CVE-2024-56533 at SUSE CVE-2024-56533 at NVD CVE-2024-56557 at SUSE CVE-2024-56557 at NVD CVE-2024-56558 at SUSE CVE-2024-56558 at NVD CVE-2024-56562 at SUSE CVE-2024-56562 at NVD CVE-2024-56567 at SUSE CVE-2024-56567 at NVD CVE-2024-56588 at SUSE CVE-2024-56588 at NVD CVE-2024-56595 at SUSE CVE-2024-56595 at NVD CVE-2024-56596 at SUSE CVE-2024-56596 at NVD CVE-2024-56597 at SUSE CVE-2024-56597 at NVD CVE-2024-56600 at SUSE CVE-2024-56600 at NVD CVE-2024-56601 at SUSE CVE-2024-56601 at NVD CVE-2024-56602 at SUSE CVE-2024-56602 at NVD CVE-2024-56623 at SUSE CVE-2024-56623 at NVD CVE-2024-56629 at SUSE CVE-2024-56629 at NVD CVE-2024-56631 at SUSE CVE-2024-56631 at NVD CVE-2024-56642 at SUSE CVE-2024-56642 at NVD CVE-2024-56644 at SUSE CVE-2024-56644 at NVD CVE-2024-56645 at SUSE CVE-2024-56645 at NVD CVE-2024-56648 at SUSE CVE-2024-56648 at NVD CVE-2024-56650 at SUSE CVE-2024-56650 at NVD CVE-2024-56658 at SUSE CVE-2024-56658 at NVD CVE-2024-56661 at SUSE CVE-2024-56661 at NVD CVE-2024-56664 at SUSE CVE-2024-56664 at NVD CVE-2024-56678 at SUSE CVE-2024-56678 at NVD CVE-2024-56681 at SUSE CVE-2024-56681 at NVD CVE-2024-56698 at SUSE CVE-2024-56698 at NVD CVE-2024-56701 at SUSE CVE-2024-56701 at NVD CVE-2024-56704 at SUSE CVE-2024-56704 at NVD CVE-2024-56722 at SUSE CVE-2024-56722 at NVD CVE-2024-56739 at SUSE CVE-2024-56739 at NVD CVE-2024-56745 at SUSE CVE-2024-56745 at NVD CVE-2024-56747 at SUSE CVE-2024-56747 at NVD CVE-2024-56754 at SUSE CVE-2024-56754 at NVD CVE-2024-56756 at SUSE CVE-2024-56756 at NVD CVE-2024-56759 at SUSE CVE-2024-56759 at NVD CVE-2024-56765 at SUSE CVE-2024-56765 at NVD CVE-2024-56776 at SUSE CVE-2024-56776 at NVD CVE-2024-56777 at SUSE CVE-2024-56777 at NVD CVE-2024-56778 at SUSE CVE-2024-56778 at NVD CVE-2024-57791 at SUSE CVE-2024-57791 at NVD CVE-2024-57792 at SUSE CVE-2024-57792 at NVD CVE-2024-57793 at SUSE CVE-2024-57793 at NVD CVE-2024-57798 at SUSE CVE-2024-57798 at NVD CVE-2024-57849 at SUSE CVE-2024-57849 at NVD CVE-2024-57850 at SUSE CVE-2024-57850 at NVD CVE-2024-57876 at SUSE CVE-2024-57876 at NVD CVE-2024-57893 at SUSE CVE-2024-57893 at NVD CVE-2024-57897 at SUSE CVE-2024-57897 at NVD CVE-2024-8805 at SUSE CVE-2024-8805 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Low) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: - CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282) Low SUSE bug 1236282 CVE-2025-0395 at SUSE CVE-2025-0395 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736). - CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088). - CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028). - CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055). - CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). - CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488). - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). - CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381). - CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884). - CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896). - CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is active (bsc#1235002). - CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011). - CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123). - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230). - CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521). - CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). - CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). - CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433). - CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting (bsc#1235134). - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451). - CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). - CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). - CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). - CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). - CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934). - CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). - CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). - CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits (bsc#1235764). - CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768). - CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). - CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). - CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology removal (bsc#1235806). - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). - CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction (bsc#1235969). The following non-security bugs were fixed: - NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). - NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). - NFS: Improve heuristic for readdirplus (bsc#1231847). - NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847). - VFS: use system_unbound_wq for delayed_mntput (bsc#1234683). - ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592). - ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980). - netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778). - powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825). - tipc: fix NULL deref in cleanup_bearer() (bsc#1235433). - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes). Important SUSE bug 1194869 SUSE bug 1216813 SUSE bug 1223384 SUSE bug 1225736 SUSE bug 1226848 SUSE bug 1226980 SUSE bug 1228537 SUSE bug 1228592 SUSE bug 1230341 SUSE bug 1230432 SUSE bug 1230527 SUSE bug 1230697 SUSE bug 1231088 SUSE bug 1231847 SUSE bug 1232914 SUSE bug 1233028 SUSE bug 1233055 SUSE bug 1233097 SUSE bug 1233103 SUSE bug 1233112 SUSE bug 1233464 SUSE bug 1233488 SUSE bug 1233642 SUSE bug 1233778 SUSE bug 1234024 SUSE bug 1234025 SUSE bug 1234078 SUSE bug 1234087 SUSE bug 1234153 SUSE bug 1234155 SUSE bug 1234223 SUSE bug 1234381 SUSE bug 1234683 SUSE bug 1234690 SUSE bug 1234825 SUSE bug 1234829 SUSE bug 1234832 SUSE bug 1234884 SUSE bug 1234889 SUSE bug 1234896 SUSE bug 1234899 SUSE bug 1234900 SUSE bug 1234905 SUSE bug 1234909 SUSE bug 1234916 SUSE bug 1234918 SUSE bug 1234922 SUSE bug 1234930 SUSE bug 1234931 SUSE bug 1234934 SUSE bug 1234962 SUSE bug 1234999 SUSE bug 1235002 SUSE bug 1235009 SUSE bug 1235011 SUSE bug 1235053 SUSE bug 1235057 SUSE bug 1235059 SUSE bug 1235100 SUSE bug 1235122 SUSE bug 1235123 SUSE bug 1235133 SUSE bug 1235134 SUSE bug 1235217 SUSE bug 1235222 SUSE bug 1235230 SUSE bug 1235249 SUSE bug 1235410 SUSE bug 1235430 SUSE bug 1235433 SUSE bug 1235441 SUSE bug 1235451 SUSE bug 1235458 SUSE bug 1235466 SUSE bug 1235473 SUSE bug 1235480 SUSE bug 1235491 SUSE bug 1235495 SUSE bug 1235496 SUSE bug 1235521 SUSE bug 1235557 SUSE bug 1235563 SUSE bug 1235570 SUSE bug 1235584 SUSE bug 1235611 SUSE bug 1235635 SUSE bug 1235641 SUSE bug 1235643 SUSE bug 1235645 SUSE bug 1235647 SUSE bug 1235723 SUSE bug 1235739 SUSE bug 1235747 SUSE bug 1235759 SUSE bug 1235764 SUSE bug 1235768 SUSE bug 1235806 SUSE bug 1235812 SUSE bug 1235814 SUSE bug 1235818 SUSE bug 1235842 SUSE bug 1235920 SUSE bug 1235969 SUSE bug 1236628 CVE-2024-26758 at SUSE CVE-2024-26758 at NVD CVE-2024-26943 at SUSE CVE-2024-26943 at NVD CVE-2024-36898 at SUSE CVE-2024-36898 at NVD CVE-2024-38599 at SUSE CVE-2024-38599 at NVD CVE-2024-41047 at SUSE CVE-2024-41047 at NVD CVE-2024-45019 at SUSE CVE-2024-45019 at NVD CVE-2024-46858 at SUSE CVE-2024-46858 at NVD CVE-2024-50051 at SUSE CVE-2024-50051 at NVD CVE-2024-50136 at SUSE CVE-2024-50136 at NVD CVE-2024-50142 at SUSE CVE-2024-50142 at NVD CVE-2024-50151 at SUSE CVE-2024-50151 at NVD CVE-2024-50195 at SUSE CVE-2024-50195 at NVD CVE-2024-50199 at SUSE CVE-2024-50199 at NVD CVE-2024-50210 at SUSE CVE-2024-50210 at NVD CVE-2024-50275 at SUSE CVE-2024-50275 at NVD CVE-2024-50299 at SUSE CVE-2024-50299 at NVD CVE-2024-53095 at SUSE CVE-2024-53095 at NVD CVE-2024-53103 at SUSE CVE-2024-53103 at NVD CVE-2024-53104 at SUSE CVE-2024-53104 at NVD CVE-2024-53112 at SUSE CVE-2024-53112 at NVD CVE-2024-53121 at SUSE CVE-2024-53121 at NVD CVE-2024-53127 at SUSE CVE-2024-53127 at NVD CVE-2024-53129 at SUSE CVE-2024-53129 at NVD CVE-2024-53138 at SUSE CVE-2024-53138 at NVD CVE-2024-53141 at SUSE CVE-2024-53141 at NVD CVE-2024-53144 at SUSE CVE-2024-53144 at NVD CVE-2024-53148 at SUSE CVE-2024-53148 at NVD CVE-2024-53151 at SUSE CVE-2024-53151 at NVD CVE-2024-53166 at SUSE CVE-2024-53166 at NVD CVE-2024-53169 at SUSE CVE-2024-53169 at NVD CVE-2024-53171 at SUSE CVE-2024-53171 at NVD CVE-2024-53174 at SUSE CVE-2024-53174 at NVD CVE-2024-53177 at SUSE CVE-2024-53177 at NVD CVE-2024-53208 at SUSE CVE-2024-53208 at NVD CVE-2024-53209 at SUSE CVE-2024-53209 at NVD CVE-2024-53215 at SUSE CVE-2024-53215 at NVD CVE-2024-53217 at SUSE CVE-2024-53217 at NVD CVE-2024-53224 at SUSE CVE-2024-53224 at NVD CVE-2024-53227 at SUSE CVE-2024-53227 at NVD CVE-2024-53229 at SUSE CVE-2024-53229 at NVD CVE-2024-53690 at SUSE CVE-2024-53690 at NVD CVE-2024-54680 at SUSE CVE-2024-54680 at NVD CVE-2024-55916 at SUSE CVE-2024-55916 at NVD CVE-2024-56531 at SUSE CVE-2024-56531 at NVD CVE-2024-56532 at SUSE CVE-2024-56532 at NVD CVE-2024-56533 at SUSE CVE-2024-56533 at NVD CVE-2024-56557 at SUSE CVE-2024-56557 at NVD CVE-2024-56558 at SUSE CVE-2024-56558 at NVD CVE-2024-56562 at SUSE CVE-2024-56562 at NVD CVE-2024-56567 at SUSE CVE-2024-56567 at NVD CVE-2024-56588 at SUSE CVE-2024-56588 at NVD CVE-2024-56595 at SUSE CVE-2024-56595 at NVD CVE-2024-56596 at SUSE CVE-2024-56596 at NVD CVE-2024-56597 at SUSE CVE-2024-56597 at NVD CVE-2024-56600 at SUSE CVE-2024-56600 at NVD CVE-2024-56601 at SUSE CVE-2024-56601 at NVD CVE-2024-56602 at SUSE CVE-2024-56602 at NVD CVE-2024-56623 at SUSE CVE-2024-56623 at NVD CVE-2024-56629 at SUSE CVE-2024-56629 at NVD CVE-2024-56631 at SUSE CVE-2024-56631 at NVD CVE-2024-56642 at SUSE CVE-2024-56642 at NVD CVE-2024-56644 at SUSE CVE-2024-56644 at NVD CVE-2024-56645 at SUSE CVE-2024-56645 at NVD CVE-2024-56648 at SUSE CVE-2024-56648 at NVD CVE-2024-56650 at SUSE CVE-2024-56650 at NVD CVE-2024-56658 at SUSE CVE-2024-56658 at NVD CVE-2024-56661 at SUSE CVE-2024-56661 at NVD CVE-2024-56664 at SUSE CVE-2024-56664 at NVD CVE-2024-56678 at SUSE CVE-2024-56678 at NVD CVE-2024-56681 at SUSE CVE-2024-56681 at NVD CVE-2024-56698 at SUSE CVE-2024-56698 at NVD CVE-2024-56701 at SUSE CVE-2024-56701 at NVD CVE-2024-56704 at SUSE CVE-2024-56704 at NVD CVE-2024-56722 at SUSE CVE-2024-56722 at NVD CVE-2024-56739 at SUSE CVE-2024-56739 at NVD CVE-2024-56745 at SUSE CVE-2024-56745 at NVD CVE-2024-56747 at SUSE CVE-2024-56747 at NVD CVE-2024-56754 at SUSE CVE-2024-56754 at NVD CVE-2024-56756 at SUSE CVE-2024-56756 at NVD CVE-2024-56759 at SUSE CVE-2024-56759 at NVD CVE-2024-56765 at SUSE CVE-2024-56765 at NVD CVE-2024-56776 at SUSE CVE-2024-56776 at NVD CVE-2024-56777 at SUSE CVE-2024-56777 at NVD CVE-2024-56778 at SUSE CVE-2024-56778 at NVD CVE-2024-57791 at SUSE CVE-2024-57791 at NVD CVE-2024-57792 at SUSE CVE-2024-57792 at NVD CVE-2024-57793 at SUSE CVE-2024-57793 at NVD CVE-2024-57798 at SUSE CVE-2024-57798 at NVD CVE-2024-57849 at SUSE CVE-2024-57849 at NVD CVE-2024-57850 at SUSE CVE-2024-57850 at NVD CVE-2024-57876 at SUSE CVE-2024-57876 at NVD CVE-2024-57893 at SUSE CVE-2024-57893 at NVD CVE-2024-57897 at SUSE CVE-2024-57897 at NVD CVE-2024-8805 at SUSE CVE-2024-8805 at NVD cpe:/o:suse:sle-micro:5.5 Security update for grub2 (Important) SUSE Linux Enterprise Micro 5.5 This update for grub2 fixes the following issues: - CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617) - CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958) - CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615) - CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614) - CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616) - CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609) - CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610) - CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612) - CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613) - CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable modules. (bsc#1233606) - CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608) - CVE-2025-0624: Fixed an out-of-bounds write during the network boot process. (bsc#1236316) - CVE-2025-0622: Fixed a use-after-free when handling hooks during module unload in command/gpg . (bsc#1236317) - CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds write through the read command. (bsc#1237012) - CVE-2025-1118: Fixed an issue where the dump command was not being blocked when grub was in lockdown mode. (bsc#1237013) - CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in ufs. (bsc#1237002) - CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in reiserfs. (bsc#1237008) - CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in jfs. (bsc#1237009) - CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in romfs. (bsc#1237010) - CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to arbitrary code execution. (bsc#1237011) - CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds write in hfs. (bsc#1237014) - CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds write in squash4. (bsc#1237006) Important SUSE bug 1233606 SUSE bug 1233608 SUSE bug 1233609 SUSE bug 1233610 SUSE bug 1233612 SUSE bug 1233613 SUSE bug 1233614 SUSE bug 1233615 SUSE bug 1233616 SUSE bug 1233617 SUSE bug 1234958 SUSE bug 1236316 SUSE bug 1236317 SUSE bug 1237002 SUSE bug 1237006 SUSE bug 1237008 SUSE bug 1237009 SUSE bug 1237010 SUSE bug 1237011 SUSE bug 1237012 SUSE bug 1237013 SUSE bug 1237014 CVE-2024-45774 at SUSE CVE-2024-45774 at NVD CVE-2024-45775 at SUSE CVE-2024-45775 at NVD CVE-2024-45776 at SUSE CVE-2024-45776 at NVD CVE-2024-45777 at SUSE CVE-2024-45777 at NVD CVE-2024-45778 at SUSE CVE-2024-45778 at NVD CVE-2024-45779 at SUSE CVE-2024-45779 at NVD CVE-2024-45780 at SUSE CVE-2024-45780 at NVD CVE-2024-45781 at SUSE CVE-2024-45781 at NVD CVE-2024-45782 at SUSE CVE-2024-45782 at NVD CVE-2024-45783 at SUSE CVE-2024-45783 at NVD CVE-2024-56737 at SUSE CVE-2024-56737 at NVD CVE-2025-0622 at SUSE CVE-2025-0622 at NVD CVE-2025-0624 at SUSE CVE-2025-0624 at NVD CVE-2025-0677 at SUSE CVE-2025-0677 at NVD CVE-2025-0678 at SUSE CVE-2025-0678 at NVD CVE-2025-0684 at SUSE CVE-2025-0684 at NVD CVE-2025-0685 at SUSE CVE-2025-0685 at NVD CVE-2025-0686 at SUSE CVE-2025-0686 at NVD CVE-2025-0689 at SUSE CVE-2025-0689 at NVD CVE-2025-0690 at SUSE CVE-2025-0690 at NVD CVE-2025-1118 at SUSE CVE-2025-1118 at NVD CVE-2025-1125 at SUSE CVE-2025-1125 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Moderate) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) - CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. - CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. - CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. - CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. - New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors with E-Cores ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000037 | 00000038 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000435 | 00000436 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000435 | 00000436 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB | A0/R0 | 06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100 | CFL-H | R0 | 06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000f8 | 000000fa | Core Gen8 Desktop, Mobile, Xeon E | EMR-SP | A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | EMR-SP | A1 | 06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | ICL-D | B0 | 06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3 | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004123 | 00004124 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000037 | 00000038 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004123 | 00004124 | Core Gen13 | RPL-S | H0 | 06-bf-05/07 | 00000037 | 00000038 | Core Gen13/Gen14 | RKL-S | B0 | 06-a7-01/02 | 00000062 | 00000063 | Core Gen11 | SPR-HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | TWL | N0 | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### New Disclosures Updated in Prior Releases | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9 Moderate SUSE bug 1237096 CVE-2024-31068 at SUSE CVE-2024-31068 at NVD CVE-2024-36293 at SUSE CVE-2024-36293 at NVD CVE-2024-37020 at SUSE CVE-2024-37020 at NVD CVE-2024-39355 at SUSE CVE-2024-39355 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm fixes the following issues: Update to version 3.17.1: - CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content (bsc#1235318). - CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent authorization bypass in golang.org/x/crypto (bsc#1234482). Important SUSE bug 1234482 SUSE bug 1235318 CVE-2024-45337 at SUSE CVE-2024-45337 at NVD CVE-2024-45338 at SUSE CVE-2024-45338 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssh (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040). Moderate SUSE bug 1237040 CVE-2025-26465 at SUSE CVE-2025-26465 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ovmf (Important) SUSE Linux Enterprise Micro 5.5 This update for ovmf fixes the following issues: - PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 (bsc#1237084). Important SUSE bug 1237084 CVE-2023-45236 at SUSE CVE-2023-45236 at NVD CVE-2023-45237 at SUSE CVE-2023-45237 at NVD cpe:/o:suse:sle-micro:5.5 Security update for google-osconfig-agent (Important) SUSE Linux Enterprise Micro 5.5 This update for google-osconfig-agent fixes the following issues: - CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. (bsc#1236560) Important SUSE bug 1236560 CVE-2024-45339 at SUSE CVE-2024-45339 at NVD cpe:/o:suse:sle-micro:5.5 Security update for dnsmasq (Important) SUSE Linux Enterprise Micro 5.5 This update for dnsmasq fixes the following issues: - Version update to 2.90: - CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219823) - CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219826) - CVE-2023-28450: Default maximum EDNS.0 UDP packet size should be 1232. (bsc#1209358) Important SUSE bug 1200344 SUSE bug 1207174 SUSE bug 1209358 SUSE bug 1214884 SUSE bug 1219823 SUSE bug 1219826 CVE-2023-28450 at SUSE CVE-2023-28450 at NVD CVE-2023-50387 at SUSE CVE-2023-50387 at NVD CVE-2023-50868 at SUSE CVE-2023-50868 at NVD cpe:/o:suse:sle-micro:5.5 Security update for pam_pkcs11 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for pam_pkcs11 fixes the following issues: - CVE-2025-24032: default value for `cert_policy` (`none`) allows for authentication bypass (bsc#1237062). - CVE-2025-24031: uninitialized pointer dereference caused by user pressing ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058). Moderate SUSE bug 1237058 SUSE bug 1237062 CVE-2025-24031 at SUSE CVE-2025-24031 at NVD CVE-2025-24032 at SUSE CVE-2025-24032 at NVD cpe:/o:suse:sle-micro:5.5 Security update for vim (Moderate) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: Update to version 9.1.1101: - CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685). - CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822). - CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078). - CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode (bsc#1235695). - CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151). - CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137). Moderate SUSE bug 1229685 SUSE bug 1229822 SUSE bug 1230078 SUSE bug 1235695 SUSE bug 1236151 SUSE bug 1237137 CVE-2024-43790 at SUSE CVE-2024-43790 at NVD CVE-2024-43802 at SUSE CVE-2024-43802 at NVD CVE-2024-45306 at SUSE CVE-2024-45306 at NVD CVE-2025-1215 at SUSE CVE-2025-1215 at NVD CVE-2025-22134 at SUSE CVE-2025-22134 at NVD CVE-2025-24014 at SUSE CVE-2025-24014 at NVD cpe:/o:suse:sle-micro:5.5 Security update for procps (Important) SUSE Linux Enterprise Micro 5.5 This update for procps fixes the following issues: - Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid argument has a leading space (bsc#1236842, bsc#1214290). Important SUSE bug 1214290 SUSE bug 1236842 CVE-2023-4016 at SUSE CVE-2023-4016 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openvswitch3 (Important) SUSE Linux Enterprise Micro 5.5 This update for openvswitch3 fixes the following issues: - CVE-2025-0650: Fixed egress ACLs that may be bypassed via specially crafted UDP packet (bsc#1236353). Important SUSE bug 1236353 CVE-2025-0650 at SUSE CVE-2025-0650 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363). - CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c (bsc#1237370). - CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c (bsc#1237418). Important SUSE bug 1237363 SUSE bug 1237370 SUSE bug 1237418 CVE-2024-56171 at SUSE CVE-2024-56171 at NVD CVE-2025-24928 at SUSE CVE-2025-24928 at NVD CVE-2025-27113 at SUSE CVE-2025-27113 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libX11 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libX11 fixes the following issues: - CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431). Moderate SUSE bug 1237431 CVE-2025-26597 at SUSE CVE-2025-26597 at NVD cpe:/o:suse:sle-micro:5.5 Security update for u-boot (Moderate) SUSE Linux Enterprise Micro 5.5 This update for u-boot fixes the following issues: - CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function (bsc#1237284). - CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator (bsc#1237287). Moderate SUSE bug 1237284 SUSE bug 1237287 CVE-2024-57256 at SUSE CVE-2024-57256 at NVD CVE-2024-57258 at SUSE CVE-2024-57258 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS (bsc#1236974). Moderate SUSE bug 1236974 CVE-2024-12243 at SUSE CVE-2024-12243 at NVD cpe:/o:suse:sle-micro:5.5 Security update for skopeo (Important) SUSE Linux Enterprise Micro 5.5 This update for skopeo fixes the following issues: - CVE-2025-27144: excessive memory consumption by Go JOSE when parsing compact JWS or JWE input containing a large number of '.' characters (bsc#1237613). Important SUSE bug 1237613 CVE-2025-27144 at SUSE CVE-2025-27144 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker (Moderate) SUSE Linux Enterprise Micro 5.5 This update for docker fixes the following issues: Update to Docker 27.5.1-ce (bsc#1237335): - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration (bsc#1234089). Moderate SUSE bug 1234089 SUSE bug 1237335 CVE-2024-29018 at SUSE CVE-2024-29018 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Important) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237641) Important SUSE bug 1237641 CVE-2025-27144 at SUSE CVE-2025-27144 at NVD cpe:/o:suse:sle-micro:5.5 Recommended update for python3-M2Crypto (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3-M2Crypto fixes the following issues: - Fix spelling of BSD-2-Clause license. - Update to 0.44.0: - The real license is BSD 2-Clause, not MIT. - Remove python-M2Crypto.keyring, because PyPI broke GPG support - Build for modern python stack on SLE/Leap - require setuptools - Make tests running again. - Remove unnecessary fdupes call - Add python-typing as a dependency - SLE12 requires swig3 for a successful build, too Moderate SUSE bug 1205042 SUSE bug 1231589 SUSE bug 1236664 CVE-2020-25657 at SUSE CVE-2020-25657 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). - CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). - CVE-2024-53226: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (bsc#1236576) - CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). - CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). - CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). - CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: - cpufreq/amd-pstate: Only print supported EPP values for performance governor (bsc#1236777). - iavf: fix the waiting time for initial reset (bsc#1235111). - ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1235111). - ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1235111). - ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1235111). - idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). - ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). - kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). - net: Fix undefined behavior in netdev name allocation (bsc#1233749). - net: avoid UAF on deleted altname (bsc#1233749). - net: check for altname conflicts when changing netdev's netns (bsc#1233749). - net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). - net: do not send a MOVE event when netdev changes netns (bsc#1233749). - net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). - net: fix ifname in netlink ntf during netns move (bsc#1233749). - net: fix removing a namespace with conflicting altnames (bsc#1233749). - net: free altname using an RCU callback (bsc#1233749). - net: introduce a function to check if a netdev name is in use (bsc#1233749). - net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). - net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). - net: mana: Cleanup 'mana' debugfs dir after cleanup of all children (bsc#1236760). - net: mana: Enable debugfs files for MANA device (bsc#1236758). - net: minor __dev_alloc_name() optimization (bsc#1233749). - net: move altnames together with the netdevice (bsc#1233749). - net: netvsc: Update default VMBus channels (bsc#1236757). - net: reduce indentation of __dev_alloc_name() (bsc#1233749). - net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). - net: remove else after return in dev_prep_valid_name() (bsc#1233749). - net: trust the bitmap in __dev_alloc_name() (bsc#1233749). - nfsd: use explicit lock/unlock for directory ops (bsc#1234650 bsc#1233701 bsc#1232472). - rcu: Remove rcu_is_idle_cpu() (bsc#1236289). - scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). - x86/aperfmperf: Dont wake idle CPUs in arch_freq_get_on_cpu() (bsc#1236289). - x86/aperfmperf: Integrate the fallback code from show_cpuinfo() (bsc#1236289). - x86/aperfmperf: Make parts of the frequency invariance code unconditional (bsc#1236289). - x86/aperfmperf: Put frequency invariance aperf/mperf data into a struct (bsc#1236289). - x86/aperfmperf: Replace aperfmperf_get_khz() (bsc#1236289). - x86/aperfmperf: Replace arch_freq_get_on_cpu() (bsc#1236289). - x86/aperfmperf: Restructure arch_scale_freq_tick() (bsc#1236289). - x86/aperfmperf: Separate AP/BP frequency invariance init (bsc#1236289). - x86/aperfmperf: Store aperf/mperf data for cpu frequency reads (bsc#1236289). - x86/aperfmperf: Untangle Intel and AMD frequency invariance init (bsc#1236289). - x86/aperfperf: Make it correct on 32bit and UP kernels (bsc#1236289). - x86/smp: Move APERF/MPERF code where it belongs (bsc#1236289). - x86/smp: Remove unnecessary assignment to local var freq_scale (bsc#1236289). - x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). - x86/xen: allow larger contiguous memory regions in PV guests (bsc#1236951). - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). - xen/swiotlb: relax alignment requirements (bsc#1236951). Important SUSE bug 1208995 SUSE bug 1220946 SUSE bug 1225742 SUSE bug 1232472 SUSE bug 1232919 SUSE bug 1233701 SUSE bug 1233749 SUSE bug 1234154 SUSE bug 1234650 SUSE bug 1234853 SUSE bug 1234891 SUSE bug 1234963 SUSE bug 1235054 SUSE bug 1235061 SUSE bug 1235073 SUSE bug 1235111 SUSE bug 1236133 SUSE bug 1236289 SUSE bug 1236576 SUSE bug 1236661 SUSE bug 1236677 SUSE bug 1236757 SUSE bug 1236758 SUSE bug 1236760 SUSE bug 1236761 SUSE bug 1236777 SUSE bug 1236951 SUSE bug 1237025 SUSE bug 1237028 SUSE bug 1237139 SUSE bug 1237316 SUSE bug 1237693 SUSE bug 1238033 CVE-2022-49080 at SUSE CVE-2022-49080 at NVD CVE-2023-1192 at SUSE CVE-2023-1192 at NVD CVE-2023-52572 at SUSE CVE-2023-52572 at NVD CVE-2024-50115 at SUSE CVE-2024-50115 at NVD CVE-2024-53135 at SUSE CVE-2024-53135 at NVD CVE-2024-53173 at SUSE CVE-2024-53173 at NVD CVE-2024-53226 at SUSE CVE-2024-53226 at NVD CVE-2024-53239 at SUSE CVE-2024-53239 at NVD CVE-2024-56539 at SUSE CVE-2024-56539 at NVD CVE-2024-56548 at SUSE CVE-2024-56548 at NVD CVE-2024-56605 at SUSE CVE-2024-56605 at NVD CVE-2024-57948 at SUSE CVE-2024-57948 at NVD CVE-2025-21647 at SUSE CVE-2025-21647 at NVD CVE-2025-21690 at SUSE CVE-2025-21690 at NVD CVE-2025-21692 at SUSE CVE-2025-21692 at NVD CVE-2025-21699 at SUSE CVE-2025-21699 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). - CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154). - CVE-2024-53226: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (bsc#1236576) - CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677). - CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133). - CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). - CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: - NFSD: use explicit lock/unlock for directory ops (bsc#1234650 bsc#1233701 bsc#1232472). - cpufreq/amd-pstate: Only print supported EPP values for performance governor (bsc#1236777). - iavf: fix the waiting time for initial reset (bsc#1235111). - ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1235111). - ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1235111). - ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1235111). - idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316). - ipv4/tcp: do not use per netns ctl sockets (bsc#1237693). - kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749). - net: Fix undefined behavior in netdev name allocation (bsc#1233749). - net: avoid UAF on deleted altname (bsc#1233749). - net: check for altname conflicts when changing netdev's netns (bsc#1233749). - net: core: Use the bitmap API to allocate bitmaps (bsc#1233749). - net: do not send a MOVE event when netdev changes netns (bsc#1233749). - net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749). - net: fix ifname in netlink ntf during netns move (bsc#1233749). - net: fix removing a namespace with conflicting altnames (bsc#1233749). - net: free altname using an RCU callback (bsc#1233749). - net: introduce a function to check if a netdev name is in use (bsc#1233749). - net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749). - net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). - net: mana: Cleanup 'mana' debugfs dir after cleanup of all children (bsc#1236760). - net: mana: Enable debugfs files for MANA device (bsc#1236758). - net: minor __dev_alloc_name() optimization (bsc#1233749). - net: move altnames together with the netdevice (bsc#1233749). - net: netvsc: Update default VMBus channels (bsc#1236757). - net: reduce indentation of __dev_alloc_name() (bsc#1233749). - net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749). - net: remove else after return in dev_prep_valid_name() (bsc#1233749). - net: trust the bitmap in __dev_alloc_name() (bsc#1233749). - rcu: Remove rcu_is_idle_cpu() (bsc#1236289). - scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes). - x86/aperfmperf: Dont wake idle CPUs in arch_freq_get_on_cpu() (bsc#1236289). - x86/aperfmperf: Integrate the fallback code from show_cpuinfo() (bsc#1236289). - x86/aperfmperf: Make parts of the frequency invariance code unconditional (bsc#1236289). - x86/aperfmperf: Put frequency invariance aperf/mperf data into a struct (bsc#1236289). - x86/aperfmperf: Replace aperfmperf_get_khz() (bsc#1236289). - x86/aperfmperf: Replace arch_freq_get_on_cpu() (bsc#1236289). - x86/aperfmperf: Restructure arch_scale_freq_tick() (bsc#1236289). - x86/aperfmperf: Separate AP/BP frequency invariance init (bsc#1236289). - x86/aperfmperf: Store aperf/mperf data for cpu frequency reads (bsc#1236289). - x86/aperfmperf: Untangle Intel and AMD frequency invariance init (bsc#1236289). - x86/aperfperf: Make it correct on 32bit and UP kernels (bsc#1236289). - x86/smp: Move APERF/MPERF code where it belongs (bsc#1236289). - x86/smp: Remove unnecessary assignment to local var freq_scale (bsc#1236289). - x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes). - x86/xen: allow larger contiguous memory regions in PV guests (bsc#1236951). - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes). - xen/swiotlb: relax alignment requirements (bsc#1236951). Important SUSE bug 1208995 SUSE bug 1220946 SUSE bug 1225742 SUSE bug 1232472 SUSE bug 1232919 SUSE bug 1233701 SUSE bug 1233749 SUSE bug 1234154 SUSE bug 1234650 SUSE bug 1234853 SUSE bug 1234891 SUSE bug 1234963 SUSE bug 1235054 SUSE bug 1235061 SUSE bug 1235073 SUSE bug 1235111 SUSE bug 1236133 SUSE bug 1236289 SUSE bug 1236576 SUSE bug 1236661 SUSE bug 1236677 SUSE bug 1236757 SUSE bug 1236758 SUSE bug 1236760 SUSE bug 1236761 SUSE bug 1236777 SUSE bug 1236951 SUSE bug 1237025 SUSE bug 1237028 SUSE bug 1237139 SUSE bug 1237316 SUSE bug 1237693 SUSE bug 1238033 CVE-2022-49080 at SUSE CVE-2022-49080 at NVD CVE-2023-1192 at SUSE CVE-2023-1192 at NVD CVE-2023-52572 at SUSE CVE-2023-52572 at NVD CVE-2024-50115 at SUSE CVE-2024-50115 at NVD CVE-2024-53135 at SUSE CVE-2024-53135 at NVD CVE-2024-53173 at SUSE CVE-2024-53173 at NVD CVE-2024-53226 at SUSE CVE-2024-53226 at NVD CVE-2024-53239 at SUSE CVE-2024-53239 at NVD CVE-2024-56539 at SUSE CVE-2024-56539 at NVD CVE-2024-56548 at SUSE CVE-2024-56548 at NVD CVE-2024-56605 at SUSE CVE-2024-56605 at NVD CVE-2024-57948 at SUSE CVE-2024-57948 at NVD CVE-2025-21647 at SUSE CVE-2025-21647 at NVD CVE-2025-21690 at SUSE CVE-2025-21690 at NVD CVE-2025-21692 at SUSE CVE-2025-21692 at NVD CVE-2025-21699 at SUSE CVE-2025-21699 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libarchive (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libarchive fixes the following issues: - CVE-2025-25724: Fixed buffer overflow vulnerability in function list_item_verbose() in tar/util.c (bsc#1238610). Moderate SUSE bug 1238610 CVE-2025-25724 at SUSE CVE-2025-25724 at NVD cpe:/o:suse:sle-micro:5.5 Security update for freetype2 (Important) SUSE Linux Enterprise Micro 5.5 This update for freetype2 fixes the following issues: - CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to TrueType GX and variable font files (bsc#1239465). Important SUSE bug 1239465 CVE-2025-27363 at SUSE CVE-2025-27363 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917). - CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850). - CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857). The following non-security bugs were fixed: - Disable CONFIG_NET_SCH_ATM (jsc#PED-12836). - apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849). - apparmor: fix differential encoding verification (bsc#1258849). - apparmor: fix memory leak in verify_header (bsc#1258849). - apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849). - apparmor: fix race between freeing data and fs accessing it (bsc#1258849). - apparmor: fix race on rawdata dereference (bsc#1258849). - apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849). - apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849). - apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849). - apparmor: replace recursive profile removal with iterative approach (bsc#1258849). - apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849). Important SUSE bug 1238917 SUSE bug 1255075 SUSE bug 1256645 SUSE bug 1257231 SUSE bug 1257473 SUSE bug 1257732 SUSE bug 1257735 SUSE bug 1257749 SUSE bug 1257790 SUSE bug 1258340 SUSE bug 1258395 SUSE bug 1258518 SUSE bug 1258849 SUSE bug 1258850 SUSE bug 1259857 CVE-2025-21738 at SUSE CVE-2025-21738 at NVD CVE-2025-40242 at SUSE CVE-2025-40242 at NVD CVE-2025-71066 at SUSE CVE-2025-71066 at NVD CVE-2026-23004 at SUSE CVE-2026-23004 at NVD CVE-2026-23054 at SUSE CVE-2026-23054 at NVD CVE-2026-23060 at SUSE CVE-2026-23060 at NVD CVE-2026-23074 at SUSE CVE-2026-23074 at NVD CVE-2026-23089 at SUSE CVE-2026-23089 at NVD CVE-2026-23191 at SUSE CVE-2026-23191 at NVD CVE-2026-23204 at SUSE CVE-2026-23204 at NVD CVE-2026-23209 at SUSE CVE-2026-23209 at NVD CVE-2026-23268 at SUSE CVE-2026-23268 at NVD CVE-2026-23269 at SUSE CVE-2026-23269 at NVD cpe:/o:suse:sle-micro:5.5 Security update for salt (Important) SUSE Linux Enterprise Micro 5.5 This update for salt fixes the following issues: - Security issues fixed: * CVE-2025-67724: Fixed missing validation of supplied reason phrase (bsc#1254903) * CVE-2025-67725: Fixed DoS via malicious HTTP request (bsc#1254905) * CVE-2025-67726: Fixed HTTP header parameter parsing algorithm (bsc#1254904) * CVE-2025-13836: Set a safe limit to http.client response read (bsc#1254400) - Made syntax in httputil_test compatible with Python 3.6 - Fixed KeyError in postgres module with PostgreSQL 17 (bsc#1254325) - Use internal deb classes instead of external aptsource lib - Improved wheel key.finger call (bsc#1240532) - Improved utils.find_json function (bsc#1246130) - Extended warn_until period to 2027 Important SUSE bug 1240532 SUSE bug 1246130 SUSE bug 1254325 SUSE bug 1254400 SUSE bug 1254903 SUSE bug 1254904 SUSE bug 1254905 CVE-2025-13836 at SUSE CVE-2025-13836 at NVD CVE-2025-67724 at SUSE CVE-2025-67724 at NVD CVE-2025-67725 at SUSE CVE-2025-67725 at NVD CVE-2025-67726 at SUSE CVE-2025-67726 at NVD cpe:/o:suse:sle-micro:5.5 Security update for systemd (Important) SUSE Linux Enterprise Micro 5.5 This update for systemd fixes the following issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650). - CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418). - udev: check for invalid chars in various fields received from the kernel (bsc#1259697). Changelog: - 6a38d88a42 machined: reject invalid class types when registering machines - 8c9a592e5a udev: fix review mixup - b57007a917 udev-builtin-net-id: print cescaped bad attributes - ee23c7604b udev-builtin-net_id: do not assume the current interface name is ethX - 0f63e799e6 udev: ensure tag parsing stays within bounds - 046f52ec12 udev: ensure there is space for trailing NUL before calling sprintf - 5be21460ce udev: check for invalid chars in various fields received from the kernel - 9559607b16 core/cgroup: avoid one unnecessary strjoina() - fcae348ca4 core: validate input cgroup path more prudently - a3ca6b3031 alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere - 08125d6b06 units: add dep on systemd-logind.service by user@.service Important SUSE bug 1259418 SUSE bug 1259650 SUSE bug 1259697 CVE-2026-29111 at SUSE CVE-2026-29111 at NVD CVE-2026-4105 at SUSE CVE-2026-4105 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sqlite3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670). - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619). Changelog: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug Moderate SUSE bug 1254670 SUSE bug 1259619 CVE-2025-70873 at SUSE CVE-2025-70873 at NVD CVE-2025-7709 at SUSE CVE-2025-7709 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3 fixes the following issue: - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867). Moderate SUSE bug 1254867 SUSE bug 1259829 CVE-2025-66471 at SUSE CVE-2025-66471 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917). - CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850). - CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857). The following non security issues were fixed: - apparmor: fix differential encoding verification (bsc#1258849). - apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849). - apparmor: fix memory leak in verify_header (bsc#1258849). - apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849). - apparmor: fix race between freeing data and fs accessing it (bsc#1258849). - apparmor: fix race on rawdata dereference (bsc#1258849). - apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849). - apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849). - apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849). - apparmor: replace recursive profile removal with iterative approach (bsc#1258849). - apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849). Important SUSE bug 1238917 SUSE bug 1255075 SUSE bug 1256645 SUSE bug 1257231 SUSE bug 1257473 SUSE bug 1257732 SUSE bug 1257735 SUSE bug 1257749 SUSE bug 1257790 SUSE bug 1258340 SUSE bug 1258395 SUSE bug 1258518 SUSE bug 1258849 SUSE bug 1258850 SUSE bug 1259857 CVE-2025-21738 at SUSE CVE-2025-21738 at NVD CVE-2025-40242 at SUSE CVE-2025-40242 at NVD CVE-2025-71066 at SUSE CVE-2025-71066 at NVD CVE-2026-23004 at SUSE CVE-2026-23004 at NVD CVE-2026-23054 at SUSE CVE-2026-23054 at NVD CVE-2026-23060 at SUSE CVE-2026-23060 at NVD CVE-2026-23074 at SUSE CVE-2026-23074 at NVD CVE-2026-23089 at SUSE CVE-2026-23089 at NVD CVE-2026-23191 at SUSE CVE-2026-23191 at NVD CVE-2026-23204 at SUSE CVE-2026-23204 at NVD CVE-2026-23209 at SUSE CVE-2026-23209 at NVD CVE-2026-23268 at SUSE CVE-2026-23268 at NVD CVE-2026-23269 at SUSE CVE-2026-23269 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator (bsc#1257181). Important SUSE bug 1257181 CVE-2026-1299 at SUSE CVE-2026-1299 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Important) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2026-23554: xen: Use after free of paging structures in EPT (bsc#1259247, XSA-480) Important SUSE bug 1259247 CVE-2026-23554 at SUSE CVE-2026-23554 at NVD cpe:/o:suse:sle-micro:5.5 Security update for containerd (Important) SUSE Linux Enterprise Micro 5.5 This update for containerd rebuilds it against the current go 1.25 security release. Important cpe:/o:suse:sle-micro:5.5 Security update for python-pyasn1 (Important) SUSE Linux Enterprise Micro 5.5 This update for python-pyasn1 fixes the following issues: - CVE-2026-30922: Denial of Service via Unbounded Recursion (bsc#1259803). Important SUSE bug 1259803 CVE-2026-30922 at SUSE CVE-2026-30922 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Important) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). Important SUSE bug 1259711 SUSE bug 1259726 SUSE bug 1259729 CVE-2026-32776 at SUSE CVE-2026-32776 at NVD CVE-2026-32777 at SUSE CVE-2026-32777 at NVD CVE-2026-32778 at SUSE CVE-2026-32778 at NVD cpe:/o:suse:sle-micro:5.5 Security update for util-linux (Moderate) SUSE Linux Enterprise Micro 5.5 This update for util-linux fixes the following issues: - CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666). - lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682). Moderate SUSE bug 1254666 CVE-2025-14104 at SUSE CVE-2025-14104 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-tornado (Important) SUSE Linux Enterprise Micro 5.5 This update for python-tornado fixes the following issues: - CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259553). - incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes (bsc#1259630). Important SUSE bug 1254905 SUSE bug 1259553 SUSE bug 1259630 CVE-2026-31958 at SUSE CVE-2026-31958 at NVD cpe:/o:suse:sle-micro:5.5 Security update for tar (Important) SUSE Linux Enterprise Micro 5.5 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). Important SUSE bug 1246399 CVE-2025-45582 at SUSE CVE-2025-45582 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issue: - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418). Moderate SUSE bug 1256418 CVE-2026-0716 at SUSE CVE-2026-0716 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ignition (Important) SUSE Linux Enterprise Micro 5.5 This update for ignition fixes the following issue: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260251) Important SUSE bug 1260251 CVE-2026-33186 at SUSE CVE-2026-33186 at NVD cpe:/o:suse:sle-micro:5.5 Security update for bind (Important) SUSE Linux Enterprise Micro 5.5 This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations (bsc#1260805). Important SUSE bug 1260805 CVE-2026-1519 at SUSE CVE-2026-1519 at NVD cpe:/o:suse:sle-micro:5.5 Security update for nghttp2 (Important) SUSE Linux Enterprise Micro 5.5 This update for nghttp2 fixes the following issue: - CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845). Important SUSE bug 1259845 CVE-2026-27135 at SUSE CVE-2026-27135 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Important) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code (bsc#1260441). - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442). - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443). - CVE-2026-31789: Heap buffer overflow in hexadecimal conversion (bsc#1260444). Important SUSE bug 1260441 SUSE bug 1260442 SUSE bug 1260443 SUSE bug 1260444 CVE-2026-28387 at SUSE CVE-2026-28387 at NVD CVE-2026-28388 at SUSE CVE-2026-28388 at NVD CVE-2026-28389 at SUSE CVE-2026-28389 at NVD CVE-2026-31789 at SUSE CVE-2026-31789 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ovmf (Important) SUSE Linux Enterprise Micro 5.5 This update for ovmf fixes the following issues: - CVE-2022-36765: Fixed integer overflow to buffer overflow via local network vulnerability (bsc#1218680). Important SUSE bug 1218680 CVE-2022-36765 at SUSE CVE-2022-36765 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gpg2 (Important) SUSE Linux Enterprise Micro 5.5 This update for gpg2 fixes the following issues: - CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715). - Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246). - Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244). - Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390). Important SUSE bug 1255715 SUSE bug 1256244 SUSE bug 1256246 SUSE bug 1256390 CVE-2025-68973 at SUSE CVE-2025-68973 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-tornado (Important) SUSE Linux Enterprise Micro 5.5 This update for python-tornado fixes the following issues: - CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values (bsc#1254905). - CVE-2025-67726: Denial of Service (DoS) via maliciously crafted HTTP request caused by the HTTPHeaders.add method (bsc#1254904). Important SUSE bug 1254904 SUSE bug 1254905 CVE-2025-67725 at SUSE CVE-2025-67725 at NVD CVE-2025-67726 at SUSE CVE-2025-67726 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsodium (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libsodium fixes the following issues: - CVE-2025-15444: fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). Moderate SUSE bug 1256070 CVE-2025-15444 at SUSE CVE-2025-15444 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libtasn1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libtasn1 fixes the following issues: - CVE-2025-13151: stack-based buffer overflow in `asn1_expend_octet_string` (bsc#1256341). Moderate SUSE bug 1256341 CVE-2025-13151 at SUSE CVE-2025-13151 at NVD cpe:/o:suse:sle-micro:5.5 Security update for net-snmp (Important) SUSE Linux Enterprise Micro 5.5 This update for net-snmp fixes the following issues: - CVE-2025-68615: Fixed snmptrapd buffer overflow (bsc#1255491) Important SUSE bug 1255491 CVE-2025-68615 at SUSE CVE-2025-68615 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876). - CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399) Important SUSE bug 1254876 SUSE bug 1256399 CVE-2025-14523 at SUSE CVE-2025-14523 at NVD CVE-2026-0719 at SUSE CVE-2026-0719 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlb_handle_userfault (bsc#1254785). - CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576). - CVE-2023-53254: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels (bsc#1249871). - CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254751). - CVE-2024-56590: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (bsc#1235038). - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046). - CVE-2025-40019: crypto: essiv - Check ssize for decryption and in-place encryption (bsc#1252678). - CVE-2025-40139: net: ipv4: Consolidate ipv4_mtu and ip_dst_mtu_maybe_forward (bsc#1253409). - CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959). - CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520). - CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). - CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843). - CVE-2025-40277: drm/vmwgfx: Validate command header size against (bsc#1254894). - CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847). - CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). - CVE-2025-68732: gpu: host1x: Fix race in syncpt alloc/free (bsc#1255688). The following non security issues were fixed: - ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes). - ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes). - ACPI: property: Do not pass NULL handles to acpi_attach_data() (git-fixes). - ACPI: property: Fix buffer properties extraction for subnodes (git-fixes). - KVM: SVM: Fix TSC_AUX virtualization setup (git-fixes). - RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes). - RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes). - RDMA/hns: Fix the modification of max_send_sge (git-fixes). - RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes). - RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes). - RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes). - RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes). - RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes). - RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes). - RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes). - RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes). - RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes). - arch/idle: Change arch_cpu_idle() behavior: always exit with IRQs disabled (git-fixes). - cpuidle/poll: Ensure IRQs stay disabled after cpuidle_state::enter() calls (git-fixes). - cpuidle: Move IRQ state validation (git-fixes). - cpuidle: haltpoll: Do not enable interrupts when entering idle (git-fixes). - dm: free table mempools if not used in __bind (git-fixes). - padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563). - platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). - x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes). - x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes). - x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes). - x86/tdx: Drop flags from __tdx_hypercall() (git-fixes). - x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes). - x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes). - x86/tdx: Extend TDX_MODULE_CALL to support more TDCALL/SEAMCALL leafs (git-fixes). - x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes). - x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes). - x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes). - x86/tdx: Make TDX_HYPERCALL asm similar to TDX_MODULE_CALL (git-fixes). - x86/tdx: Make macros of TDCALLs consistent with the spec (git-fixes). - x86/tdx: Pass TDCALL/SEAMCALL input/output registers via a structure (git-fixes). - x86/tdx: Reimplement __tdx_hypercall() using TDX_MODULE_CALL asm (git-fixes). - x86/tdx: Remove 'struct tdx_hypercall_args' (git-fixes). - x86/tdx: Remove TDX_HCALL_ISSUE_STI (git-fixes). - x86/tdx: Rename __tdx_module_call() to __tdcall() (git-fixes). - x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes). - x86/tdx: Retry partially-completed page conversion hypercalls (git-fixes). - x86/tdx: Skip saving output regs when SEAMCALL fails with VMFailInvalid (git-fixes). - x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro (git-fixes). - x86/virt/tdx: Make TDX_MODULE_CALL handle SEAMCALL #UD and #GP (git-fixes). - x86/virt/tdx: Wire up basic SEAMCALL functions (git-fixes). - xfs: fix sparse inode limits on runt AG (bsc#1254392). Important SUSE bug 1065729 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1196823 SUSE bug 1204957 SUSE bug 1205567 SUSE bug 1206451 SUSE bug 1206843 SUSE bug 1206889 SUSE bug 1207051 SUSE bug 1207088 SUSE bug 1207315 SUSE bug 1207611 SUSE bug 1207620 SUSE bug 1207622 SUSE bug 1207636 SUSE bug 1207644 SUSE bug 1207646 SUSE bug 1207652 SUSE bug 1207653 SUSE bug 1208570 SUSE bug 1208758 SUSE bug 1209799 SUSE bug 1209980 SUSE bug 1210644 SUSE bug 1210817 SUSE bug 1210943 SUSE bug 1211690 SUSE bug 1213025 SUSE bug 1213032 SUSE bug 1213093 SUSE bug 1213105 SUSE bug 1213110 SUSE bug 1213111 SUSE bug 1213653 SUSE bug 1213747 SUSE bug 1213867 SUSE bug 1214635 SUSE bug 1214940 SUSE bug 1214962 SUSE bug 1214986 SUSE bug 1214990 SUSE bug 1216062 SUSE bug 1224573 SUSE bug 1225832 SUSE bug 1226797 SUSE bug 1226846 SUSE bug 1228015 SUSE bug 1233640 SUSE bug 1235038 SUSE bug 1237563 SUSE bug 1249871 SUSE bug 1252046 SUSE bug 1252678 SUSE bug 1253409 SUSE bug 1254392 SUSE bug 1254520 SUSE bug 1254559 SUSE bug 1254562 SUSE bug 1254572 SUSE bug 1254578 SUSE bug 1254580 SUSE bug 1254592 SUSE bug 1254601 SUSE bug 1254608 SUSE bug 1254609 SUSE bug 1254614 SUSE bug 1254615 SUSE bug 1254617 SUSE bug 1254623 SUSE bug 1254625 SUSE bug 1254626 SUSE bug 1254631 SUSE bug 1254632 SUSE bug 1254634 SUSE bug 1254644 SUSE bug 1254645 SUSE bug 1254649 SUSE bug 1254651 SUSE bug 1254653 SUSE bug 1254656 SUSE bug 1254658 SUSE bug 1254660 SUSE bug 1254664 SUSE bug 1254671 SUSE bug 1254674 SUSE bug 1254676 SUSE bug 1254677 SUSE bug 1254681 SUSE bug 1254684 SUSE bug 1254685 SUSE bug 1254686 SUSE bug 1254690 SUSE bug 1254692 SUSE bug 1254694 SUSE bug 1254696 SUSE bug 1254698 SUSE bug 1254699 SUSE bug 1254704 SUSE bug 1254706 SUSE bug 1254709 SUSE bug 1254710 SUSE bug 1254711 SUSE bug 1254712 SUSE bug 1254713 SUSE bug 1254714 SUSE bug 1254716 SUSE bug 1254723 SUSE bug 1254725 SUSE bug 1254728 SUSE bug 1254729 SUSE bug 1254743 SUSE bug 1254745 SUSE bug 1254751 SUSE bug 1254753 SUSE bug 1254754 SUSE bug 1254756 SUSE bug 1254759 SUSE bug 1254763 SUSE bug 1254775 SUSE bug 1254780 SUSE bug 1254781 SUSE bug 1254782 SUSE bug 1254783 SUSE bug 1254785 SUSE bug 1254786 SUSE bug 1254788 SUSE bug 1254789 SUSE bug 1254792 SUSE bug 1254813 SUSE bug 1254843 SUSE bug 1254847 SUSE bug 1254851 SUSE bug 1254894 SUSE bug 1254902 SUSE bug 1254910 SUSE bug 1254911 SUSE bug 1254915 SUSE bug 1254916 SUSE bug 1254917 SUSE bug 1254920 SUSE bug 1254922 SUSE bug 1254958 SUSE bug 1254959 SUSE bug 1254974 SUSE bug 1254979 SUSE bug 1254986 SUSE bug 1254994 SUSE bug 1255002 SUSE bug 1255005 SUSE bug 1255007 SUSE bug 1255049 SUSE bug 1255060 SUSE bug 1255107 SUSE bug 1255163 SUSE bug 1255165 SUSE bug 1255245 SUSE bug 1255467 SUSE bug 1255469 SUSE bug 1255521 SUSE bug 1255528 SUSE bug 1255532 SUSE bug 1255546 SUSE bug 1255549 SUSE bug 1255554 SUSE bug 1255555 SUSE bug 1255558 SUSE bug 1255560 SUSE bug 1255561 SUSE bug 1255562 SUSE bug 1255565 SUSE bug 1255574 SUSE bug 1255576 SUSE bug 1255578 SUSE bug 1255582 SUSE bug 1255596 SUSE bug 1255600 SUSE bug 1255605 SUSE bug 1255607 SUSE bug 1255608 SUSE bug 1255609 SUSE bug 1255618 SUSE bug 1255619 SUSE bug 1255620 SUSE bug 1255623 SUSE bug 1255624 SUSE bug 1255626 SUSE bug 1255627 SUSE bug 1255628 SUSE bug 1255635 SUSE bug 1255636 SUSE bug 1255688 SUSE bug 1255690 SUSE bug 1255697 SUSE bug 1255702 SUSE bug 1255704 SUSE bug 1255745 SUSE bug 1255747 SUSE bug 1255749 SUSE bug 1255750 SUSE bug 1255757 SUSE bug 1255758 SUSE bug 1255760 SUSE bug 1255761 SUSE bug 1255762 SUSE bug 1255763 SUSE bug 1255769 SUSE bug 1255771 SUSE bug 1255773 SUSE bug 1255780 SUSE bug 1255786 SUSE bug 1255787 SUSE bug 1255789 SUSE bug 1255790 SUSE bug 1255791 SUSE bug 1255792 SUSE bug 1255796 SUSE bug 1255797 SUSE bug 1255800 SUSE bug 1255801 SUSE bug 1255802 SUSE bug 1255803 SUSE bug 1255804 SUSE bug 1255806 SUSE bug 1255808 SUSE bug 1255819 SUSE bug 1255839 SUSE bug 1255841 SUSE bug 1255843 SUSE bug 1255844 SUSE bug 1255872 SUSE bug 1255875 SUSE bug 1255876 SUSE bug 1255877 SUSE bug 1255878 SUSE bug 1255880 SUSE bug 1255881 SUSE bug 1255888 SUSE bug 1255889 SUSE bug 1255890 SUSE bug 1255899 SUSE bug 1255901 SUSE bug 1255902 SUSE bug 1255905 SUSE bug 1255906 SUSE bug 1255909 SUSE bug 1255910 SUSE bug 1255912 SUSE bug 1255916 SUSE bug 1255919 SUSE bug 1255920 SUSE bug 1255922 SUSE bug 1255924 SUSE bug 1255925 SUSE bug 1255939 SUSE bug 1255946 SUSE bug 1255950 SUSE bug 1255953 SUSE bug 1255954 SUSE bug 1255955 SUSE bug 1255962 SUSE bug 1255964 SUSE bug 1255968 SUSE bug 1255969 SUSE bug 1255970 SUSE bug 1255971 SUSE bug 1255974 SUSE bug 1255978 SUSE bug 1255979 SUSE bug 1255983 SUSE bug 1255985 SUSE bug 1255990 SUSE bug 1255993 SUSE bug 1255994 SUSE bug 1255996 SUSE bug 1255998 SUSE bug 1256034 SUSE bug 1256040 SUSE bug 1256042 SUSE bug 1256045 SUSE bug 1256046 SUSE bug 1256048 SUSE bug 1256049 SUSE bug 1256050 SUSE bug 1256053 SUSE bug 1256056 SUSE bug 1256057 SUSE bug 1256062 SUSE bug 1256063 SUSE bug 1256064 SUSE bug 1256065 SUSE bug 1256071 SUSE bug 1256074 SUSE bug 1256081 SUSE bug 1256084 SUSE bug 1256086 SUSE bug 1256088 SUSE bug 1256091 SUSE bug 1256093 SUSE bug 1256099 SUSE bug 1256101 SUSE bug 1256103 SUSE bug 1256106 SUSE bug 1256111 SUSE bug 1256112 SUSE bug 1256114 SUSE bug 1256115 SUSE bug 1256118 SUSE bug 1256119 SUSE bug 1256121 SUSE bug 1256122 SUSE bug 1256124 SUSE bug 1256125 SUSE bug 1256126 SUSE bug 1256127 SUSE bug 1256128 SUSE bug 1256130 SUSE bug 1256131 SUSE bug 1256132 SUSE bug 1256133 SUSE bug 1256136 SUSE bug 1256137 SUSE bug 1256140 SUSE bug 1256141 SUSE bug 1256142 SUSE bug 1256143 SUSE bug 1256144 SUSE bug 1256145 SUSE bug 1256149 SUSE bug 1256150 SUSE bug 1256152 SUSE bug 1256154 SUSE bug 1256155 SUSE bug 1256157 SUSE bug 1256158 SUSE bug 1256162 SUSE bug 1256164 SUSE bug 1256165 SUSE bug 1256166 SUSE bug 1256167 SUSE bug 1256172 SUSE bug 1256173 SUSE bug 1256174 SUSE bug 1256177 SUSE bug 1256178 SUSE bug 1256179 SUSE bug 1256182 SUSE bug 1256184 SUSE bug 1256185 SUSE bug 1256186 SUSE bug 1256188 SUSE bug 1256189 SUSE bug 1256191 SUSE bug 1256192 SUSE bug 1256193 SUSE bug 1256194 SUSE bug 1256196 SUSE bug 1256198 SUSE bug 1256199 SUSE bug 1256200 SUSE bug 1256202 SUSE bug 1256203 SUSE bug 1256204 SUSE bug 1256205 SUSE bug 1256206 SUSE bug 1256207 SUSE bug 1256208 SUSE bug 1256211 SUSE bug 1256214 SUSE bug 1256215 SUSE bug 1256216 SUSE bug 1256218 SUSE bug 1256219 SUSE bug 1256220 SUSE bug 1256221 SUSE bug 1256223 SUSE bug 1256228 SUSE bug 1256230 SUSE bug 1256231 SUSE bug 1256235 SUSE bug 1256239 SUSE bug 1256241 SUSE bug 1256242 SUSE bug 1256245 SUSE bug 1256248 SUSE bug 1256250 SUSE bug 1256254 SUSE bug 1256260 SUSE bug 1256265 SUSE bug 1256269 SUSE bug 1256271 SUSE bug 1256274 SUSE bug 1256282 SUSE bug 1256285 SUSE bug 1256291 SUSE bug 1256294 SUSE bug 1256295 SUSE bug 1256300 SUSE bug 1256302 SUSE bug 1256306 SUSE bug 1256309 SUSE bug 1256317 SUSE bug 1256320 SUSE bug 1256323 SUSE bug 1256326 SUSE bug 1256328 SUSE bug 1256333 SUSE bug 1256334 SUSE bug 1256335 SUSE bug 1256337 SUSE bug 1256338 SUSE bug 1256344 SUSE bug 1256346 SUSE bug 1256349 SUSE bug 1256352 SUSE bug 1256353 SUSE bug 1256355 SUSE bug 1256358 SUSE bug 1256359 SUSE bug 1256363 SUSE bug 1256364 SUSE bug 1256368 SUSE bug 1256370 SUSE bug 1256375 SUSE bug 1256381 SUSE bug 1256382 SUSE bug 1256383 SUSE bug 1256384 SUSE bug 1256386 SUSE bug 1256388 SUSE bug 1256391 SUSE bug 1256394 SUSE bug 1256395 SUSE bug 1256396 SUSE bug 1256397 SUSE bug 1256398 SUSE bug 1256423 SUSE bug 1256426 SUSE bug 1256432 CVE-2022-0854 at SUSE CVE-2022-0854 at NVD CVE-2022-48853 at SUSE CVE-2022-48853 at NVD CVE-2022-50614 at SUSE CVE-2022-50614 at NVD CVE-2022-50615 at SUSE CVE-2022-50615 at NVD CVE-2022-50617 at SUSE CVE-2022-50617 at NVD CVE-2022-50618 at SUSE CVE-2022-50618 at NVD CVE-2022-50619 at SUSE CVE-2022-50619 at NVD CVE-2022-50621 at SUSE CVE-2022-50621 at NVD CVE-2022-50622 at SUSE CVE-2022-50622 at NVD CVE-2022-50623 at SUSE CVE-2022-50623 at NVD CVE-2022-50625 at SUSE CVE-2022-50625 at NVD CVE-2022-50626 at SUSE CVE-2022-50626 at NVD CVE-2022-50629 at SUSE CVE-2022-50629 at NVD CVE-2022-50630 at SUSE CVE-2022-50630 at NVD CVE-2022-50633 at SUSE CVE-2022-50633 at NVD CVE-2022-50635 at SUSE CVE-2022-50635 at NVD CVE-2022-50636 at SUSE CVE-2022-50636 at NVD CVE-2022-50638 at SUSE CVE-2022-50638 at NVD CVE-2022-50640 at SUSE CVE-2022-50640 at NVD CVE-2022-50641 at SUSE CVE-2022-50641 at NVD CVE-2022-50643 at SUSE CVE-2022-50643 at NVD CVE-2022-50644 at SUSE CVE-2022-50644 at NVD CVE-2022-50646 at SUSE CVE-2022-50646 at NVD CVE-2022-50649 at SUSE CVE-2022-50649 at NVD CVE-2022-50652 at SUSE CVE-2022-50652 at NVD CVE-2022-50653 at SUSE CVE-2022-50653 at NVD CVE-2022-50656 at SUSE CVE-2022-50656 at NVD CVE-2022-50658 at SUSE CVE-2022-50658 at NVD CVE-2022-50660 at SUSE CVE-2022-50660 at NVD CVE-2022-50661 at SUSE CVE-2022-50661 at NVD CVE-2022-50662 at SUSE CVE-2022-50662 at NVD CVE-2022-50664 at SUSE CVE-2022-50664 at NVD CVE-2022-50665 at SUSE CVE-2022-50665 at NVD CVE-2022-50666 at SUSE CVE-2022-50666 at NVD CVE-2022-50667 at SUSE CVE-2022-50667 at NVD CVE-2022-50668 at SUSE CVE-2022-50668 at NVD CVE-2022-50669 at SUSE CVE-2022-50669 at NVD CVE-2022-50670 at SUSE CVE-2022-50670 at NVD CVE-2022-50671 at SUSE CVE-2022-50671 at NVD CVE-2022-50672 at SUSE CVE-2022-50672 at NVD CVE-2022-50673 at SUSE CVE-2022-50673 at NVD CVE-2022-50675 at SUSE CVE-2022-50675 at NVD CVE-2022-50677 at SUSE CVE-2022-50677 at NVD CVE-2022-50678 at SUSE CVE-2022-50678 at NVD CVE-2022-50679 at SUSE CVE-2022-50679 at NVD CVE-2022-50698 at SUSE CVE-2022-50698 at NVD CVE-2022-50699 at SUSE CVE-2022-50699 at NVD CVE-2022-50700 at SUSE CVE-2022-50700 at NVD CVE-2022-50701 at SUSE CVE-2022-50701 at NVD CVE-2022-50702 at SUSE CVE-2022-50702 at NVD CVE-2022-50703 at SUSE CVE-2022-50703 at NVD CVE-2022-50704 at SUSE CVE-2022-50704 at NVD CVE-2022-50705 at SUSE CVE-2022-50705 at NVD CVE-2022-50709 at SUSE CVE-2022-50709 at NVD CVE-2022-50710 at SUSE CVE-2022-50710 at NVD CVE-2022-50712 at SUSE CVE-2022-50712 at NVD CVE-2022-50714 at SUSE CVE-2022-50714 at NVD CVE-2022-50715 at SUSE CVE-2022-50715 at NVD CVE-2022-50716 at SUSE CVE-2022-50716 at NVD CVE-2022-50717 at SUSE CVE-2022-50717 at NVD CVE-2022-50718 at SUSE CVE-2022-50718 at NVD CVE-2022-50719 at SUSE CVE-2022-50719 at NVD CVE-2022-50722 at SUSE CVE-2022-50722 at NVD CVE-2022-50723 at SUSE CVE-2022-50723 at NVD CVE-2022-50724 at SUSE CVE-2022-50724 at NVD CVE-2022-50726 at SUSE CVE-2022-50726 at NVD CVE-2022-50727 at SUSE CVE-2022-50727 at NVD CVE-2022-50728 at SUSE CVE-2022-50728 at NVD CVE-2022-50730 at SUSE CVE-2022-50730 at NVD CVE-2022-50731 at SUSE CVE-2022-50731 at NVD CVE-2022-50732 at SUSE CVE-2022-50732 at NVD CVE-2022-50733 at SUSE CVE-2022-50733 at NVD CVE-2022-50735 at SUSE CVE-2022-50735 at NVD CVE-2022-50736 at SUSE CVE-2022-50736 at NVD CVE-2022-50738 at SUSE CVE-2022-50738 at NVD CVE-2022-50740 at SUSE CVE-2022-50740 at NVD CVE-2022-50742 at SUSE CVE-2022-50742 at NVD CVE-2022-50744 at SUSE CVE-2022-50744 at NVD CVE-2022-50745 at SUSE CVE-2022-50745 at NVD CVE-2022-50747 at SUSE CVE-2022-50747 at NVD CVE-2022-50749 at SUSE CVE-2022-50749 at NVD CVE-2022-50750 at SUSE CVE-2022-50750 at NVD CVE-2022-50751 at SUSE CVE-2022-50751 at NVD CVE-2022-50752 at SUSE CVE-2022-50752 at NVD CVE-2022-50754 at SUSE CVE-2022-50754 at NVD CVE-2022-50755 at SUSE CVE-2022-50755 at NVD CVE-2022-50756 at SUSE CVE-2022-50756 at NVD CVE-2022-50757 at SUSE CVE-2022-50757 at NVD CVE-2022-50758 at SUSE CVE-2022-50758 at NVD CVE-2022-50760 at SUSE CVE-2022-50760 at NVD CVE-2022-50761 at SUSE CVE-2022-50761 at NVD CVE-2022-50763 at SUSE CVE-2022-50763 at NVD CVE-2022-50767 at SUSE CVE-2022-50767 at NVD CVE-2022-50768 at SUSE CVE-2022-50768 at NVD CVE-2022-50769 at SUSE CVE-2022-50769 at NVD CVE-2022-50770 at SUSE CVE-2022-50770 at NVD CVE-2022-50773 at SUSE CVE-2022-50773 at NVD CVE-2022-50774 at SUSE CVE-2022-50774 at NVD CVE-2022-50776 at SUSE CVE-2022-50776 at NVD CVE-2022-50777 at SUSE CVE-2022-50777 at NVD CVE-2022-50779 at SUSE CVE-2022-50779 at NVD CVE-2022-50781 at SUSE CVE-2022-50781 at NVD CVE-2022-50782 at SUSE CVE-2022-50782 at NVD CVE-2022-50809 at SUSE CVE-2022-50809 at NVD CVE-2022-50814 at SUSE CVE-2022-50814 at NVD CVE-2022-50818 at SUSE CVE-2022-50818 at NVD CVE-2022-50819 at SUSE CVE-2022-50819 at NVD CVE-2022-50821 at SUSE CVE-2022-50821 at NVD CVE-2022-50822 at SUSE CVE-2022-50822 at NVD CVE-2022-50823 at SUSE CVE-2022-50823 at NVD CVE-2022-50824 at SUSE CVE-2022-50824 at NVD CVE-2022-50826 at SUSE CVE-2022-50826 at NVD CVE-2022-50827 at SUSE CVE-2022-50827 at NVD CVE-2022-50828 at SUSE CVE-2022-50828 at NVD CVE-2022-50829 at SUSE CVE-2022-50829 at NVD CVE-2022-50830 at SUSE CVE-2022-50830 at NVD CVE-2022-50832 at SUSE CVE-2022-50832 at NVD CVE-2022-50833 at SUSE CVE-2022-50833 at NVD CVE-2022-50834 at SUSE CVE-2022-50834 at NVD CVE-2022-50835 at SUSE CVE-2022-50835 at NVD CVE-2022-50836 at SUSE CVE-2022-50836 at NVD CVE-2022-50838 at SUSE CVE-2022-50838 at NVD CVE-2022-50839 at SUSE CVE-2022-50839 at NVD CVE-2022-50840 at SUSE CVE-2022-50840 at NVD CVE-2022-50842 at SUSE CVE-2022-50842 at NVD CVE-2022-50843 at SUSE CVE-2022-50843 at NVD CVE-2022-50844 at SUSE CVE-2022-50844 at NVD CVE-2022-50845 at SUSE CVE-2022-50845 at NVD CVE-2022-50846 at SUSE CVE-2022-50846 at NVD CVE-2022-50847 at SUSE CVE-2022-50847 at NVD CVE-2022-50848 at SUSE CVE-2022-50848 at NVD CVE-2022-50849 at SUSE CVE-2022-50849 at NVD CVE-2022-50850 at SUSE CVE-2022-50850 at NVD CVE-2022-50851 at SUSE CVE-2022-50851 at NVD CVE-2022-50853 at SUSE CVE-2022-50853 at NVD CVE-2022-50856 at SUSE CVE-2022-50856 at NVD CVE-2022-50858 at SUSE CVE-2022-50858 at NVD CVE-2022-50859 at SUSE CVE-2022-50859 at NVD CVE-2022-50860 at SUSE CVE-2022-50860 at NVD CVE-2022-50861 at SUSE CVE-2022-50861 at NVD CVE-2022-50862 at SUSE CVE-2022-50862 at NVD CVE-2022-50864 at SUSE CVE-2022-50864 at NVD CVE-2022-50866 at SUSE CVE-2022-50866 at NVD CVE-2022-50867 at SUSE CVE-2022-50867 at NVD CVE-2022-50868 at SUSE CVE-2022-50868 at NVD CVE-2022-50870 at SUSE CVE-2022-50870 at NVD CVE-2022-50872 at SUSE CVE-2022-50872 at NVD CVE-2022-50873 at SUSE CVE-2022-50873 at NVD CVE-2022-50876 at SUSE CVE-2022-50876 at NVD CVE-2022-50878 at SUSE CVE-2022-50878 at NVD CVE-2022-50880 at SUSE CVE-2022-50880 at NVD CVE-2022-50881 at SUSE CVE-2022-50881 at NVD CVE-2022-50882 at SUSE CVE-2022-50882 at NVD CVE-2022-50883 at SUSE CVE-2022-50883 at NVD CVE-2022-50884 at SUSE CVE-2022-50884 at NVD CVE-2022-50885 at SUSE CVE-2022-50885 at NVD CVE-2022-50886 at SUSE CVE-2022-50886 at NVD CVE-2022-50887 at SUSE CVE-2022-50887 at NVD CVE-2022-50888 at SUSE CVE-2022-50888 at NVD CVE-2022-50889 at SUSE CVE-2022-50889 at NVD CVE-2023-23559 at SUSE CVE-2023-23559 at NVD CVE-2023-53254 at SUSE CVE-2023-53254 at NVD CVE-2023-53743 at SUSE CVE-2023-53743 at NVD CVE-2023-53744 at SUSE CVE-2023-53744 at NVD CVE-2023-53746 at SUSE CVE-2023-53746 at NVD CVE-2023-53747 at SUSE CVE-2023-53747 at NVD CVE-2023-53751 at SUSE CVE-2023-53751 at NVD CVE-2023-53753 at SUSE CVE-2023-53753 at NVD CVE-2023-53754 at SUSE CVE-2023-53754 at NVD CVE-2023-53755 at SUSE CVE-2023-53755 at NVD CVE-2023-53761 at SUSE CVE-2023-53761 at NVD CVE-2023-53766 at SUSE CVE-2023-53766 at NVD CVE-2023-53769 at SUSE CVE-2023-53769 at NVD CVE-2023-53780 at SUSE CVE-2023-53780 at NVD CVE-2023-53781 at SUSE CVE-2023-53781 at NVD CVE-2023-53783 at SUSE CVE-2023-53783 at NVD CVE-2023-53786 at SUSE CVE-2023-53786 at NVD CVE-2023-53788 at SUSE CVE-2023-53788 at NVD CVE-2023-53792 at SUSE CVE-2023-53792 at NVD CVE-2023-53794 at SUSE CVE-2023-53794 at NVD CVE-2023-53801 at SUSE CVE-2023-53801 at NVD CVE-2023-53802 at SUSE CVE-2023-53802 at NVD CVE-2023-53803 at SUSE CVE-2023-53803 at NVD CVE-2023-53804 at SUSE CVE-2023-53804 at NVD CVE-2023-53806 at SUSE CVE-2023-53806 at NVD CVE-2023-53808 at SUSE CVE-2023-53808 at NVD CVE-2023-53811 at SUSE CVE-2023-53811 at NVD CVE-2023-53814 at SUSE CVE-2023-53814 at NVD CVE-2023-53816 at SUSE CVE-2023-53816 at NVD CVE-2023-53818 at SUSE CVE-2023-53818 at NVD CVE-2023-53819 at SUSE CVE-2023-53819 at NVD CVE-2023-53820 at SUSE CVE-2023-53820 at NVD CVE-2023-53827 at SUSE CVE-2023-53827 at NVD CVE-2023-53828 at SUSE CVE-2023-53828 at NVD CVE-2023-53830 at SUSE CVE-2023-53830 at NVD CVE-2023-53832 at SUSE CVE-2023-53832 at NVD CVE-2023-53833 at SUSE CVE-2023-53833 at NVD CVE-2023-53834 at SUSE CVE-2023-53834 at NVD CVE-2023-53837 at SUSE CVE-2023-53837 at NVD CVE-2023-53840 at SUSE CVE-2023-53840 at NVD CVE-2023-53842 at SUSE CVE-2023-53842 at NVD CVE-2023-53844 at SUSE CVE-2023-53844 at NVD CVE-2023-53845 at SUSE CVE-2023-53845 at NVD CVE-2023-53847 at SUSE CVE-2023-53847 at NVD CVE-2023-53848 at SUSE CVE-2023-53848 at NVD CVE-2023-53849 at SUSE CVE-2023-53849 at NVD CVE-2023-53850 at SUSE CVE-2023-53850 at NVD CVE-2023-53852 at SUSE CVE-2023-53852 at NVD CVE-2023-53858 at SUSE CVE-2023-53858 at NVD CVE-2023-53860 at SUSE CVE-2023-53860 at NVD CVE-2023-53862 at SUSE CVE-2023-53862 at NVD CVE-2023-53864 at SUSE CVE-2023-53864 at NVD CVE-2023-53866 at SUSE CVE-2023-53866 at NVD CVE-2023-53989 at SUSE CVE-2023-53989 at NVD CVE-2023-53990 at SUSE CVE-2023-53990 at NVD CVE-2023-53991 at SUSE CVE-2023-53991 at NVD CVE-2023-53996 at SUSE CVE-2023-53996 at NVD CVE-2023-53998 at SUSE CVE-2023-53998 at NVD CVE-2023-54001 at SUSE CVE-2023-54001 at NVD CVE-2023-54003 at SUSE CVE-2023-54003 at NVD CVE-2023-54007 at SUSE CVE-2023-54007 at NVD CVE-2023-54009 at SUSE CVE-2023-54009 at NVD CVE-2023-54010 at SUSE CVE-2023-54010 at NVD CVE-2023-54014 at SUSE CVE-2023-54014 at NVD CVE-2023-54015 at SUSE CVE-2023-54015 at NVD CVE-2023-54017 at SUSE CVE-2023-54017 at NVD CVE-2023-54018 at SUSE CVE-2023-54018 at NVD CVE-2023-54019 at SUSE CVE-2023-54019 at NVD CVE-2023-54020 at SUSE CVE-2023-54020 at NVD CVE-2023-54021 at SUSE CVE-2023-54021 at NVD CVE-2023-54024 at SUSE CVE-2023-54024 at NVD CVE-2023-54025 at SUSE CVE-2023-54025 at NVD CVE-2023-54026 at SUSE CVE-2023-54026 at NVD CVE-2023-54028 at SUSE CVE-2023-54028 at NVD CVE-2023-54036 at SUSE CVE-2023-54036 at NVD CVE-2023-54039 at SUSE CVE-2023-54039 at NVD CVE-2023-54040 at SUSE CVE-2023-54040 at NVD CVE-2023-54041 at SUSE CVE-2023-54041 at NVD CVE-2023-54042 at SUSE CVE-2023-54042 at NVD CVE-2023-54044 at SUSE CVE-2023-54044 at NVD CVE-2023-54045 at SUSE CVE-2023-54045 at NVD CVE-2023-54046 at SUSE CVE-2023-54046 at NVD CVE-2023-54047 at SUSE CVE-2023-54047 at NVD CVE-2023-54048 at SUSE CVE-2023-54048 at NVD CVE-2023-54049 at SUSE CVE-2023-54049 at NVD CVE-2023-54050 at SUSE CVE-2023-54050 at NVD CVE-2023-54051 at SUSE CVE-2023-54051 at NVD CVE-2023-54053 at SUSE CVE-2023-54053 at NVD CVE-2023-54055 at SUSE CVE-2023-54055 at NVD CVE-2023-54057 at SUSE CVE-2023-54057 at NVD CVE-2023-54058 at SUSE CVE-2023-54058 at NVD CVE-2023-54064 at SUSE CVE-2023-54064 at NVD CVE-2023-54070 at SUSE CVE-2023-54070 at NVD CVE-2023-54072 at SUSE CVE-2023-54072 at NVD CVE-2023-54074 at SUSE CVE-2023-54074 at NVD CVE-2023-54076 at SUSE CVE-2023-54076 at NVD CVE-2023-54078 at SUSE CVE-2023-54078 at NVD CVE-2023-54079 at SUSE CVE-2023-54079 at NVD CVE-2023-54083 at SUSE CVE-2023-54083 at NVD CVE-2023-54084 at SUSE CVE-2023-54084 at NVD CVE-2023-54090 at SUSE CVE-2023-54090 at NVD CVE-2023-54091 at SUSE CVE-2023-54091 at NVD CVE-2023-54092 at SUSE CVE-2023-54092 at NVD CVE-2023-54095 at SUSE CVE-2023-54095 at NVD CVE-2023-54096 at SUSE CVE-2023-54096 at NVD CVE-2023-54097 at SUSE CVE-2023-54097 at NVD CVE-2023-54098 at SUSE CVE-2023-54098 at NVD CVE-2023-54100 at SUSE CVE-2023-54100 at NVD CVE-2023-54102 at SUSE CVE-2023-54102 at NVD CVE-2023-54104 at SUSE CVE-2023-54104 at NVD CVE-2023-54106 at SUSE CVE-2023-54106 at NVD CVE-2023-54107 at SUSE CVE-2023-54107 at NVD CVE-2023-54108 at SUSE CVE-2023-54108 at NVD CVE-2023-54110 at SUSE CVE-2023-54110 at NVD CVE-2023-54111 at SUSE CVE-2023-54111 at NVD CVE-2023-54114 at SUSE CVE-2023-54114 at NVD CVE-2023-54115 at SUSE CVE-2023-54115 at NVD CVE-2023-54116 at SUSE CVE-2023-54116 at NVD CVE-2023-54118 at SUSE CVE-2023-54118 at NVD CVE-2023-54119 at SUSE CVE-2023-54119 at NVD CVE-2023-54120 at SUSE CVE-2023-54120 at NVD CVE-2023-54122 at SUSE CVE-2023-54122 at NVD CVE-2023-54123 at SUSE CVE-2023-54123 at NVD CVE-2023-54126 at SUSE CVE-2023-54126 at NVD CVE-2023-54127 at SUSE CVE-2023-54127 at NVD CVE-2023-54128 at SUSE CVE-2023-54128 at NVD CVE-2023-54130 at SUSE CVE-2023-54130 at NVD CVE-2023-54131 at SUSE CVE-2023-54131 at NVD CVE-2023-54132 at SUSE CVE-2023-54132 at NVD CVE-2023-54134 at SUSE CVE-2023-54134 at NVD CVE-2023-54136 at SUSE CVE-2023-54136 at NVD CVE-2023-54138 at SUSE CVE-2023-54138 at NVD CVE-2023-54140 at SUSE CVE-2023-54140 at NVD CVE-2023-54144 at SUSE CVE-2023-54144 at NVD CVE-2023-54146 at SUSE CVE-2023-54146 at NVD CVE-2023-54148 at SUSE CVE-2023-54148 at NVD CVE-2023-54150 at SUSE CVE-2023-54150 at NVD CVE-2023-54153 at SUSE CVE-2023-54153 at NVD CVE-2023-54156 at SUSE CVE-2023-54156 at NVD CVE-2023-54159 at SUSE CVE-2023-54159 at NVD CVE-2023-54164 at SUSE CVE-2023-54164 at NVD CVE-2023-54166 at SUSE CVE-2023-54166 at NVD CVE-2023-54168 at SUSE CVE-2023-54168 at NVD CVE-2023-54169 at SUSE CVE-2023-54169 at NVD CVE-2023-54170 at SUSE CVE-2023-54170 at NVD CVE-2023-54171 at SUSE CVE-2023-54171 at NVD CVE-2023-54173 at SUSE CVE-2023-54173 at NVD CVE-2023-54175 at SUSE CVE-2023-54175 at NVD CVE-2023-54177 at SUSE CVE-2023-54177 at NVD CVE-2023-54179 at SUSE CVE-2023-54179 at NVD CVE-2023-54183 at SUSE CVE-2023-54183 at NVD CVE-2023-54186 at SUSE CVE-2023-54186 at NVD CVE-2023-54189 at SUSE CVE-2023-54189 at NVD CVE-2023-54190 at SUSE CVE-2023-54190 at NVD CVE-2023-54194 at SUSE CVE-2023-54194 at NVD CVE-2023-54197 at SUSE CVE-2023-54197 at NVD CVE-2023-54198 at SUSE CVE-2023-54198 at NVD CVE-2023-54199 at SUSE CVE-2023-54199 at NVD CVE-2023-54201 at SUSE CVE-2023-54201 at NVD CVE-2023-54202 at SUSE CVE-2023-54202 at NVD CVE-2023-54205 at SUSE CVE-2023-54205 at NVD CVE-2023-54208 at SUSE CVE-2023-54208 at NVD CVE-2023-54210 at SUSE CVE-2023-54210 at NVD CVE-2023-54211 at SUSE CVE-2023-54211 at NVD CVE-2023-54213 at SUSE CVE-2023-54213 at NVD CVE-2023-54214 at SUSE CVE-2023-54214 at NVD CVE-2023-54219 at SUSE CVE-2023-54219 at NVD CVE-2023-54226 at SUSE CVE-2023-54226 at NVD CVE-2023-54229 at SUSE CVE-2023-54229 at NVD CVE-2023-54230 at SUSE CVE-2023-54230 at NVD CVE-2023-54234 at SUSE CVE-2023-54234 at NVD CVE-2023-54236 at SUSE CVE-2023-54236 at NVD CVE-2023-54238 at SUSE CVE-2023-54238 at NVD CVE-2023-54242 at SUSE CVE-2023-54242 at NVD CVE-2023-54244 at SUSE CVE-2023-54244 at NVD CVE-2023-54245 at SUSE CVE-2023-54245 at NVD CVE-2023-54251 at SUSE CVE-2023-54251 at NVD CVE-2023-54252 at SUSE CVE-2023-54252 at NVD CVE-2023-54254 at SUSE CVE-2023-54254 at NVD CVE-2023-54260 at SUSE CVE-2023-54260 at NVD CVE-2023-54262 at SUSE CVE-2023-54262 at NVD CVE-2023-54264 at SUSE CVE-2023-54264 at NVD CVE-2023-54266 at SUSE CVE-2023-54266 at NVD CVE-2023-54267 at SUSE CVE-2023-54267 at NVD CVE-2023-54269 at SUSE CVE-2023-54269 at NVD CVE-2023-54270 at SUSE CVE-2023-54270 at NVD CVE-2023-54271 at SUSE CVE-2023-54271 at NVD CVE-2023-54274 at SUSE CVE-2023-54274 at NVD CVE-2023-54275 at SUSE CVE-2023-54275 at NVD CVE-2023-54277 at SUSE CVE-2023-54277 at NVD CVE-2023-54280 at SUSE CVE-2023-54280 at NVD CVE-2023-54284 at SUSE CVE-2023-54284 at NVD CVE-2023-54286 at SUSE CVE-2023-54286 at NVD CVE-2023-54287 at SUSE CVE-2023-54287 at NVD CVE-2023-54289 at SUSE CVE-2023-54289 at NVD CVE-2023-54292 at SUSE CVE-2023-54292 at NVD CVE-2023-54293 at SUSE CVE-2023-54293 at NVD CVE-2023-54294 at SUSE CVE-2023-54294 at NVD CVE-2023-54295 at SUSE CVE-2023-54295 at NVD CVE-2023-54298 at SUSE CVE-2023-54298 at NVD CVE-2023-54299 at SUSE CVE-2023-54299 at NVD CVE-2023-54300 at SUSE CVE-2023-54300 at NVD CVE-2023-54301 at SUSE CVE-2023-54301 at NVD CVE-2023-54302 at SUSE CVE-2023-54302 at NVD CVE-2023-54304 at SUSE CVE-2023-54304 at NVD CVE-2023-54305 at SUSE CVE-2023-54305 at NVD CVE-2023-54309 at SUSE CVE-2023-54309 at NVD CVE-2023-54311 at SUSE CVE-2023-54311 at NVD CVE-2023-54315 at SUSE CVE-2023-54315 at NVD CVE-2023-54317 at SUSE CVE-2023-54317 at NVD CVE-2023-54319 at SUSE CVE-2023-54319 at NVD CVE-2023-54320 at SUSE CVE-2023-54320 at NVD CVE-2023-54321 at SUSE CVE-2023-54321 at NVD CVE-2023-54322 at SUSE CVE-2023-54322 at NVD CVE-2023-54325 at SUSE CVE-2023-54325 at NVD CVE-2023-54326 at SUSE CVE-2023-54326 at NVD CVE-2024-36933 at SUSE CVE-2024-36933 at NVD CVE-2024-53093 at SUSE CVE-2024-53093 at NVD CVE-2024-56590 at SUSE CVE-2024-56590 at NVD CVE-2025-39977 at SUSE CVE-2025-39977 at NVD CVE-2025-40019 at SUSE CVE-2025-40019 at NVD CVE-2025-40139 at SUSE CVE-2025-40139 at NVD CVE-2025-40215 at SUSE CVE-2025-40215 at NVD CVE-2025-40220 at SUSE CVE-2025-40220 at NVD CVE-2025-40233 at SUSE CVE-2025-40233 at NVD CVE-2025-40256 at SUSE CVE-2025-40256 at NVD CVE-2025-40258 at SUSE CVE-2025-40258 at NVD CVE-2025-40277 at SUSE CVE-2025-40277 at NVD CVE-2025-40280 at SUSE CVE-2025-40280 at NVD CVE-2025-40331 at SUSE CVE-2025-40331 at NVD CVE-2025-68218 at SUSE CVE-2025-68218 at NVD CVE-2025-68732 at SUSE CVE-2025-68732 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service (bsc#1254997) - CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response (bsc#1254400) - CVE-2025-13837: Fixed plistlib module denial of service (bsc#1254401) Moderate SUSE bug 1254400 SUSE bug 1254401 SUSE bug 1254997 CVE-2025-12084 at SUSE CVE-2025-12084 at NVD CVE-2025-13836 at SUSE CVE-2025-13836 at NVD CVE-2025-13837 at SUSE CVE-2025-13837 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openvswitch3 (Important) SUSE Linux Enterprise Micro 5.5 This update for openvswitch3 fixes the following issues: Update to v3.1.7: - CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload (bsc#1219465). - CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service (bsc#1255435). - CVE-2023-1668: openvswitch: remote traffic denial of service via crafted packets with IP proto 0 (bsc#1210054). - CVE-2023-3153: openvswitch,openvswitch3: service monitor MAC flow is not rate limited (bsc#1212125). - CVE-2023-5366: openvswitch: missing masks on a final stage with ports trie (bsc#1216002). Important SUSE bug 1210054 SUSE bug 1212125 SUSE bug 1216002 SUSE bug 1219465 SUSE bug 1255435 CVE-2023-1668 at SUSE CVE-2023-1668 at NVD CVE-2023-3152 at SUSE CVE-2023-3152 at NVD CVE-2023-3153 at SUSE CVE-2023-3153 at NVD CVE-2023-3966 at SUSE CVE-2023-3966 at NVD CVE-2023-5366 at SUSE CVE-2023-5366 at NVD CVE-2024-2182 at SUSE CVE-2024-2182 at NVD CVE-2025-0650 at SUSE CVE-2025-0650 at NVD cpe:/o:suse:sle-micro:5.5 Security update for xen (Moderate) SUSE Linux Enterprise Micro 5.5 This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing (XSA-477) (bsc#1256745) - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation (XSA-479) (bsc#1256747) Moderate SUSE bug 1256745 SUSE bug 1256747 CVE-2025-58150 at SUSE CVE-2025-58150 at NVD CVE-2026-23553 at SUSE CVE-2026-23553 at NVD cpe:/o:suse:sle-micro:5.5 Recommended update for kernel-firmware (Important) SUSE Linux Enterprise Micro 5.5 This update for kernel-firmware fixes the following issues: - Update AMD ucode to 20251203 (bsc#1256483) Important SUSE bug 1256483 cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlb_handle_userfault (bsc#1254785). - CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576). - CVE-2023-53254: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels (bsc#1249871). - CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254751). - CVE-2024-56590: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (bsc#1235038). - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046). - CVE-2025-40019: crypto: essiv - Check ssize for decryption and in-place encryption (bsc#1252678). - CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409). - CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959). - CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520). - CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813). - CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843). - CVE-2025-40277: drm/vmwgfx: Validate command header size against (bsc#1254894). - CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847). - CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615). - CVE-2025-68732: gpu: host1x: Fix race in syncpt alloc/free (bsc#1255688). The following non security issues were fixed: - ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes). - ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes). - ACPI: property: Do not pass NULL handles to acpi_attach_data() (git-fixes). - ACPI: property: Fix buffer properties extraction for subnodes (git-fixes). - KVM: SVM: Fix TSC_AUX virtualization setup (git-fixes). - RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes). - RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes). - RDMA/hns: Fix the modification of max_send_sge (git-fixes). - RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes). - RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes). - RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes). - RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes). - RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes). - RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes). - RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes). - RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes). - RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes). - arch/idle: Change arch_cpu_idle() behavior: always exit with IRQs disabled (git-fixes). - cpuidle/poll: Ensure IRQs stay disabled after cpuidle_state::enter() calls (git-fixes). - cpuidle: Move IRQ state validation (git-fixes). - cpuidle: haltpoll: Do not enable interrupts when entering idle (git-fixes). - dm: free table mempools if not used in __bind (git-fixes). - padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563). - platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). - x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes). - x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes). - x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes). - x86/tdx: Drop flags from __tdx_hypercall() (git-fixes). - x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes). - x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes). - x86/tdx: Extend TDX_MODULE_CALL to support more TDCALL/SEAMCALL leafs (git-fixes). - x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes). - x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes). - x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes). - x86/tdx: Make TDX_HYPERCALL asm similar to TDX_MODULE_CALL (git-fixes). - x86/tdx: Make macros of TDCALLs consistent with the spec (git-fixes). - x86/tdx: Pass TDCALL/SEAMCALL input/output registers via a structure (git-fixes). - x86/tdx: Reimplement __tdx_hypercall() using TDX_MODULE_CALL asm (git-fixes). - x86/tdx: Remove 'struct tdx_hypercall_args' (git-fixes). - x86/tdx: Remove TDX_HCALL_ISSUE_STI (git-fixes). - x86/tdx: Rename __tdx_module_call() to __tdcall() (git-fixes). - x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes). - x86/tdx: Retry partially-completed page conversion hypercalls (git-fixes). - x86/tdx: Skip saving output regs when SEAMCALL fails with VMFailInvalid (git-fixes). - x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro (git-fixes). - x86/virt/tdx: Make TDX_MODULE_CALL handle SEAMCALL #UD and #GP (git-fixes). - x86/virt/tdx: Wire up basic SEAMCALL functions (git-fixes). - xfs: fix sparse inode limits on runt AG (bsc#1254392). Important SUSE bug 1065729 SUSE bug 1193629 SUSE bug 1194869 SUSE bug 1196823 SUSE bug 1204957 SUSE bug 1205567 SUSE bug 1206451 SUSE bug 1206843 SUSE bug 1206889 SUSE bug 1207051 SUSE bug 1207088 SUSE bug 1207315 SUSE bug 1207611 SUSE bug 1207620 SUSE bug 1207622 SUSE bug 1207636 SUSE bug 1207644 SUSE bug 1207646 SUSE bug 1207652 SUSE bug 1207653 SUSE bug 1208570 SUSE bug 1208758 SUSE bug 1209799 SUSE bug 1209980 SUSE bug 1210644 SUSE bug 1210817 SUSE bug 1210943 SUSE bug 1211690 SUSE bug 1213025 SUSE bug 1213032 SUSE bug 1213093 SUSE bug 1213105 SUSE bug 1213110 SUSE bug 1213111 SUSE bug 1213653 SUSE bug 1213747 SUSE bug 1213867 SUSE bug 1214635 SUSE bug 1214940 SUSE bug 1214962 SUSE bug 1214986 SUSE bug 1214990 SUSE bug 1216062 SUSE bug 1224573 SUSE bug 1225832 SUSE bug 1226797 SUSE bug 1226846 SUSE bug 1228015 SUSE bug 1233640 SUSE bug 1235038 SUSE bug 1237563 SUSE bug 1249871 SUSE bug 1252046 SUSE bug 1252678 SUSE bug 1253409 SUSE bug 1254392 SUSE bug 1254520 SUSE bug 1254559 SUSE bug 1254562 SUSE bug 1254572 SUSE bug 1254578 SUSE bug 1254580 SUSE bug 1254592 SUSE bug 1254601 SUSE bug 1254608 SUSE bug 1254609 SUSE bug 1254614 SUSE bug 1254615 SUSE bug 1254617 SUSE bug 1254623 SUSE bug 1254625 SUSE bug 1254626 SUSE bug 1254631 SUSE bug 1254632 SUSE bug 1254634 SUSE bug 1254644 SUSE bug 1254645 SUSE bug 1254649 SUSE bug 1254651 SUSE bug 1254653 SUSE bug 1254656 SUSE bug 1254658 SUSE bug 1254660 SUSE bug 1254664 SUSE bug 1254671 SUSE bug 1254674 SUSE bug 1254676 SUSE bug 1254677 SUSE bug 1254681 SUSE bug 1254684 SUSE bug 1254685 SUSE bug 1254686 SUSE bug 1254690 SUSE bug 1254692 SUSE bug 1254694 SUSE bug 1254696 SUSE bug 1254698 SUSE bug 1254699 SUSE bug 1254704 SUSE bug 1254706 SUSE bug 1254709 SUSE bug 1254710 SUSE bug 1254711 SUSE bug 1254712 SUSE bug 1254713 SUSE bug 1254714 SUSE bug 1254716 SUSE bug 1254723 SUSE bug 1254725 SUSE bug 1254728 SUSE bug 1254729 SUSE bug 1254743 SUSE bug 1254745 SUSE bug 1254751 SUSE bug 1254753 SUSE bug 1254754 SUSE bug 1254756 SUSE bug 1254759 SUSE bug 1254763 SUSE bug 1254775 SUSE bug 1254780 SUSE bug 1254781 SUSE bug 1254782 SUSE bug 1254783 SUSE bug 1254785 SUSE bug 1254786 SUSE bug 1254788 SUSE bug 1254789 SUSE bug 1254792 SUSE bug 1254813 SUSE bug 1254843 SUSE bug 1254847 SUSE bug 1254851 SUSE bug 1254894 SUSE bug 1254902 SUSE bug 1254910 SUSE bug 1254911 SUSE bug 1254915 SUSE bug 1254916 SUSE bug 1254917 SUSE bug 1254920 SUSE bug 1254922 SUSE bug 1254958 SUSE bug 1254959 SUSE bug 1254974 SUSE bug 1254979 SUSE bug 1254986 SUSE bug 1254994 SUSE bug 1255002 SUSE bug 1255005 SUSE bug 1255007 SUSE bug 1255049 SUSE bug 1255060 SUSE bug 1255107 SUSE bug 1255163 SUSE bug 1255165 SUSE bug 1255245 SUSE bug 1255467 SUSE bug 1255469 SUSE bug 1255521 SUSE bug 1255528 SUSE bug 1255532 SUSE bug 1255546 SUSE bug 1255549 SUSE bug 1255554 SUSE bug 1255555 SUSE bug 1255558 SUSE bug 1255560 SUSE bug 1255561 SUSE bug 1255562 SUSE bug 1255565 SUSE bug 1255574 SUSE bug 1255576 SUSE bug 1255578 SUSE bug 1255582 SUSE bug 1255596 SUSE bug 1255600 SUSE bug 1255605 SUSE bug 1255607 SUSE bug 1255608 SUSE bug 1255609 SUSE bug 1255618 SUSE bug 1255619 SUSE bug 1255620 SUSE bug 1255623 SUSE bug 1255624 SUSE bug 1255626 SUSE bug 1255627 SUSE bug 1255628 SUSE bug 1255635 SUSE bug 1255636 SUSE bug 1255688 SUSE bug 1255690 SUSE bug 1255697 SUSE bug 1255702 SUSE bug 1255704 SUSE bug 1255745 SUSE bug 1255747 SUSE bug 1255749 SUSE bug 1255750 SUSE bug 1255757 SUSE bug 1255758 SUSE bug 1255760 SUSE bug 1255761 SUSE bug 1255762 SUSE bug 1255763 SUSE bug 1255769 SUSE bug 1255771 SUSE bug 1255773 SUSE bug 1255780 SUSE bug 1255786 SUSE bug 1255787 SUSE bug 1255789 SUSE bug 1255790 SUSE bug 1255791 SUSE bug 1255792 SUSE bug 1255796 SUSE bug 1255797 SUSE bug 1255800 SUSE bug 1255801 SUSE bug 1255802 SUSE bug 1255803 SUSE bug 1255804 SUSE bug 1255806 SUSE bug 1255808 SUSE bug 1255819 SUSE bug 1255839 SUSE bug 1255841 SUSE bug 1255843 SUSE bug 1255844 SUSE bug 1255872 SUSE bug 1255875 SUSE bug 1255876 SUSE bug 1255877 SUSE bug 1255878 SUSE bug 1255880 SUSE bug 1255881 SUSE bug 1255888 SUSE bug 1255889 SUSE bug 1255890 SUSE bug 1255899 SUSE bug 1255901 SUSE bug 1255902 SUSE bug 1255905 SUSE bug 1255906 SUSE bug 1255909 SUSE bug 1255910 SUSE bug 1255912 SUSE bug 1255916 SUSE bug 1255919 SUSE bug 1255920 SUSE bug 1255922 SUSE bug 1255924 SUSE bug 1255925 SUSE bug 1255939 SUSE bug 1255946 SUSE bug 1255950 SUSE bug 1255953 SUSE bug 1255954 SUSE bug 1255955 SUSE bug 1255962 SUSE bug 1255964 SUSE bug 1255968 SUSE bug 1255969 SUSE bug 1255970 SUSE bug 1255971 SUSE bug 1255974 SUSE bug 1255978 SUSE bug 1255979 SUSE bug 1255983 SUSE bug 1255985 SUSE bug 1255990 SUSE bug 1255993 SUSE bug 1255994 SUSE bug 1255996 SUSE bug 1255998 SUSE bug 1256034 SUSE bug 1256040 SUSE bug 1256042 SUSE bug 1256045 SUSE bug 1256046 SUSE bug 1256048 SUSE bug 1256049 SUSE bug 1256050 SUSE bug 1256053 SUSE bug 1256056 SUSE bug 1256057 SUSE bug 1256062 SUSE bug 1256063 SUSE bug 1256064 SUSE bug 1256065 SUSE bug 1256071 SUSE bug 1256074 SUSE bug 1256081 SUSE bug 1256084 SUSE bug 1256086 SUSE bug 1256088 SUSE bug 1256091 SUSE bug 1256093 SUSE bug 1256099 SUSE bug 1256101 SUSE bug 1256103 SUSE bug 1256106 SUSE bug 1256111 SUSE bug 1256112 SUSE bug 1256114 SUSE bug 1256115 SUSE bug 1256118 SUSE bug 1256119 SUSE bug 1256121 SUSE bug 1256122 SUSE bug 1256124 SUSE bug 1256125 SUSE bug 1256126 SUSE bug 1256127 SUSE bug 1256128 SUSE bug 1256130 SUSE bug 1256131 SUSE bug 1256132 SUSE bug 1256133 SUSE bug 1256136 SUSE bug 1256137 SUSE bug 1256140 SUSE bug 1256141 SUSE bug 1256142 SUSE bug 1256143 SUSE bug 1256144 SUSE bug 1256145 SUSE bug 1256149 SUSE bug 1256150 SUSE bug 1256152 SUSE bug 1256154 SUSE bug 1256155 SUSE bug 1256157 SUSE bug 1256158 SUSE bug 1256162 SUSE bug 1256164 SUSE bug 1256165 SUSE bug 1256166 SUSE bug 1256167 SUSE bug 1256172 SUSE bug 1256173 SUSE bug 1256174 SUSE bug 1256177 SUSE bug 1256178 SUSE bug 1256179 SUSE bug 1256182 SUSE bug 1256184 SUSE bug 1256185 SUSE bug 1256186 SUSE bug 1256188 SUSE bug 1256189 SUSE bug 1256191 SUSE bug 1256192 SUSE bug 1256193 SUSE bug 1256194 SUSE bug 1256196 SUSE bug 1256198 SUSE bug 1256199 SUSE bug 1256200 SUSE bug 1256202 SUSE bug 1256203 SUSE bug 1256204 SUSE bug 1256205 SUSE bug 1256206 SUSE bug 1256207 SUSE bug 1256208 SUSE bug 1256211 SUSE bug 1256214 SUSE bug 1256215 SUSE bug 1256216 SUSE bug 1256218 SUSE bug 1256219 SUSE bug 1256220 SUSE bug 1256221 SUSE bug 1256223 SUSE bug 1256228 SUSE bug 1256230 SUSE bug 1256231 SUSE bug 1256235 SUSE bug 1256239 SUSE bug 1256241 SUSE bug 1256242 SUSE bug 1256245 SUSE bug 1256248 SUSE bug 1256250 SUSE bug 1256254 SUSE bug 1256260 SUSE bug 1256265 SUSE bug 1256269 SUSE bug 1256271 SUSE bug 1256274 SUSE bug 1256282 SUSE bug 1256285 SUSE bug 1256291 SUSE bug 1256294 SUSE bug 1256295 SUSE bug 1256300 SUSE bug 1256302 SUSE bug 1256306 SUSE bug 1256309 SUSE bug 1256317 SUSE bug 1256320 SUSE bug 1256323 SUSE bug 1256326 SUSE bug 1256328 SUSE bug 1256333 SUSE bug 1256334 SUSE bug 1256335 SUSE bug 1256337 SUSE bug 1256338 SUSE bug 1256344 SUSE bug 1256346 SUSE bug 1256349 SUSE bug 1256352 SUSE bug 1256353 SUSE bug 1256355 SUSE bug 1256358 SUSE bug 1256359 SUSE bug 1256363 SUSE bug 1256364 SUSE bug 1256368 SUSE bug 1256370 SUSE bug 1256375 SUSE bug 1256381 SUSE bug 1256382 SUSE bug 1256383 SUSE bug 1256384 SUSE bug 1256386 SUSE bug 1256388 SUSE bug 1256391 SUSE bug 1256394 SUSE bug 1256395 SUSE bug 1256396 SUSE bug 1256397 SUSE bug 1256398 SUSE bug 1256423 SUSE bug 1256426 SUSE bug 1256432 CVE-2022-0854 at SUSE CVE-2022-0854 at NVD CVE-2022-48853 at SUSE CVE-2022-48853 at NVD CVE-2022-50614 at SUSE CVE-2022-50614 at NVD CVE-2022-50615 at SUSE CVE-2022-50615 at NVD CVE-2022-50617 at SUSE CVE-2022-50617 at NVD CVE-2022-50618 at SUSE CVE-2022-50618 at NVD CVE-2022-50619 at SUSE CVE-2022-50619 at NVD CVE-2022-50621 at SUSE CVE-2022-50621 at NVD CVE-2022-50622 at SUSE CVE-2022-50622 at NVD CVE-2022-50623 at SUSE CVE-2022-50623 at NVD CVE-2022-50625 at SUSE CVE-2022-50625 at NVD CVE-2022-50626 at SUSE CVE-2022-50626 at NVD CVE-2022-50629 at SUSE CVE-2022-50629 at NVD CVE-2022-50630 at SUSE CVE-2022-50630 at NVD CVE-2022-50633 at SUSE CVE-2022-50633 at NVD CVE-2022-50635 at SUSE CVE-2022-50635 at NVD CVE-2022-50636 at SUSE CVE-2022-50636 at NVD CVE-2022-50638 at SUSE CVE-2022-50638 at NVD CVE-2022-50640 at SUSE CVE-2022-50640 at NVD CVE-2022-50641 at SUSE CVE-2022-50641 at NVD CVE-2022-50643 at SUSE CVE-2022-50643 at NVD CVE-2022-50644 at SUSE CVE-2022-50644 at NVD CVE-2022-50646 at SUSE CVE-2022-50646 at NVD CVE-2022-50649 at SUSE CVE-2022-50649 at NVD CVE-2022-50652 at SUSE CVE-2022-50652 at NVD CVE-2022-50653 at SUSE CVE-2022-50653 at NVD CVE-2022-50656 at SUSE CVE-2022-50656 at NVD CVE-2022-50658 at SUSE CVE-2022-50658 at NVD CVE-2022-50660 at SUSE CVE-2022-50660 at NVD CVE-2022-50661 at SUSE CVE-2022-50661 at NVD CVE-2022-50662 at SUSE CVE-2022-50662 at NVD CVE-2022-50664 at SUSE CVE-2022-50664 at NVD CVE-2022-50665 at SUSE CVE-2022-50665 at NVD CVE-2022-50666 at SUSE CVE-2022-50666 at NVD CVE-2022-50667 at SUSE CVE-2022-50667 at NVD CVE-2022-50668 at SUSE CVE-2022-50668 at NVD CVE-2022-50669 at SUSE CVE-2022-50669 at NVD CVE-2022-50670 at SUSE CVE-2022-50670 at NVD CVE-2022-50671 at SUSE CVE-2022-50671 at NVD CVE-2022-50672 at SUSE CVE-2022-50672 at NVD CVE-2022-50673 at SUSE CVE-2022-50673 at NVD CVE-2022-50675 at SUSE CVE-2022-50675 at NVD CVE-2022-50677 at SUSE CVE-2022-50677 at NVD CVE-2022-50678 at SUSE CVE-2022-50678 at NVD CVE-2022-50679 at SUSE CVE-2022-50679 at NVD CVE-2022-50698 at SUSE CVE-2022-50698 at NVD CVE-2022-50699 at SUSE CVE-2022-50699 at NVD CVE-2022-50700 at SUSE CVE-2022-50700 at NVD CVE-2022-50701 at SUSE CVE-2022-50701 at NVD CVE-2022-50702 at SUSE CVE-2022-50702 at NVD CVE-2022-50703 at SUSE CVE-2022-50703 at NVD CVE-2022-50704 at SUSE CVE-2022-50704 at NVD CVE-2022-50705 at SUSE CVE-2022-50705 at NVD CVE-2022-50709 at SUSE CVE-2022-50709 at NVD CVE-2022-50710 at SUSE CVE-2022-50710 at NVD CVE-2022-50712 at SUSE CVE-2022-50712 at NVD CVE-2022-50714 at SUSE CVE-2022-50714 at NVD CVE-2022-50715 at SUSE CVE-2022-50715 at NVD CVE-2022-50716 at SUSE CVE-2022-50716 at NVD CVE-2022-50717 at SUSE CVE-2022-50717 at NVD CVE-2022-50718 at SUSE CVE-2022-50718 at NVD CVE-2022-50719 at SUSE CVE-2022-50719 at NVD CVE-2022-50722 at SUSE CVE-2022-50722 at NVD CVE-2022-50723 at SUSE CVE-2022-50723 at NVD CVE-2022-50724 at SUSE CVE-2022-50724 at NVD CVE-2022-50726 at SUSE CVE-2022-50726 at NVD CVE-2022-50727 at SUSE CVE-2022-50727 at NVD CVE-2022-50728 at SUSE CVE-2022-50728 at NVD CVE-2022-50730 at SUSE CVE-2022-50730 at NVD CVE-2022-50731 at SUSE CVE-2022-50731 at NVD CVE-2022-50732 at SUSE CVE-2022-50732 at NVD CVE-2022-50733 at SUSE CVE-2022-50733 at NVD CVE-2022-50735 at SUSE CVE-2022-50735 at NVD CVE-2022-50736 at SUSE CVE-2022-50736 at NVD CVE-2022-50738 at SUSE CVE-2022-50738 at NVD CVE-2022-50740 at SUSE CVE-2022-50740 at NVD CVE-2022-50742 at SUSE CVE-2022-50742 at NVD CVE-2022-50744 at SUSE CVE-2022-50744 at NVD CVE-2022-50745 at SUSE CVE-2022-50745 at NVD CVE-2022-50747 at SUSE CVE-2022-50747 at NVD CVE-2022-50749 at SUSE CVE-2022-50749 at NVD CVE-2022-50750 at SUSE CVE-2022-50750 at NVD CVE-2022-50751 at SUSE CVE-2022-50751 at NVD CVE-2022-50752 at SUSE CVE-2022-50752 at NVD CVE-2022-50754 at SUSE CVE-2022-50754 at NVD CVE-2022-50755 at SUSE CVE-2022-50755 at NVD CVE-2022-50756 at SUSE CVE-2022-50756 at NVD CVE-2022-50757 at SUSE CVE-2022-50757 at NVD CVE-2022-50758 at SUSE CVE-2022-50758 at NVD CVE-2022-50760 at SUSE CVE-2022-50760 at NVD CVE-2022-50761 at SUSE CVE-2022-50761 at NVD CVE-2022-50763 at SUSE CVE-2022-50763 at NVD CVE-2022-50767 at SUSE CVE-2022-50767 at NVD CVE-2022-50768 at SUSE CVE-2022-50768 at NVD CVE-2022-50769 at SUSE CVE-2022-50769 at NVD CVE-2022-50770 at SUSE CVE-2022-50770 at NVD CVE-2022-50773 at SUSE CVE-2022-50773 at NVD CVE-2022-50774 at SUSE CVE-2022-50774 at NVD CVE-2022-50776 at SUSE CVE-2022-50776 at NVD CVE-2022-50777 at SUSE CVE-2022-50777 at NVD CVE-2022-50779 at SUSE CVE-2022-50779 at NVD CVE-2022-50781 at SUSE CVE-2022-50781 at NVD CVE-2022-50782 at SUSE CVE-2022-50782 at NVD CVE-2022-50809 at SUSE CVE-2022-50809 at NVD CVE-2022-50814 at SUSE CVE-2022-50814 at NVD CVE-2022-50818 at SUSE CVE-2022-50818 at NVD CVE-2022-50819 at SUSE CVE-2022-50819 at NVD CVE-2022-50821 at SUSE CVE-2022-50821 at NVD CVE-2022-50822 at SUSE CVE-2022-50822 at NVD CVE-2022-50823 at SUSE CVE-2022-50823 at NVD CVE-2022-50824 at SUSE CVE-2022-50824 at NVD CVE-2022-50826 at SUSE CVE-2022-50826 at NVD CVE-2022-50827 at SUSE CVE-2022-50827 at NVD CVE-2022-50828 at SUSE CVE-2022-50828 at NVD CVE-2022-50829 at SUSE CVE-2022-50829 at NVD CVE-2022-50830 at SUSE CVE-2022-50830 at NVD CVE-2022-50832 at SUSE CVE-2022-50832 at NVD CVE-2022-50833 at SUSE CVE-2022-50833 at NVD CVE-2022-50834 at SUSE CVE-2022-50834 at NVD CVE-2022-50835 at SUSE CVE-2022-50835 at NVD CVE-2022-50836 at SUSE CVE-2022-50836 at NVD CVE-2022-50838 at SUSE CVE-2022-50838 at NVD CVE-2022-50839 at SUSE CVE-2022-50839 at NVD CVE-2022-50840 at SUSE CVE-2022-50840 at NVD CVE-2022-50842 at SUSE CVE-2022-50842 at NVD CVE-2022-50843 at SUSE CVE-2022-50843 at NVD CVE-2022-50844 at SUSE CVE-2022-50844 at NVD CVE-2022-50845 at SUSE CVE-2022-50845 at NVD CVE-2022-50846 at SUSE CVE-2022-50846 at NVD CVE-2022-50847 at SUSE CVE-2022-50847 at NVD CVE-2022-50848 at SUSE CVE-2022-50848 at NVD CVE-2022-50849 at SUSE CVE-2022-50849 at NVD CVE-2022-50850 at SUSE CVE-2022-50850 at NVD CVE-2022-50851 at SUSE CVE-2022-50851 at NVD CVE-2022-50853 at SUSE CVE-2022-50853 at NVD CVE-2022-50856 at SUSE CVE-2022-50856 at NVD CVE-2022-50858 at SUSE CVE-2022-50858 at NVD CVE-2022-50859 at SUSE CVE-2022-50859 at NVD CVE-2022-50860 at SUSE CVE-2022-50860 at NVD CVE-2022-50861 at SUSE CVE-2022-50861 at NVD CVE-2022-50862 at SUSE CVE-2022-50862 at NVD CVE-2022-50864 at SUSE CVE-2022-50864 at NVD CVE-2022-50866 at SUSE CVE-2022-50866 at NVD CVE-2022-50867 at SUSE CVE-2022-50867 at NVD CVE-2022-50868 at SUSE CVE-2022-50868 at NVD CVE-2022-50870 at SUSE CVE-2022-50870 at NVD CVE-2022-50872 at SUSE CVE-2022-50872 at NVD CVE-2022-50873 at SUSE CVE-2022-50873 at NVD CVE-2022-50876 at SUSE CVE-2022-50876 at NVD CVE-2022-50878 at SUSE CVE-2022-50878 at NVD CVE-2022-50880 at SUSE CVE-2022-50880 at NVD CVE-2022-50881 at SUSE CVE-2022-50881 at NVD CVE-2022-50882 at SUSE CVE-2022-50882 at NVD CVE-2022-50883 at SUSE CVE-2022-50883 at NVD CVE-2022-50884 at SUSE CVE-2022-50884 at NVD CVE-2022-50885 at SUSE CVE-2022-50885 at NVD CVE-2022-50886 at SUSE CVE-2022-50886 at NVD CVE-2022-50887 at SUSE CVE-2022-50887 at NVD CVE-2022-50888 at SUSE CVE-2022-50888 at NVD CVE-2022-50889 at SUSE CVE-2022-50889 at NVD CVE-2023-23559 at SUSE CVE-2023-23559 at NVD CVE-2023-53254 at SUSE CVE-2023-53254 at NVD CVE-2023-53743 at SUSE CVE-2023-53743 at NVD CVE-2023-53744 at SUSE CVE-2023-53744 at NVD CVE-2023-53746 at SUSE CVE-2023-53746 at NVD CVE-2023-53747 at SUSE CVE-2023-53747 at NVD CVE-2023-53751 at SUSE CVE-2023-53751 at NVD CVE-2023-53753 at SUSE CVE-2023-53753 at NVD CVE-2023-53754 at SUSE CVE-2023-53754 at NVD CVE-2023-53755 at SUSE CVE-2023-53755 at NVD CVE-2023-53761 at SUSE CVE-2023-53761 at NVD CVE-2023-53766 at SUSE CVE-2023-53766 at NVD CVE-2023-53769 at SUSE CVE-2023-53769 at NVD CVE-2023-53780 at SUSE CVE-2023-53780 at NVD CVE-2023-53781 at SUSE CVE-2023-53781 at NVD CVE-2023-53783 at SUSE CVE-2023-53783 at NVD CVE-2023-53786 at SUSE CVE-2023-53786 at NVD CVE-2023-53788 at SUSE CVE-2023-53788 at NVD CVE-2023-53792 at SUSE CVE-2023-53792 at NVD CVE-2023-53794 at SUSE CVE-2023-53794 at NVD CVE-2023-53801 at SUSE CVE-2023-53801 at NVD CVE-2023-53802 at SUSE CVE-2023-53802 at NVD CVE-2023-53803 at SUSE CVE-2023-53803 at NVD CVE-2023-53804 at SUSE CVE-2023-53804 at NVD CVE-2023-53806 at SUSE CVE-2023-53806 at NVD CVE-2023-53808 at SUSE CVE-2023-53808 at NVD CVE-2023-53811 at SUSE CVE-2023-53811 at NVD CVE-2023-53814 at SUSE CVE-2023-53814 at NVD CVE-2023-53816 at SUSE CVE-2023-53816 at NVD CVE-2023-53818 at SUSE CVE-2023-53818 at NVD CVE-2023-53819 at SUSE CVE-2023-53819 at NVD CVE-2023-53820 at SUSE CVE-2023-53820 at NVD CVE-2023-53827 at SUSE CVE-2023-53827 at NVD CVE-2023-53828 at SUSE CVE-2023-53828 at NVD CVE-2023-53830 at SUSE CVE-2023-53830 at NVD CVE-2023-53832 at SUSE CVE-2023-53832 at NVD CVE-2023-53833 at SUSE CVE-2023-53833 at NVD CVE-2023-53834 at SUSE CVE-2023-53834 at NVD CVE-2023-53837 at SUSE CVE-2023-53837 at NVD CVE-2023-53840 at SUSE CVE-2023-53840 at NVD CVE-2023-53842 at SUSE CVE-2023-53842 at NVD CVE-2023-53844 at SUSE CVE-2023-53844 at NVD CVE-2023-53845 at SUSE CVE-2023-53845 at NVD CVE-2023-53847 at SUSE CVE-2023-53847 at NVD CVE-2023-53848 at SUSE CVE-2023-53848 at NVD CVE-2023-53849 at SUSE CVE-2023-53849 at NVD CVE-2023-53850 at SUSE CVE-2023-53850 at NVD CVE-2023-53852 at SUSE CVE-2023-53852 at NVD CVE-2023-53858 at SUSE CVE-2023-53858 at NVD CVE-2023-53860 at SUSE CVE-2023-53860 at NVD CVE-2023-53862 at SUSE CVE-2023-53862 at NVD CVE-2023-53864 at SUSE CVE-2023-53864 at NVD CVE-2023-53866 at SUSE CVE-2023-53866 at NVD CVE-2023-53989 at SUSE CVE-2023-53989 at NVD CVE-2023-53990 at SUSE CVE-2023-53990 at NVD CVE-2023-53991 at SUSE CVE-2023-53991 at NVD CVE-2023-53996 at SUSE CVE-2023-53996 at NVD CVE-2023-53998 at SUSE CVE-2023-53998 at NVD CVE-2023-54001 at SUSE CVE-2023-54001 at NVD CVE-2023-54003 at SUSE CVE-2023-54003 at NVD CVE-2023-54007 at SUSE CVE-2023-54007 at NVD CVE-2023-54009 at SUSE CVE-2023-54009 at NVD CVE-2023-54010 at SUSE CVE-2023-54010 at NVD CVE-2023-54014 at SUSE CVE-2023-54014 at NVD CVE-2023-54015 at SUSE CVE-2023-54015 at NVD CVE-2023-54017 at SUSE CVE-2023-54017 at NVD CVE-2023-54018 at SUSE CVE-2023-54018 at NVD CVE-2023-54019 at SUSE CVE-2023-54019 at NVD CVE-2023-54020 at SUSE CVE-2023-54020 at NVD CVE-2023-54021 at SUSE CVE-2023-54021 at NVD CVE-2023-54024 at SUSE CVE-2023-54024 at NVD CVE-2023-54025 at SUSE CVE-2023-54025 at NVD CVE-2023-54026 at SUSE CVE-2023-54026 at NVD CVE-2023-54028 at SUSE CVE-2023-54028 at NVD CVE-2023-54036 at SUSE CVE-2023-54036 at NVD CVE-2023-54039 at SUSE CVE-2023-54039 at NVD CVE-2023-54040 at SUSE CVE-2023-54040 at NVD CVE-2023-54041 at SUSE CVE-2023-54041 at NVD CVE-2023-54042 at SUSE CVE-2023-54042 at NVD CVE-2023-54044 at SUSE CVE-2023-54044 at NVD CVE-2023-54045 at SUSE CVE-2023-54045 at NVD CVE-2023-54046 at SUSE CVE-2023-54046 at NVD CVE-2023-54047 at SUSE CVE-2023-54047 at NVD CVE-2023-54048 at SUSE CVE-2023-54048 at NVD CVE-2023-54049 at SUSE CVE-2023-54049 at NVD CVE-2023-54050 at SUSE CVE-2023-54050 at NVD CVE-2023-54051 at SUSE CVE-2023-54051 at NVD CVE-2023-54053 at SUSE CVE-2023-54053 at NVD CVE-2023-54055 at SUSE CVE-2023-54055 at NVD CVE-2023-54057 at SUSE CVE-2023-54057 at NVD CVE-2023-54058 at SUSE CVE-2023-54058 at NVD CVE-2023-54064 at SUSE CVE-2023-54064 at NVD CVE-2023-54070 at SUSE CVE-2023-54070 at NVD CVE-2023-54072 at SUSE CVE-2023-54072 at NVD CVE-2023-54074 at SUSE CVE-2023-54074 at NVD CVE-2023-54076 at SUSE CVE-2023-54076 at NVD CVE-2023-54078 at SUSE CVE-2023-54078 at NVD CVE-2023-54079 at SUSE CVE-2023-54079 at NVD CVE-2023-54083 at SUSE CVE-2023-54083 at NVD CVE-2023-54084 at SUSE CVE-2023-54084 at NVD CVE-2023-54090 at SUSE CVE-2023-54090 at NVD CVE-2023-54091 at SUSE CVE-2023-54091 at NVD CVE-2023-54092 at SUSE CVE-2023-54092 at NVD CVE-2023-54095 at SUSE CVE-2023-54095 at NVD CVE-2023-54096 at SUSE CVE-2023-54096 at NVD CVE-2023-54097 at SUSE CVE-2023-54097 at NVD CVE-2023-54098 at SUSE CVE-2023-54098 at NVD CVE-2023-54100 at SUSE CVE-2023-54100 at NVD CVE-2023-54102 at SUSE CVE-2023-54102 at NVD CVE-2023-54104 at SUSE CVE-2023-54104 at NVD CVE-2023-54106 at SUSE CVE-2023-54106 at NVD CVE-2023-54107 at SUSE CVE-2023-54107 at NVD CVE-2023-54108 at SUSE CVE-2023-54108 at NVD CVE-2023-54110 at SUSE CVE-2023-54110 at NVD CVE-2023-54111 at SUSE CVE-2023-54111 at NVD CVE-2023-54114 at SUSE CVE-2023-54114 at NVD CVE-2023-54115 at SUSE CVE-2023-54115 at NVD CVE-2023-54116 at SUSE CVE-2023-54116 at NVD CVE-2023-54118 at SUSE CVE-2023-54118 at NVD CVE-2023-54119 at SUSE CVE-2023-54119 at NVD CVE-2023-54120 at SUSE CVE-2023-54120 at NVD CVE-2023-54122 at SUSE CVE-2023-54122 at NVD CVE-2023-54123 at SUSE CVE-2023-54123 at NVD CVE-2023-54126 at SUSE CVE-2023-54126 at NVD CVE-2023-54127 at SUSE CVE-2023-54127 at NVD CVE-2023-54128 at SUSE CVE-2023-54128 at NVD CVE-2023-54130 at SUSE CVE-2023-54130 at NVD CVE-2023-54131 at SUSE CVE-2023-54131 at NVD CVE-2023-54132 at SUSE CVE-2023-54132 at NVD CVE-2023-54134 at SUSE CVE-2023-54134 at NVD CVE-2023-54136 at SUSE CVE-2023-54136 at NVD CVE-2023-54138 at SUSE CVE-2023-54138 at NVD CVE-2023-54140 at SUSE CVE-2023-54140 at NVD CVE-2023-54144 at SUSE CVE-2023-54144 at NVD CVE-2023-54146 at SUSE CVE-2023-54146 at NVD CVE-2023-54148 at SUSE CVE-2023-54148 at NVD CVE-2023-54150 at SUSE CVE-2023-54150 at NVD CVE-2023-54153 at SUSE CVE-2023-54153 at NVD CVE-2023-54156 at SUSE CVE-2023-54156 at NVD CVE-2023-54159 at SUSE CVE-2023-54159 at NVD CVE-2023-54164 at SUSE CVE-2023-54164 at NVD CVE-2023-54166 at SUSE CVE-2023-54166 at NVD CVE-2023-54168 at SUSE CVE-2023-54168 at NVD CVE-2023-54169 at SUSE CVE-2023-54169 at NVD CVE-2023-54170 at SUSE CVE-2023-54170 at NVD CVE-2023-54171 at SUSE CVE-2023-54171 at NVD CVE-2023-54173 at SUSE CVE-2023-54173 at NVD CVE-2023-54175 at SUSE CVE-2023-54175 at NVD CVE-2023-54177 at SUSE CVE-2023-54177 at NVD CVE-2023-54179 at SUSE CVE-2023-54179 at NVD CVE-2023-54183 at SUSE CVE-2023-54183 at NVD CVE-2023-54186 at SUSE CVE-2023-54186 at NVD CVE-2023-54189 at SUSE CVE-2023-54189 at NVD CVE-2023-54190 at SUSE CVE-2023-54190 at NVD CVE-2023-54194 at SUSE CVE-2023-54194 at NVD CVE-2023-54197 at SUSE CVE-2023-54197 at NVD CVE-2023-54198 at SUSE CVE-2023-54198 at NVD CVE-2023-54199 at SUSE CVE-2023-54199 at NVD CVE-2023-54201 at SUSE CVE-2023-54201 at NVD CVE-2023-54202 at SUSE CVE-2023-54202 at NVD CVE-2023-54205 at SUSE CVE-2023-54205 at NVD CVE-2023-54208 at SUSE CVE-2023-54208 at NVD CVE-2023-54210 at SUSE CVE-2023-54210 at NVD CVE-2023-54211 at SUSE CVE-2023-54211 at NVD CVE-2023-54213 at SUSE CVE-2023-54213 at NVD CVE-2023-54214 at SUSE CVE-2023-54214 at NVD CVE-2023-54219 at SUSE CVE-2023-54219 at NVD CVE-2023-54226 at SUSE CVE-2023-54226 at NVD CVE-2023-54229 at SUSE CVE-2023-54229 at NVD CVE-2023-54230 at SUSE CVE-2023-54230 at NVD CVE-2023-54234 at SUSE CVE-2023-54234 at NVD CVE-2023-54236 at SUSE CVE-2023-54236 at NVD CVE-2023-54238 at SUSE CVE-2023-54238 at NVD CVE-2023-54242 at SUSE CVE-2023-54242 at NVD CVE-2023-54244 at SUSE CVE-2023-54244 at NVD CVE-2023-54245 at SUSE CVE-2023-54245 at NVD CVE-2023-54251 at SUSE CVE-2023-54251 at NVD CVE-2023-54252 at SUSE CVE-2023-54252 at NVD CVE-2023-54254 at SUSE CVE-2023-54254 at NVD CVE-2023-54260 at SUSE CVE-2023-54260 at NVD CVE-2023-54262 at SUSE CVE-2023-54262 at NVD CVE-2023-54264 at SUSE CVE-2023-54264 at NVD CVE-2023-54266 at SUSE CVE-2023-54266 at NVD CVE-2023-54267 at SUSE CVE-2023-54267 at NVD CVE-2023-54269 at SUSE CVE-2023-54269 at NVD CVE-2023-54270 at SUSE CVE-2023-54270 at NVD CVE-2023-54271 at SUSE CVE-2023-54271 at NVD CVE-2023-54274 at SUSE CVE-2023-54274 at NVD CVE-2023-54275 at SUSE CVE-2023-54275 at NVD CVE-2023-54277 at SUSE CVE-2023-54277 at NVD CVE-2023-54280 at SUSE CVE-2023-54280 at NVD CVE-2023-54284 at SUSE CVE-2023-54284 at NVD CVE-2023-54286 at SUSE CVE-2023-54286 at NVD CVE-2023-54287 at SUSE CVE-2023-54287 at NVD CVE-2023-54289 at SUSE CVE-2023-54289 at NVD CVE-2023-54292 at SUSE CVE-2023-54292 at NVD CVE-2023-54293 at SUSE CVE-2023-54293 at NVD CVE-2023-54294 at SUSE CVE-2023-54294 at NVD CVE-2023-54295 at SUSE CVE-2023-54295 at NVD CVE-2023-54298 at SUSE CVE-2023-54298 at NVD CVE-2023-54299 at SUSE CVE-2023-54299 at NVD CVE-2023-54300 at SUSE CVE-2023-54300 at NVD CVE-2023-54301 at SUSE CVE-2023-54301 at NVD CVE-2023-54302 at SUSE CVE-2023-54302 at NVD CVE-2023-54304 at SUSE CVE-2023-54304 at NVD CVE-2023-54305 at SUSE CVE-2023-54305 at NVD CVE-2023-54309 at SUSE CVE-2023-54309 at NVD CVE-2023-54311 at SUSE CVE-2023-54311 at NVD CVE-2023-54315 at SUSE CVE-2023-54315 at NVD CVE-2023-54317 at SUSE CVE-2023-54317 at NVD CVE-2023-54319 at SUSE CVE-2023-54319 at NVD CVE-2023-54320 at SUSE CVE-2023-54320 at NVD CVE-2023-54321 at SUSE CVE-2023-54321 at NVD CVE-2023-54322 at SUSE CVE-2023-54322 at NVD CVE-2023-54325 at SUSE CVE-2023-54325 at NVD CVE-2023-54326 at SUSE CVE-2023-54326 at NVD CVE-2024-36933 at SUSE CVE-2024-36933 at NVD CVE-2024-53093 at SUSE CVE-2024-53093 at NVD CVE-2024-56590 at SUSE CVE-2024-56590 at NVD CVE-2025-39977 at SUSE CVE-2025-39977 at NVD CVE-2025-40019 at SUSE CVE-2025-40019 at NVD CVE-2025-40139 at SUSE CVE-2025-40139 at NVD CVE-2025-40215 at SUSE CVE-2025-40215 at NVD CVE-2025-40220 at SUSE CVE-2025-40220 at NVD CVE-2025-40233 at SUSE CVE-2025-40233 at NVD CVE-2025-40256 at SUSE CVE-2025-40256 at NVD CVE-2025-40258 at SUSE CVE-2025-40258 at NVD CVE-2025-40277 at SUSE CVE-2025-40277 at NVD CVE-2025-40280 at SUSE CVE-2025-40280 at NVD CVE-2025-40331 at SUSE CVE-2025-40331 at NVD CVE-2025-68218 at SUSE CVE-2025-68218 at NVD CVE-2025-68732 at SUSE CVE-2025-68732 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm rebuilds it against the current GO security release. Important cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806). - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786). - CVE-2024-53093: nvme-multipath: defer partition scanning (bsc#1233640). - CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780). - CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862). - CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367). - CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431). - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436). The following non-security bugs were fixed: - Fix type signess in fbcon_set_font() (bsc#1252033). - scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267). Important SUSE bug 1233640 SUSE bug 1249806 SUSE bug 1251786 SUSE bug 1252267 SUSE bug 1252780 SUSE bug 1252862 SUSE bug 1253367 SUSE bug 1253431 SUSE bug 1253436 CVE-2022-50280 at SUSE CVE-2022-50280 at NVD CVE-2023-53676 at SUSE CVE-2023-53676 at NVD CVE-2024-53093 at SUSE CVE-2024-53093 at NVD CVE-2025-40040 at SUSE CVE-2025-40040 at NVD CVE-2025-40048 at SUSE CVE-2025-40048 at NVD CVE-2025-40121 at SUSE CVE-2025-40121 at NVD CVE-2025-40154 at SUSE CVE-2025-40154 at NVD CVE-2025-40204 at SUSE CVE-2025-40204 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openssl-1_1 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openssl-1_1 fixes the following issues: - CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839). - CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837). - CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838). - CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840). - CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834). - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835). - CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836). Moderate SUSE bug 1256834 SUSE bug 1256835 SUSE bug 1256836 SUSE bug 1256837 SUSE bug 1256838 SUSE bug 1256839 SUSE bug 1256840 CVE-2025-68160 at SUSE CVE-2025-68160 at NVD CVE-2025-69418 at SUSE CVE-2025-69418 at NVD CVE-2025-69419 at SUSE CVE-2025-69419 at NVD CVE-2025-69420 at SUSE CVE-2025-69420 at NVD CVE-2025-69421 at SUSE CVE-2025-69421 at NVD CVE-2026-22795 at SUSE CVE-2026-22795 at NVD CVE-2026-22796 at SUSE CVE-2026-22796 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsodium (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libsodium fixes the following issues: - CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070). - CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764). Moderate SUSE bug 1255764 SUSE bug 1256070 CVE-2025-15444 at SUSE CVE-2025-15444 at NVD CVE-2025-69277 at SUSE CVE-2025-69277 at NVD cpe:/o:suse:sle-micro:5.5 Security update for abseil-cpp (Moderate) SUSE Linux Enterprise Micro 5.5 This update for abseil-cpp fixes the following issues: Update to 20240116.3 - CVE-2025-0838: Fixed potential integer overflow in hash container create/resize (bsc#1237543). Moderate SUSE bug 1237543 CVE-2025-0838 at SUSE CVE-2025-0838 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Important) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issues: - CVE-2024-6505: qemu-kvm: virtio-net: Fixed queue index out-of-bounds access in software RSS (bsc#1227397) - CVE-2025-12464: net: pad packets to minimum length in qemu_receive_packet() (bsc#1253002) - CVE-2025-11234: qemu-kvm: Fixed use-after-free in websocket handshake code leading to denial of service (bsc#1250984) Other fixes: - Fixed *-virtio-gpu-pci dependency on ARM (bsc#1254286) - block/curl: Fixed curl internal handles handling (bsc#1252768) Important SUSE bug 1227397 SUSE bug 1250984 SUSE bug 1252768 SUSE bug 1253002 SUSE bug 1254286 CVE-2024-6505 at SUSE CVE-2024-6505 at NVD CVE-2025-11234 at SUSE CVE-2025-11234 at NVD CVE-2025-12464 at SUSE CVE-2025-12464 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Low) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2026-0989: Fixed call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `<include>` directives (bsc#1256805) Low SUSE bug 1256805 CVE-2026-0989 at SUSE CVE-2026-0989 at NVD cpe:/o:suse:sle-micro:5.5 Security update for rsync (Moderate) SUSE Linux Enterprise Micro 5.5 This update for rsync fixes the following issues: - CVE-2025-10158: Fixed out of bounds array access via negative index (bsc#1254441) Moderate SUSE bug 1254441 CVE-2025-10158 at SUSE CVE-2025-10158 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-pyasn1 (Important) SUSE Linux Enterprise Micro 5.5 This update for python-pyasn1 fixes the following issues: - CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service (bsc#1256902) Important SUSE bug 1256902 CVE-2026-23490 at SUSE CVE-2026-23490 at NVD cpe:/o:suse:sle-micro:5.5 Security update for sqlite3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for sqlite3 fixes the following issues: - Update to v3.51.2: - CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. (bsc#1254670) Moderate SUSE bug 1248586 SUSE bug 1254670 CVE-2025-7709 at SUSE CVE-2025-7709 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-urllib3 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-urllib3_1 fixes the following issues: - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867). - CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866). - CVE-2026-21441: excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331). Moderate SUSE bug 1254866 SUSE bug 1254867 SUSE bug 1256331 CVE-2025-66418 at SUSE CVE-2025-66418 at NVD CVE-2025-66471 at SUSE CVE-2025-66471 at NVD CVE-2026-21441 at SUSE CVE-2026-21441 at NVD cpe:/o:suse:sle-micro:5.5 Security update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda (Important) SUSE Linux Enterprise Micro 5.5 This update for nvidia-modprobe.cuda, nvidia-open-driver-G06-signed, nvidia-persistenced.cuda fixes the following issues: Changes in nvidia-open-driver-G06-signed: - updated CUDA variant to version 580.126.09 - update non-CUDA variant to version 580.126.09 (bsc#1255858) - update non-CUDA variant to version 580.119.02 (bsc#1254801) Changes in nvidia-persistenced.cuda: - update to version 580.126.09 Changes in nvidia-modprobe.cuda: - update to version 580.126.09 Important SUSE bug 1254801 SUSE bug 1255858 cpe:/o:suse:sle-micro:5.5 Security update for glib2 (Important) SUSE Linux Enterprise Micro 5.5 This update for glib2 fixes the following issues: - CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354). - CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355). - CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353). - CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049). Important SUSE bug 1257049 CVE-2026-0988 at SUSE CVE-2026-0988 at NVD cpe:/o:suse:sle-micro:5.5 Security update for rust-keylime (Important) SUSE Linux Enterprise Micro 5.5 This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257908). Other updates and bugfixes: - Update vendored crates `time` to version 0.3.47. - Update to version 0.2.8+116: * build(deps): bump bytes from 1.7.2 to 1.11.1 * api: Modify /version endpoint output in version 2.5 * Add API v2.5 with backward-compatible /v2.5/quotes/integrity * tests: add unit test for resolve_agent_id (#1182) * (pull-model): enable retry logic for registration * rpm: Update specfiles to apply on master * workflows: Add test to detect unused crates * lib: Drop unused crates * push-model: Drop unused crates * keylime-agent: Drop unused crates * build(deps): bump uuid from 1.18.1 to 1.19.0 * Update reqwest-retry to 0.8, retry-policies to 0.5 * rpm: Fix cargo_build macro usage on CentOS Stream * fix(push-model): resolve hash_ek uuid to actual EK hash * build(deps): bump thiserror from 2.0.16 to 2.0.17 * workflows: Separate upstream test suite from e2e coverage * Send UEFI measured boot logs as raw bytes (#1173) * auth: Add unit tests for SecretToken implementation * packit: Enable push-attestation tests * resilient_client: Prevent authentication token leakage in logs - Use tmpfiles.d for /var directories (PED-14736) - Update to version 0.2.8+96: * build(deps): bump wiremock from 0.6.4 to 0.6.5 * build(deps): bump actions/checkout from 5 to 6 * build(deps): bump chrono from 0.4.41 to 0.4.42 * packit: Get coverage from Fedora 43 runs * Fix issues pointed out by clippy * Replace mutex unwraps with proper error handling in TPM library * Remove unused session request methods from StructureFiller * Fix config panic on missing ek_handle in push model agent * build(deps): bump tempfile from 3.21.0 to 3.23.0 * build(deps): bump actions/upload-artifact from 4 to 6 (#1163) * Fix clippy warnings project-wide * Add KEYLIME_DIR support for verifier TLS certificates in push model agent * Thread privileged resources and use MeasurementList for IMA reading * Add privileged resource initialization and privilege dropping to push model agent * Fix privilege dropping order in run_as() * add documentation on FQDN hostnames * Remove confusing logs for push mode agent * Set correct default Verifier port (8891->8881) (#1159) * Add verifier_url to reference configuration file (#1158) * Add TLS support for Registrar communication (#1139) * Fix agent handling of 403 registration responses (#1154) * Add minor README.md rephrasing (#1151) * build(deps): bump actions/checkout from 5 to 6 (#1153) * ci: update spec files for packit COPR build * docs: improve challenge encoding and async TPM documentation * refactor: improve middleware and error handling * feat: add authentication client with middleware integration * docker: Include keylime_push_model_agent binary * Include attestation_interval configuration (#1146) * Persist payload keys to avoid attestation failure on restart * crypto: Implement the load or generate pattern for keys * Use simple algorithm specifiers in certification_keys object (#1140) * tests: Enable more tests in CI * Fix RSA2048 algorithm reporting in keylime agent * Remove disabled_signing_algorithms configuration * rpm: Fix metadata patches to apply to current code * workflows/rpm.yml: Use more strict patching * build(deps): bump uuid from 1.17.0 to 1.18.1 * Fix ECC algorithm selection and reporting for keylime agent * Improve logging consistency and coherency * Implement minimal RFC compliance for Location header and URI parsing (#1125) * Use separate keys for payload mechanism and mTLS * docker: update rust to 1.81 for distroless Dockerfile * Ensure UEFI log capabilities are set to false * build(deps): bump http from 1.1.0 to 1.3.1 * build(deps): bump log from 0.4.27 to 0.4.28 * build(deps): bump cfg-if from 1.0.1 to 1.0.3 * build(deps): bump actix-rt from 2.10.0 to 2.11.0 * build(deps): bump async-trait from 0.1.88 to 0.1.89 * build(deps): bump trybuild from 1.0.105 to 1.0.110 * Accept evidence handling structures null entries * workflows: Add test to check if RPM patches still apply * CI: Enable test add-agent-with-malformed-ek-cert * config: Fix singleton tests * FSM: Remove needless lifetime annotations (#1105) * rpm: Do not remove wiremock which is now available in Fedora * Use latest Fedora httpdate version (1.0.3) * Enhance coverage with parse_retry_after test * Fix issues reported by CI regarding unwrap() calls * Reuse max retries indicated to the ResilientClient * Include limit of retries to 5 for Retry-After * Add policy to handle Retry-After response headers * build(deps): bump wiremock from 0.6.3 to 0.6.4 * build(deps): bump serde_json from 1.0.140 to 1.0.143 * build(deps): bump pest_derive from 2.8.0 to 2.8.1 * build(deps): bump syn from 2.0.90 to 2.0.106 * build(deps): bump tempfile from 3.20.0 to 3.21.0 * build(deps): bump thiserror from 2.0.12 to 2.0.16 * rpm: Fix patches to apply to current master code * build(deps): bump anyhow from 1.0.98 to 1.0.99 * state_machine: Automatically clean config override during tests * config: Implement singleton and factory pattern * testing: Support overriding configuration during tests * feat: implement standalone challenge-response authentication module * structures: rename session structs for clarity and fix typos * tpm: refactor certify_credential_with_iak() into a more generic function * Add Push Model Agent Mermaid FSM chart (#1095) * Add state to avoid exiting on wrong attestation (#1093) * Add 6 alphanumeric lowercase X-Request-ID header * Enhance Evidence Handling response parsing * build(deps): bump quote from 1.0.35 to 1.0.40 * build(deps): bump libc from 0.2.172 to 0.2.175 * build(deps): bump glob from 0.3.2 to 0.3.3 * build(deps): bump actix-web from 4.10.2 to 4.11.0 Important SUSE bug 1257908 CVE-2026-25727 at SUSE CVE-2026-25727 at NVD cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594). - CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095). - CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908). - CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210). - CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723). - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751). - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). - CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842). - CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483). - CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251). - CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). - CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). - CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171). - CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582). - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641). - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623). - CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612). - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726). - CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744). - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779). - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236). - CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232). The following non security issues were fixed: - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087). - net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). - net: tcp: allow zero-window ACK update the window (bsc#1254767). - net: tcp: send zero-window ACK when no memory (bsc#1254767). - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - tcp: correct handling of extreme memory squeeze (bsc#1254767). - x86: make page fault handling disable interrupts properly (git-fixes). Important SUSE bug 1220137 SUSE bug 1220144 SUSE bug 1222323 SUSE bug 1223007 SUSE bug 1225049 SUSE bug 1233038 SUSE bug 1235905 SUSE bug 1236104 SUSE bug 1236208 SUSE bug 1237885 SUSE bug 1237906 SUSE bug 1238414 SUSE bug 1238754 SUSE bug 1238763 SUSE bug 1244758 SUSE bug 1244904 SUSE bug 1245110 SUSE bug 1245210 SUSE bug 1245723 SUSE bug 1245751 SUSE bug 1247177 SUSE bug 1247483 SUSE bug 1248306 SUSE bug 1248377 SUSE bug 1249156 SUSE bug 1249158 SUSE bug 1249827 SUSE bug 1252785 SUSE bug 1253028 SUSE bug 1253087 SUSE bug 1253409 SUSE bug 1253702 SUSE bug 1254447 SUSE bug 1254462 SUSE bug 1254463 SUSE bug 1254464 SUSE bug 1254465 SUSE bug 1254767 SUSE bug 1254842 SUSE bug 1255171 SUSE bug 1255251 SUSE bug 1255377 SUSE bug 1255401 SUSE bug 1255594 SUSE bug 1255908 SUSE bug 1256095 SUSE bug 1256582 SUSE bug 1256612 SUSE bug 1256623 SUSE bug 1256641 SUSE bug 1256726 SUSE bug 1256744 SUSE bug 1256779 SUSE bug 1256792 SUSE bug 1257232 SUSE bug 1257236 SUSE bug 1257296 SUSE bug 1257473 CVE-2022-49604 at SUSE CVE-2022-49604 at NVD CVE-2022-49943 at SUSE CVE-2022-49943 at NVD CVE-2022-49980 at SUSE CVE-2022-49980 at NVD CVE-2022-50232 at SUSE CVE-2022-50232 at NVD CVE-2022-50697 at SUSE CVE-2022-50697 at NVD CVE-2023-52433 at SUSE CVE-2023-52433 at NVD CVE-2023-52874 at SUSE CVE-2023-52874 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-53178 at SUSE CVE-2023-53178 at NVD CVE-2023-53407 at SUSE CVE-2023-53407 at NVD CVE-2023-53412 at SUSE CVE-2023-53412 at NVD CVE-2023-53417 at SUSE CVE-2023-53417 at NVD CVE-2023-53418 at SUSE CVE-2023-53418 at NVD CVE-2023-53714 at SUSE CVE-2023-53714 at NVD CVE-2023-54142 at SUSE CVE-2023-54142 at NVD CVE-2023-54243 at SUSE CVE-2023-54243 at NVD CVE-2024-26581 at SUSE CVE-2024-26581 at NVD CVE-2024-26661 at SUSE CVE-2024-26661 at NVD CVE-2024-26832 at SUSE CVE-2024-26832 at NVD CVE-2024-50143 at SUSE CVE-2024-50143 at NVD CVE-2024-54031 at SUSE CVE-2024-54031 at NVD CVE-2025-21658 at SUSE CVE-2025-21658 at NVD CVE-2025-21760 at SUSE CVE-2025-21760 at NVD CVE-2025-21764 at SUSE CVE-2025-21764 at NVD CVE-2025-21765 at SUSE CVE-2025-21765 at NVD CVE-2025-21766 at SUSE CVE-2025-21766 at NVD CVE-2025-38068 at SUSE CVE-2025-38068 at NVD CVE-2025-38129 at SUSE CVE-2025-38129 at NVD CVE-2025-38159 at SUSE CVE-2025-38159 at NVD CVE-2025-38375 at SUSE CVE-2025-38375 at NVD CVE-2025-38563 at SUSE CVE-2025-38563 at NVD CVE-2025-38565 at SUSE CVE-2025-38565 at NVD CVE-2025-38684 at SUSE CVE-2025-38684 at NVD CVE-2025-40044 at SUSE CVE-2025-40044 at NVD CVE-2025-40139 at SUSE CVE-2025-40139 at NVD CVE-2025-40257 at SUSE CVE-2025-40257 at NVD CVE-2025-40300 at SUSE CVE-2025-40300 at NVD CVE-2025-68183 at SUSE CVE-2025-68183 at NVD CVE-2025-68284 at SUSE CVE-2025-68284 at NVD CVE-2025-68285 at SUSE CVE-2025-68285 at NVD CVE-2025-68312 at SUSE CVE-2025-68312 at NVD CVE-2025-68771 at SUSE CVE-2025-68771 at NVD CVE-2025-68813 at SUSE CVE-2025-68813 at NVD CVE-2025-71085 at SUSE CVE-2025-71085 at NVD CVE-2025-71089 at SUSE CVE-2025-71089 at NVD CVE-2025-71112 at SUSE CVE-2025-71112 at NVD CVE-2025-71116 at SUSE CVE-2025-71116 at NVD CVE-2025-71120 at SUSE CVE-2025-71120 at NVD CVE-2026-22999 at SUSE CVE-2026-22999 at NVD CVE-2026-23001 at SUSE CVE-2026-23001 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm rebuilds it against the current GO security release. Important cpe:/o:suse:sle-micro:5.5 Security update for the Linux Kernel (Important) SUSE Linux Enterprise Micro 5.5 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594). - CVE-2023-54142: gtp: Fix use-after-free in __gtp_encap_destroy() (bsc#1256095). - CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908). - CVE-2025-38068: crypto: lzo - Fix compression buffer overrun (bsc#1245210). - CVE-2025-38129: page_pool: fix inconsistency for page_pool_ring_lock() (bsc#1245723). - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1245751). - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177). - CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842). - CVE-2025-40300: Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483). - CVE-2025-68183: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (bsc#1255251). - CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377). - CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401). - CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171). - CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582). - CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641). - CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623). - CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612). - CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726). - CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744). - CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779). - CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236). - CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232). - CVE-2023-53215: sched/fair: Don't balance task to its current running CPU (bsc#1250397). - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). The following non security issues were fixed: - Revert 'ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582)'. - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087 bsc#1254447). - net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). - net: tcp: allow zero-window ACK update the window (bsc#1254767). - net: tcp: send zero-window ACK when no memory (bsc#1254767). - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - tcp: correct handling of extreme memory squeeze (bsc#1254767). - x86: make page fault handling disable interrupts properly (git-fixes). Important SUSE bug 1220137 SUSE bug 1220144 SUSE bug 1222323 SUSE bug 1223007 SUSE bug 1225049 SUSE bug 1233038 SUSE bug 1235905 SUSE bug 1236104 SUSE bug 1236208 SUSE bug 1237885 SUSE bug 1237906 SUSE bug 1238414 SUSE bug 1238754 SUSE bug 1238763 SUSE bug 1244758 SUSE bug 1244904 SUSE bug 1245110 SUSE bug 1245210 SUSE bug 1245723 SUSE bug 1245751 SUSE bug 1247177 SUSE bug 1247483 SUSE bug 1248306 SUSE bug 1248377 SUSE bug 1249156 SUSE bug 1249158 SUSE bug 1249827 SUSE bug 1252785 SUSE bug 1253028 SUSE bug 1253087 SUSE bug 1253409 SUSE bug 1253702 SUSE bug 1254447 SUSE bug 1254462 SUSE bug 1254463 SUSE bug 1254464 SUSE bug 1254465 SUSE bug 1254767 SUSE bug 1254842 SUSE bug 1255171 SUSE bug 1255251 SUSE bug 1255377 SUSE bug 1255401 SUSE bug 1255594 SUSE bug 1255908 SUSE bug 1256095 SUSE bug 1256582 SUSE bug 1256612 SUSE bug 1256623 SUSE bug 1256641 SUSE bug 1256726 SUSE bug 1256744 SUSE bug 1256779 SUSE bug 1256792 SUSE bug 1257232 SUSE bug 1257236 SUSE bug 1257296 SUSE bug 1257473 CVE-2022-49604 at SUSE CVE-2022-49604 at NVD CVE-2022-49943 at SUSE CVE-2022-49943 at NVD CVE-2022-49980 at SUSE CVE-2022-49980 at NVD CVE-2022-50232 at SUSE CVE-2022-50232 at NVD CVE-2022-50697 at SUSE CVE-2022-50697 at NVD CVE-2023-52433 at SUSE CVE-2023-52433 at NVD CVE-2023-52874 at SUSE CVE-2023-52874 at NVD CVE-2023-52923 at SUSE CVE-2023-52923 at NVD CVE-2023-53178 at SUSE CVE-2023-53178 at NVD CVE-2023-53407 at SUSE CVE-2023-53407 at NVD CVE-2023-53412 at SUSE CVE-2023-53412 at NVD CVE-2023-53417 at SUSE CVE-2023-53417 at NVD CVE-2023-53418 at SUSE CVE-2023-53418 at NVD CVE-2023-53714 at SUSE CVE-2023-53714 at NVD CVE-2023-54142 at SUSE CVE-2023-54142 at NVD CVE-2023-54243 at SUSE CVE-2023-54243 at NVD CVE-2024-26581 at SUSE CVE-2024-26581 at NVD CVE-2024-26661 at SUSE CVE-2024-26661 at NVD CVE-2024-26832 at SUSE CVE-2024-26832 at NVD CVE-2024-50143 at SUSE CVE-2024-50143 at NVD CVE-2024-54031 at SUSE CVE-2024-54031 at NVD CVE-2025-21658 at SUSE CVE-2025-21658 at NVD CVE-2025-21760 at SUSE CVE-2025-21760 at NVD CVE-2025-21764 at SUSE CVE-2025-21764 at NVD CVE-2025-21765 at SUSE CVE-2025-21765 at NVD CVE-2025-21766 at SUSE CVE-2025-21766 at NVD CVE-2025-38068 at SUSE CVE-2025-38068 at NVD CVE-2025-38129 at SUSE CVE-2025-38129 at NVD CVE-2025-38159 at SUSE CVE-2025-38159 at NVD CVE-2025-38375 at SUSE CVE-2025-38375 at NVD CVE-2025-38563 at SUSE CVE-2025-38563 at NVD CVE-2025-38565 at SUSE CVE-2025-38565 at NVD CVE-2025-38684 at SUSE CVE-2025-38684 at NVD CVE-2025-40044 at SUSE CVE-2025-40044 at NVD CVE-2025-40139 at SUSE CVE-2025-40139 at NVD CVE-2025-40257 at SUSE CVE-2025-40257 at NVD CVE-2025-40300 at SUSE CVE-2025-40300 at NVD CVE-2025-68183 at SUSE CVE-2025-68183 at NVD CVE-2025-68284 at SUSE CVE-2025-68284 at NVD CVE-2025-68285 at SUSE CVE-2025-68285 at NVD CVE-2025-68312 at SUSE CVE-2025-68312 at NVD CVE-2025-68771 at SUSE CVE-2025-68771 at NVD CVE-2025-68813 at SUSE CVE-2025-68813 at NVD CVE-2025-71085 at SUSE CVE-2025-71085 at NVD CVE-2025-71089 at SUSE CVE-2025-71089 at NVD CVE-2025-71112 at SUSE CVE-2025-71112 at NVD CVE-2025-71116 at SUSE CVE-2025-71116 at NVD CVE-2025-71120 at SUSE CVE-2025-71120 at NVD CVE-2026-22999 at SUSE CVE-2026-22999 at NVD CVE-2026-23001 at SUSE CVE-2026-23001 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2026-1761: Check length of bytes read in soup_filter_input_stream_read_until to avoid a stack-based buffer overflow (bsc#1257598). - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418). - CVE-2025-4476: null pointer dereference may lead to denial of service (bsc#1243422). Important SUSE bug 1243422 SUSE bug 1256418 SUSE bug 1257598 CVE-2025-4476 at SUSE CVE-2025-4476 at NVD CVE-2026-0716 at SUSE CVE-2026-0716 at NVD CVE-2026-1761 at SUSE CVE-2026-1761 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Moderate) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105). - CVE-2025-14524: bearer token leak on cross-protocol redirect (bsc#1255731). - CVE-2025-14819: libssh global knownhost override (bsc#1255732). - CVE-2025-15079: libssh key passphrase bypass without agent set (bsc#1255733). - CVE-2025-15224: OpenSSL partial chain store policy bypass (bsc#1255734). Moderate SUSE bug 1255731 SUSE bug 1255732 SUSE bug 1255733 SUSE bug 1255734 SUSE bug 1256105 CVE-2025-14017 at SUSE CVE-2025-14017 at NVD CVE-2025-14524 at SUSE CVE-2025-14524 at NVD CVE-2025-14819 at SUSE CVE-2025-14819 at NVD CVE-2025-15079 at SUSE CVE-2025-15079 at NVD CVE-2025-15224 at SUSE CVE-2025-15224 at NVD cpe:/o:suse:sle-micro:5.5 Security update for protobuf (Moderate) SUSE Linux Enterprise Micro 5.5 This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173). Moderate SUSE bug 1257173 CVE-2026-0994 at SUSE CVE-2026-0994 at NVD cpe:/o:suse:sle-micro:5.5 Security update for openCryptoki (Moderate) SUSE Linux Enterprise Micro 5.5 This update for openCryptoki fixes the following issues: Security fixes: - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following (bsc#1257116) Other fixes: - Fixed FIPS mode (bsc#1248002) Moderate SUSE bug 1248002 SUSE bug 1257116 CVE-2026-23893 at SUSE CVE-2026-23893 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxml2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libxml2 fixes the following issues: - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`. (bsc#1256807, bsc#1256811) - CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to exponential behavior. (bsc#1256809, bsc#1256812) - CVE-2026-1757: Fixed a memory leak in the `xmllint` interactive shell. (bsc#1257594, bsc#1257595) - CVE-2025-10911: Fixed a use-after-free with key data stored cross-RVT. (bsc#1250553) - CVE-2025-8732: Fixed an infinite recursion in catalog parsing functions when processing malformed SGML catalog files. (bsc#1247858) Moderate SUSE bug 1247850 SUSE bug 1247858 SUSE bug 1250553 SUSE bug 1256807 SUSE bug 1256808 SUSE bug 1256809 SUSE bug 1256811 SUSE bug 1256812 SUSE bug 1257593 SUSE bug 1257594 SUSE bug 1257595 CVE-2025-10911 at SUSE CVE-2025-10911 at NVD CVE-2025-8732 at SUSE CVE-2025-8732 at NVD CVE-2026-0990 at SUSE CVE-2026-0990 at NVD CVE-2026-0992 at SUSE CVE-2026-0992 at NVD CVE-2026-1757 at SUSE CVE-2026-1757 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libpcap (Low) SUSE Linux Enterprise Micro 5.5 This update for libpcap fixes the following issues: - CVE-2025-11961: missing validation of provided MAC-48 address string in `pcap_ether_aton()` can lead to out-of-bounds read and write (bsc#1255765). Low SUSE bug 1255765 CVE-2025-11961 at SUSE CVE-2025-11961 at NVD cpe:/o:suse:sle-micro:5.5 Security update for avahi (Moderate) SUSE Linux Enterprise Micro 5.5 This update for avahi fixes the following issues: - CVE-2025-68276: Fixed refuse to create wide-area record browsers when wide-area is off (bsc#1256498) - CVE-2025-68471: Fixed DoS bug by changing assert to return (bsc#1256500) - CVE-2025-68468: Fixed DoS bug by removing incorrect assertion (bsc#1256499) Moderate SUSE bug 1256498 SUSE bug 1256499 SUSE bug 1256500 CVE-2025-68276 at SUSE CVE-2025-68276 at NVD CVE-2025-68468 at SUSE CVE-2025-68468 at NVD CVE-2025-68471 at SUSE CVE-2025-68471 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libpng16 (Important) SUSE Linux Enterprise Micro 5.5 This update for libpng16 fixes the following issues: - CVE-2025-28162: memory leaks when running `pngimage` (bsc#1257364). - CVE-2025-28164: memory leaks when running `pngimage` (bsc#1257365). - CVE-2026-22695: heap buffer over-read in png_image_finish_read (bsc#1256525). - CVE-2026-22801: integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526). - CVE-2026-25646: heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020). Important SUSE bug 1256525 SUSE bug 1256526 SUSE bug 1257364 SUSE bug 1257365 SUSE bug 1258020 CVE-2025-28162 at SUSE CVE-2025-28162 at NVD CVE-2025-28164 at SUSE CVE-2025-28164 at NVD CVE-2026-22695 at SUSE CVE-2026-22695 at NVD CVE-2026-22801 at SUSE CVE-2026-22801 at NVD CVE-2026-25646 at SUSE CVE-2026-25646 at NVD cpe:/o:suse:sle-micro:5.5 Security update for capstone (Moderate) SUSE Linux Enterprise Micro 5.5 This update for capstone fixes the following issues: Security issues fixed: - CVE-2025-67873: missing bounds check on user-provided skipdata callback can lead to a heap buffer overflow (bsc#1255309). - CVE-2025-68114: unchecked `vsnprintf` return value can lead to a stack buffer overflow (bsc#1255310). Other updates and bugfixes: - Enable static library, and add `libcapstone-devel-static` subpackage. Moderate SUSE bug 1255309 SUSE bug 1255310 CVE-2025-67873 at SUSE CVE-2025-67873 at NVD CVE-2025-68114 at SUSE CVE-2025-68114 at NVD cpe:/o:suse:sle-micro:5.5 Security update for protobuf (Moderate) SUSE Linux Enterprise Micro 5.5 This update for protobuf fixes the following issues:i - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173). Moderate SUSE bug 1257173 CVE-2026-0994 at SUSE CVE-2026-0994 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python3 (Important) SUSE Linux Enterprise Micro 5.5 This update for python3 fixes the following issues: - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters (bsc#1257029). - CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel (bsc#1257031). - CVE-2026-0865: user-controlled header containing newlines can allow injecting HTTP headers (bsc#1257042). - CVE-2025-15366: user-controlled command can allow additional commands injected using newlines (bsc#1257044). - CVE-2025-15282: user-controlled data URLs parsed may allow injecting headers (bsc#1257046). - CVE-2025-15367: control characters may allow the injection of additional commands (bsc#1257041). Important SUSE bug 1257029 SUSE bug 1257031 SUSE bug 1257041 SUSE bug 1257042 SUSE bug 1257044 SUSE bug 1257046 CVE-2025-11468 at SUSE CVE-2025-11468 at NVD CVE-2025-15282 at SUSE CVE-2025-15282 at NVD CVE-2025-15366 at SUSE CVE-2025-15366 at NVD CVE-2025-15367 at SUSE CVE-2025-15367 at NVD CVE-2026-0672 at SUSE CVE-2026-0672 at NVD CVE-2026-0865 at SUSE CVE-2026-0865 at NVD cpe:/o:suse:sle-micro:5.5 Security update for docker (Moderate) SUSE Linux Enterprise Micro 5.5 This update for docker fixes the following issues: - CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. (bsc#1253904) Moderate SUSE bug 1253904 CVE-2025-58181 at SUSE CVE-2025-58181 at NVD cpe:/o:suse:sle-micro:5.5 Security update for ucode-intel (Important) SUSE Linux Enterprise Micro 5.5 This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release (bsc#1258046) - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) - CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege. (bsc#1258046) Important SUSE bug 1229129 SUSE bug 1258046 CVE-2024-24853 at SUSE CVE-2024-24853 at NVD CVE-2025-31648 at SUSE CVE-2025-31648 at NVD cpe:/o:suse:sle-micro:5.5 Security update for podman (Moderate) SUSE Linux Enterprise Micro 5.5 This update for podman fixes the following issues: - CVE-2025-47914: Fixed ssh-agent that could cause a panic due to an out-of-bounds read with non validated message size (bsc#1253993) Moderate SUSE bug 1253993 CVE-2025-47914 at SUSE CVE-2025-47914 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gpg2 (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gpg2 fixes the following issues: Security fix: - Fixed GnuPG accepting Path Separators and Path Traversals in Literal Data (bsc#1256389) Moderate SUSE bug 1256389 cpe:/o:suse:sle-micro:5.5 Security update for shim (Moderate) SUSE Linux Enterprise Micro 5.5 This update for shim fixes the following issues: shim is updated to version 16.1: - shim_start_image(): fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory - SbatLevel_Variable.txt: minor typo fix. - Realloc() needs to allocate one more byte for sprintf() - IPv6: Add more check to avoid multiple double colon and illegal char - Loader proto v2 - loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages - Generate Authenticode for the entire PE file - README: mention new loader protocol and interaction with UKIs - shim: change automatically enable MOK_POLICY_REQUIRE_NX - Save var info - add SbatLevel entry 2025051000 for PSA-2025-00012-1 - Coverity fixes 20250804 - fix http boot - Fix double free and leak in the loader protocol shim is updated to version 16.0: - Validate that a supplied vendor cert is not in PEM format - sbat: Add grub.peimage,2 to latest (CVE-2024-2312) - sbat: Also bump latest for grub,4 (and to todays date) - undo change that limits certificate files to a single file - shim: don't set second_stage to the empty string - Fix SBAT.md for today's consensus about numbers - Update Code of Conduct contact address - make-certs: Handle missing OpenSSL installation - Update MokVars.txt - export DEFINES for sub makefile - Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition - Null-terminate 'arguments' in fallback - Fix 'Verifiying' typo in error message - Update Fedora CI targets - Force gcc to produce DWARF4 so that gdb can use it - Minor housekeeping 2024121700 - Discard load-options that start with WINDOWS - Fix the issue that the gBS->LoadImage pointer was empty. - shim: Allow data after the end of device path node in load options - Handle network file not found like disks - Update gnu-efi submodule for EFI_HTTP_ERROR - Increase EFI file alignment - avoid EFIv2 runtime services on Apple x86 machines - Improve shortcut performance when comparing two boolean expressions - Provide better error message when MokManager is not found - tpm: Boot with a warning if the event log is full - MokManager: remove redundant logical constraints - Test import_mok_state() when MokListRT would be bigger than available size - test-mok-mirror: minor bug fix - Fix file system browser hang when enrolling MOK from disk - Ignore a minor clang-tidy nit - Allow fallback to default loader when encountering errors on network boot - test.mk: don't use a temporary random.bin - pe: Enhance debug report for update_mem_attrs - Multiple certificate handling improvements - Generate SbatLevel Metadata from SbatLevel_Variable.txt - Apply EKU check with compile option - Add configuration option to boot an alternative 2nd stage - Loader protocol (with Device Path resolution support) - netboot cleanup for additional files - Document how revocations can be delivered - post-process-pe: add tests to validate NX compliance - regression: CopyMem() in ad8692e copies out of bounds - Save the debug and error logs in mok-variables - Add features for the Host Security ID program - Mirror some more efi variables to mok-variables - This adds DXE Services measurements to HSI and uses them for NX - Add shim's current NX_COMPAT status to HSIStatus - README.tpm: reflect that vendor_db is in fact logged as 'vendor_db' - Reject HTTP message with duplicate Content-Length header fields - Disable log saving - fallback: don't add new boot order entries backwards - README.tpm: Update MokList entry to MokListRT - SBAT Level update for February 2025 GRUB CVEs Moderate SUSE bug 1240871 SUSE bug 1247432 CVE-2024-2312 at SUSE CVE-2024-2312 at NVD cpe:/o:suse:sle-micro:5.5 Security update for zlib (Moderate) SUSE Linux Enterprise Micro 5.5 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). Moderate SUSE bug 1258392 CVE-2026-27171 at SUSE CVE-2026-27171 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libvirt (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libvirt fixes the following issues: Security fixes: - CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots (bsc#1253703) - CVE-2025-12748: Fixed check ACLs before parsing the whole domain XML (bsc#1253278) Other fixes: - libvirt-supportconfig: Add support for supportconfig.rc (bsc#1251822) Moderate SUSE bug 1251822 SUSE bug 1253278 SUSE bug 1253703 CVE-2025-12748 at SUSE CVE-2025-12748 at NVD CVE-2025-13193 at SUSE CVE-2025-13193 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libxslt (Moderate) SUSE Linux Enterprise Micro 5.5 This update for libxslt fixes the following issues: - CVE-2025-10911: use-after-free will be fixed on libxml2 side instead (bsc#1250553). Moderate SUSE bug 1250553 CVE-2025-10911 at SUSE CVE-2025-10911 at NVD cpe:/o:suse:sle-micro:5.5 Security update for mozilla-nss (Moderate) SUSE Linux Enterprise Micro 5.5 This update for mozilla-nss fixes the following issues: Update to NSS 3.112.3: * CVE-2026-2781: Avoid integer overflow in platform-independent ghash (bsc#1258568) Moderate SUSE bug 1258568 CVE-2026-2781 at SUSE CVE-2026-2781 at NVD cpe:/o:suse:sle-micro:5.5 Security update for expat (Moderate) SUSE Linux Enterprise Micro 5.5 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) Moderate SUSE bug 1257144 SUSE bug 1257496 CVE-2026-24515 at SUSE CVE-2026-24515 at NVD CVE-2026-25210 at SUSE CVE-2026-25210 at NVD cpe:/o:suse:sle-micro:5.5 Security update for libsoup2 (Important) SUSE Linux Enterprise Micro 5.5 This update for libsoup2 fixes the following issues: - CVE-2025-32049: denial of service attack to websocket server (bsc#1240751). - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398). - CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects (bsc#1257441). - CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request smuggling and potential DoS (bsc#1257597). - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources (bsc#1258120). - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers (bsc#1258170). - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508). Important SUSE bug 1240751 SUSE bug 1257398 SUSE bug 1257441 SUSE bug 1257597 SUSE bug 1258120 SUSE bug 1258170 SUSE bug 1258508 CVE-2025-32049 at SUSE CVE-2025-32049 at NVD CVE-2026-1467 at SUSE CVE-2026-1467 at NVD CVE-2026-1539 at SUSE CVE-2026-1539 at NVD CVE-2026-1760 at SUSE CVE-2026-1760 at NVD CVE-2026-2369 at SUSE CVE-2026-2369 at NVD CVE-2026-2443 at SUSE CVE-2026-2443 at NVD CVE-2026-2708 at SUSE CVE-2026-2708 at NVD cpe:/o:suse:sle-micro:5.5 Security update for python-tornado (Moderate) SUSE Linux Enterprise Micro 5.5 This update for python-tornado fixes the following issue: - CVE-2025-67724: missing validation of the supplied reason phrase (bsc#1254903). Moderate SUSE bug 1254903 CVE-2025-67724 at SUSE CVE-2025-67724 at NVD cpe:/o:suse:sle-micro:5.5 Security update for util-linux (Moderate) SUSE Linux Enterprise Micro 5.5 This update for util-linux fixes the following issues: - CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' (bsc#1258859). Moderate SUSE bug 1258859 CVE-2026-3184 at SUSE CVE-2026-3184 at NVD cpe:/o:suse:sle-micro:5.5 Security update for gnutls (Moderate) SUSE Linux Enterprise Micro 5.5 This update for gnutls fixes the following issues: - CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs) (bsc#1257960). Moderate SUSE bug 1257960 CVE-2025-14831 at SUSE CVE-2025-14831 at NVD cpe:/o:suse:sle-micro:5.5 Security update for qemu (Moderate) SUSE Linux Enterprise Micro 5.5 This update for qemu fixes the following issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto (bsc#1255400). Moderate SUSE bug 1255400 CVE-2025-14876 at SUSE CVE-2025-14876 at NVD cpe:/o:suse:sle-micro:5.5 Security update for glibc (Important) SUSE Linux Enterprise Micro 5.5 This update for glibc fixes the following issues: - CVE-2026-0861: memalign: reinstate alignment overflow check (bsc#1256766) - CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr (bsc#1256822) - CVE-2025-15281: posix: Reset wordexp_t fields with WRDE_REUSE (bsc#1257005) - CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp (bsc#1246965) Important SUSE bug 1246965 SUSE bug 1256766 SUSE bug 1256822 SUSE bug 1257005 CVE-2025-15281 at SUSE CVE-2025-15281 at NVD CVE-2025-8058 at SUSE CVE-2025-8058 at NVD CVE-2026-0861 at SUSE CVE-2026-0861 at NVD CVE-2026-0915 at SUSE CVE-2026-0915 at NVD cpe:/o:suse:sle-micro:5.5 Security update for vim (Moderate) SUSE Linux Enterprise Micro 5.5 This update for vim fixes the following issues: Update Vim to version 9.2.0110: - CVE-2025-53906: Fixed that malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602). - CVE-2026-26269: Fixed Netbeans specialKeys stack buffer overflow (bsc#1258229). - CVE-2026-28417: Fixed that a crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051). - CVE-2026-28418: Fixed that a malformed tags file can cause an heap-based buffer overflow out-of-bounds read (bsc#1259052) - CVE-2026-28419: Fixed processing a malformed tags file containing a delimiter can lead to a crash (bsc#1259053) - CVE-2026-28420: Fixed that processing maximum combining characters in terminal emulator can lead to heap-based buffer overflow write (bsc#1259054) - CVE-2026-28421: Fixed that a crafted swap file can cause a heap-buffer-overflow and a segmentation fault - CVE-2026-28422: Fixed that a malicious modeline or plugin can trigger a stack-buffer-overflow (bsc#1259056) Moderate SUSE bug 1246602 SUSE bug 1258229 SUSE bug 1259051 SUSE bug 1259052 SUSE bug 1259053 SUSE bug 1259054 SUSE bug 1259055 SUSE bug 1259056 CVE-2025-53906 at SUSE CVE-2025-53906 at NVD CVE-2026-26269 at SUSE CVE-2026-26269 at NVD CVE-2026-28417 at SUSE CVE-2026-28417 at NVD CVE-2026-28418 at SUSE CVE-2026-28418 at NVD CVE-2026-28419 at SUSE CVE-2026-28419 at NVD CVE-2026-28420 at SUSE CVE-2026-28420 at NVD CVE-2026-28421 at SUSE CVE-2026-28421 at NVD CVE-2026-28422 at SUSE CVE-2026-28422 at NVD cpe:/o:suse:sle-micro:5.5 Security update for curl (Important) SUSE Linux Enterprise Micro 5.5 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). Important SUSE bug 1259362 SUSE bug 1259363 SUSE bug 1259364 SUSE bug 1259365 CVE-2026-1965 at SUSE CVE-2026-1965 at NVD CVE-2026-3783 at SUSE CVE-2026-3783 at NVD CVE-2026-3784 at SUSE CVE-2026-3784 at NVD CVE-2026-3805 at SUSE CVE-2026-3805 at NVD cpe:/o:suse:sle-micro:5.5 Security update for jq (Low) SUSE Linux Enterprise Micro 5.5 This update for jq fixes the following issue: - CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation (bsc#1248600). Low SUSE bug 1248600 CVE-2025-9403 at SUSE CVE-2025-9403 at NVD cpe:/o:suse:sle-micro:5.5 Security update for helm (Important) SUSE Linux Enterprise Micro 5.5 This update for helm rebuilds it against the current go 1.25 security release. Important cpe:/o:suse:sle-micro:5.5 Security update for runc (Important) SUSE Linux Enterprise Micro 5.5 This update for runc rebuilds it against the current go 1.25 security release. Important cpe:/o:suse:sle-micro:5.5 Security update for docker (Important) SUSE Linux Enterprise Micro 5.5 This update for docker rebuilds it against the current go 1.25 security release. Important cpe:/o:suse:sle-micro:5.5 Mesa Mesa-dri Mesa-gallium Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1 SLE-Micro-release NetworkManager NetworkManager-bluetooth NetworkManager-cloud-setup NetworkManager-pppoe NetworkManager-tui NetworkManager-wwan libnm0 typelib-1_0-NM-1_0 afterburn afterburn-dracut aide apparmor-parser libapparmor1 pam_apparmor avahi libavahi-client3 libavahi-common3 libavahi-core7 aws-cli bash bash-sh libreadline7 bcm43xx-firmware btrfsmaintenance bzip2 libbz2-1 chrony chrony-pool-suse cifs-utils cni cni-plugins conmon conntrack-tools containerd containerized-data-importer-manifests coolkey coreutils cpio cracklib cracklib-dict-small libcrack2 cryptsetup libcryptsetup12 libcryptsetup12-hmac cups-config libcups2 curl libcurl4 cyrus-sasl cyrus-sasl-digestmd5 cyrus-sasl-gssapi libsasl2-3 dbus-1 dbus-1-x11 libdbus-1-3 dmidecode dnsmasq docker dracut dracut-fips e2fsprogs libcom_err2 libext2fs2 elfutils libasm1 libdw1 libelf1 file file-magic libmagic1 firewalld python3-firewall gawk gdk-pixbuf-loader-rsvg librsvg-2-2 gdk-pixbuf-query-loaders libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 git git-core perl-Git glib-networking glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 glibc glibc-devel glibc-locale glibc-locale-base gnutls libgnutls30 libgnutls30-hmac gpg2 gptfdisk grep groff grub2 grub2-arm64-efi grub2-i386-pc grub2-powerpc-ieee1275 grub2-s390x-emu grub2-snapper-plugin grub2-x86_64-efi grub2-x86_64-xen gstreamer libgstreamer-1_0-0 gstreamer-plugins-base libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 gtk2-tools libgtk-2_0-0 guestfs-tools libguestfs0 gzip liblzma5 xz haproxy iscsiuio libopeniscsiusr0 open-iscsi jq libjq1 kdump keepalived kernel-default kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd kernel-rt kpartx libmpath0 multipath-tools krb5 kubevirt-manifests kubevirt-virtctl less libX11-6 libX11-data libX11-xcb1 libXcursor1 libXext6 libXfixes3 libXi6 libXinerama1 libXrandr2 libXrender1 libXtst6 libXv1 libXxf86vm1 libarchive13 libaudit1 libauparse0 libaugeas0 libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 util-linux util-linux-systemd libbluetooth3 libbpf1 libbrotlicommon1 libbrotlidec1 libbsd0 libcairo-gobject2 libcairo2 libcap2 libcares2 libcolord2 libcontainers-common libcontainers-sles-mounts libekmfweb1 libkmipclient1 s390-tools libevent-2_1-8 libexpat1 libfreebl3 libsoftokn3 mozilla-nss mozilla-nss-certs mozilla-nss-tools libfreetype6 libfribidi0 libfuse2 libgcrypt20 libgcrypt20-hmac libgmp10 libgraphite2-3 libharfbuzz-gobject0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0 libhogweed6 libnettle8 libidn2-0 libjansson4 libjbig2 libjpeg8 libjson-c3 libksba8 liblcms2-2 libldap-2_4-2 libldap-data libldb2 liblua5_3-5 liblz4-1 liblzo2-2 libmicrohttpd12 libmpfr6 libmspack0 libncurses6 ncurses-utils terminfo terminfo-base libndp0 libnghttp2-14 libonig4 libopenssl-1_1-devel libopenssl1_1 libopenssl1_1-hmac openssl-1_1 libopus0 libosinfo libosinfo-1_0-0 typelib-1_0-Libosinfo-1_0 libp11-kit0 p11-kit p11-kit-tools libpango-1_0-0 typelib-1_0-Pango-1_0 libpcap1 libpcre1 libpcre2-8-0 libpcsclite1 pcsc-lite libpixman-1-0 libpng16-16 libpolkit-agent-1-0 libpolkit-gobject-1-0 polkit libprocps7 procps libprotobuf-lite20 libproxy1 libpython3_6m1_0 python3 python3-base librados2 librbd1 libseccomp2 libsepol2 libsha1detectcoll1 libslirp0 libsnmp40 snmp-mibs libsolv-tools libsoup-2_4-1 libspice-server1 libsqlite3-0 sqlite3-tcl libssh-config libssh4 libssh2-1 libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd sssd-common sssd-krb5-common sssd-ldap libsystemd0 libudev1 systemd systemd-container systemd-journal-remote systemd-sysvinit udev libtasn1 libtasn1-6 libtiff5 libtirpc-netconfig libtirpc3 libtpms0 libtss2-esys0 libtss2-fapi1 libtss2-mu0 libtss2-rc0 libtss2-sys1 libtss2-tcti-device0 libtss2-tctildr0 tpm2-0-tss libudisks2-0 libudisks2-0_btrfs libudisks2-0_lvm2 udisks2 libunwind libvirglrenderer1 libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-libs libvmtools0 open-vm-tools libvorbis0 libvorbisenc2 libxkbcommon0 libxml2-2 libxml2-tools python3-libxml2 libxslt1 libyajl2 libyaml-cpp0_6 libz1 zlib-devel libzmq5 libzstd1 zstd libzypp login_defs shadow logrotate mozilla-nspr nfs-client nfs-kernel-server opensc openslp openssh openssh-clients openssh-common openssh-fips openssh-server openssl pam pam_u2f perl perl-base perl-ExtUtils-MakeMaker permissions podman podman-cni-config podman-docker policycoreutils policycoreutils-devel policycoreutils-python-utils python3-policycoreutils powerpc-utils ppp procmail python3-Babel python3-Jinja2 python3-M2Crypto python3-PyYAML python3-certifi python3-configobj python3-cryptography python3-future python3-lxml python3-py python3-requests python3-rsa python3-salt salt salt-minion salt-transactional-update python3-setuptools python3-tornado python3-urllib3 qemu qemu-SLOF qemu-accel-tcg-x86 qemu-arm qemu-audio-spice qemu-block-curl qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-vga qemu-hw-usb-redirect qemu-ipxe qemu-ppc qemu-s390x qemu-seabios qemu-sgabios qemu-tools qemu-ui-opengl qemu-ui-spice-core qemu-vgabios qemu-x86 qemu-ovmf-x86_64 qemu-uefi-aarch64 rpcbind rpm rsync runc samba-client-libs shim skopeo slirp4netns socat squashfs sudo supportutils swtpm sysstat tar tpm2.0-tools trousers u-boot-rpiarm64 ucode-intel update-alternatives vim-data-common vim-small virt-install virt-manager-common wicked wicked-service wpa_supplicant xen-libs zypper zypper-needs-restarting libeconf0 kernel-default-base suse-module-tools libgcc_s1 libstdc++6 libzck1 python3-simplejson kernel-firmware-nvidia-gspx-G06 nvidia-open-driver-G06-signed-kmp-default fdo-client fdo-client-devel traceroute suse-build-key podman-remote podmansh cockpit-wicked python3-idna openCryptoki kernel-source-rt python3-rpm rpm-ndb libprotobuf-lite25_1_0 fwupdate fwupdate-efi libfwup1 libunbound8 unbound-anchor wget cockpit cockpit-bridge cockpit-networkmanager cockpit-selinux cockpit-storaged cockpit-system cockpit-ws python3-dnspython gtk3-data gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0 liborc-0_4-0 bind-utils python3-bind ca-certificates-mozilla libuv-devel libuv1 helm helm-bash-completion libatomic1 libabsl2308_0_0 libopenvswitch-3_1-0 libovn-23_03-0 openvswitch3 openvswitch3-pki openvswitch3-vtep ovn3 ovn3-central ovn3-docker ovn3-host ovn3-vtep python3-ovs3 google-guest-agent google-osconfig-agent kernel-macros augeas augeas-lenses iputils dhcp dhcp-client dhcp-devel dhcp-relay dhcp-server screen pam_pkcs11 libbd_btrfs2 libbd_crypto2 libbd_fs2 libbd_loop2 libbd_lvm2 libbd_mdraid2 libbd_part2 libbd_swap2 libbd_utils2 libblockdev libblockdev2 kernel-firmware-nvidia-gspx-G06-cuda nv-prefer-signed-open-driver nvidia-open-driver-G06-signed-cuda-kmp-default pam-config ignition ignition-dracut-grub2 clamav libclamav12 libclammspack0 libfreshclam3 boost-license1_66_0 libboost_system1_66_0 libboost_thread1_66_0 rust-keylime regionServiceClientConfigAzure regionServiceClientConfigEC2 regionServiceClientConfigGCE net-tools krb5-client chrony-pool-empty python3-sssd-config sssd-ad sssd-dbus sssd-krb5 sssd-tools dpdk22 dpdk22-kmp-default dpdk22-thunderx dpdk22-thunderx-kmp-default dpdk22-thunderx-tools dpdk22-tools libdpdk-23 libprocps8 python3-pyasn1 util-linux-extra libsodium23 net-snmp perl-SNMP libabsl2401_0_0 qemu-hw-display-virtio-gpu-pci libcapstone4 docker-buildx (aarch64|ppc64le|s390x|x86_64) 0:22.3.5-150500.75.2 5.5 (aarch64|ppc64le|s390x|x86_64) 0:1.38.6-150500.1.2 (aarch64|ppc64le|s390x|x86_64) 0:5.2.0-150500.1.4 (aarch64|ppc64le|s390x|x86_64) 0:0.16-24.1 (aarch64|ppc64le|s390x|x86_64) 0:3.0.4-150500.11.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.8-150400.7.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.27.89-150200.30.11.1 (aarch64|ppc64le|s390x|x86_64) 0:4.4-150400.25.22 (aarch64|ppc64le|s390x|x86_64) 0:7.0-150400.25.22 (aarch64|ppc64le|s390x|x86_64) 0:20180314-150400.28.5 (aarch64|ppc64le|s390x|x86_64) 0:0.4.2-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.8-150400.1.122 (aarch64|ppc64le|s390x|x86_64) 0:4.1-150400.19.4 (aarch64|ppc64le|s390x|x86_64) 0:6.15-150400.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.2-150500.1.20 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1-150500.1.19 (aarch64|ppc64le|s390x|x86_64) 0:2.1.7-150500.9.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.4.5-1.46 (aarch64|ppc64le|s390x|x86_64) 0:1.6.21-150000.93.1 (aarch64|ppc64le|s390x|x86_64) 0:1.55.0-150500.4.4 (aarch64|ppc64le|s390x|x86_64) 0:1.1.0-1.31 (aarch64|ppc64le|s390x|x86_64) 0:8.32-150400.7.5 (aarch64|ppc64le|s390x|x86_64) 0:2.13-150400.1.98 (aarch64|ppc64le|s390x|x86_64) 0:2.9.7-11.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.3-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.7-150000.3.46.1 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.26.1 (aarch64|ppc64le|s390x|x86_64) 0:2.1.28-150500.1.1 (aarch64|ppc64le|s390x|x86_64) 0:1.12.2-150400.18.8.1 (aarch64|ppc64le|s390x|x86_64) 0:3.4-150400.16.8.1 (aarch64|ppc64le|s390x|x86_64) 0:2.86-150400.14.3 (aarch64|ppc64le|s390x|x86_64) 0:24.0.5_ce-150000.185.1 (aarch64|ppc64le|s390x|x86_64) 0:055+suse.369.gde6c81bf-150500.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.46.4-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.185-150400.5.3.1 (aarch64|ppc64le|s390x|x86_64) 0:5.32-7.14.1 (aarch64|ppc64le|s390x|x86_64) 0:0.9.3-150400.8.12.1 (aarch64|ppc64le|s390x|x86_64) 0:4.2.1-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.52.10-150400.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.42.9-150400.5.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.35.3-150300.10.27.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.1-150400.1.6 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:2.31-150300.52.2 (aarch64|ppc64le|s390x|x86_64) 0:3.7.3-150400.4.35.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.27-150300.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.8-150400.1.7 (aarch64|ppc64le|s390x|x86_64) 0:3.1-150000.4.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.22.4-150400.3.4 (aarch64|ppc64le|s390x|x86_64) 0:2.06-150500.29.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.22.0-150500.3.2.3 (aarch64|ppc64le|s390x|x86_64) 0:1.22.0-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.24.33-150400.2.11 (aarch64|ppc64le|s390x|x86_64) 0:1.48.3-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.48.6-150500.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.10-150200.10.1 (aarch64|ppc64le|s390x|x86_64) 0:5.2.3-150000.4.7.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.22+git0.f8e3218e2-150400.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:0.7.8.6-150500.44.1 (aarch64|ppc64le|s390x|x86_64) 0:0.2.0-150500.44.1 (aarch64|ppc64le|s390x|x86_64) 0:2.1.8-150500.44.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.2+git42.ge1e25ed-150500.1.2 (aarch64|ppc64le|s390x|x86_64) 0:2.2.2-150500.6.2 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.19.1 (aarch64|ppc64le|s390x|x86_64) 0:20230724-150500.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.13.14.1 (aarch64|ppc64le|s390x|x86_64) 0:0.9.4+74+suse.f97cc59-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.1-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.58.0-150500.6.3 (aarch64|ppc64le|s390x|x86_64) 0:590-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6.5-150000.3.30.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.15-1.18 (aarch64|ppc64le|s390x|x86_64) 0:1.3.3-1.30 (aarch64|ppc64le|s390x|x86_64) 0:6.0.0-150400.1.4 (aarch64|ppc64le|s390x|x86_64) 0:1.7.9-3.2.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.3-1.22 (aarch64|ppc64le|s390x|x86_64) 0:1.5.1-2.17 (aarch64|ppc64le|s390x|x86_64) 0:0.9.10-1.30 (aarch64|ppc64le|s390x|x86_64) 0:1.2.3-1.24 (aarch64|ppc64le|s390x|x86_64) 0:1.0.11-1.23 (aarch64|ppc64le|s390x|x86_64) 0:1.1.4-1.23 (aarch64|ppc64le|s390x|x86_64) 0:3.5.1-150400.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:3.0.6-150400.4.13.1 (aarch64|ppc64le|s390x|x86_64) 0:1.12.0-150400.3.3.6 (aarch64|ppc64le|s390x|x86_64) 0:2.37.4-150500.7.16 (aarch64|ppc64le|s390x|x86_64) 0:2.37.4-150500.7.2 (aarch64|ppc64le|s390x|x86_64) 0:5.65-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.0-150500.1.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.7-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.8.7-3.3.17 (aarch64|ppc64le|s390x|x86_64) 0:1.16.0-150400.9.6 (aarch64|ppc64le|s390x|x86_64) 0:2.63-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.19.1-150000.3.23.1 (aarch64|ppc64le|s390x|x86_64) 0:1.4.5-150400.4.3.1 (aarch64|ppc64le|s390x|x86_64) 0:20230214-150500.4.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.25.0-150500.9.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.1.8-2.23 (aarch64|ppc64le|s390x|x86_64) 0:2.4.4-150400.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:3.90-150400.3.32.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.4-150000.4.15.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.10-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.9.7-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.4-150500.10.19 (aarch64|ppc64le|s390x|x86_64) 0:6.1.2-4.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.11-150000.4.3.1 (aarch64|ppc64le|s390x|x86_64) 0:3.4.0-150400.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:3.8.1-150500.2.25 (aarch64|ppc64le|s390x|x86_64) 0:2.2.0-3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.14-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.1-3.2.1 (aarch64|ppc64le|s390x|x86_64) 0:8.2.2-150400.15.9 (aarch64|ppc64le|s390x|x86_64) 0:0.13-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.5-150000.4.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.12-150400.1.10 (aarch64|ppc64le|s390x|x86_64) 0:2.4.46-150200.14.17.1 (aarch64|ppc64le|s390x|x86_64) 0:2.6.2-150500.1.1 (aarch64|ppc64le|s390x|x86_64) 0:5.3.6-3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.3-150400.1.7 (aarch64|ppc64le|s390x|x86_64) 0:2.10-2.22 (aarch64|ppc64le|s390x|x86_64) 0:0.9.57-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.2-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.6-3.14.1 (aarch64|ppc64le|s390x|x86_64) 0:6.1-150000.5.15.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6-1.26 (aarch64|ppc64le|s390x|x86_64) 0:1.40.0-6.1 (aarch64|ppc64le|s390x|x86_64) 0:6.7.0-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.15.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.1-150000.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:1.10.0-150500.1.3 (aarch64|ppc64le|s390x|x86_64) 0:0.23.22-150500.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.50.4-150400.1.5 (aarch64|ppc64le|s390x|x86_64) 0:1.10.1-150400.1.7 (aarch64|ppc64le|s390x|x86_64) 0:8.45-150000.20.13.1 (aarch64|ppc64le|s390x|x86_64) 0:10.39-150400.4.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.4-150400.1.9 (aarch64|ppc64le|s390x|x86_64) 0:0.40.0-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6.34-3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:121-150500.1.6 (aarch64|ppc64le|s390x|x86_64) 0:3.3.15-150000.7.34.1 (aarch64|ppc64le|s390x|x86_64) 0:3.9.2-150200.4.21.1 (aarch64|ppc64le|s390x|x86_64) 0:0.4.17-150400.1.8 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.48.1 (aarch64|ppc64le|s390x|x86_64) 0:16.2.11.58+g38d6afd3b78-150400.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.5.3-150400.2.4 (aarch64|ppc64le|s390x|x86_64) 0:3.4-150500.1.18 (aarch64|ppc64le|s390x|x86_64) 0:1.0.3-2.18 (aarch64|ppc64le|s390x|x86_64) 0:4.7.0+44-150500.2.1 (aarch64|ppc64le|s390x|x86_64) 0:5.9.3-150300.15.8.1 (aarch64|ppc64le|s390x|x86_64) 0:0.7.24-150400.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.1.6 (aarch64|ppc64le|s390x|x86_64) 0:0.15.0-150400.2.8 (aarch64|ppc64le|s390x|x86_64) 0:3.39.3-150000.3.20.1 (aarch64|ppc64le|s390x|x86_64) 0:0.9.6-150400.1.5 (aarch64|ppc64le|s390x|x86_64) 0:1.9.0-150000.4.16.1 (aarch64|ppc64le|s390x|x86_64) 0:2.5.2-150500.10.3.1 (aarch64|ppc64le|s390x|x86_64) 0:249.16-150400.8.33.1 (aarch64|ppc64le|s390x|x86_64) 0:4.13-150000.4.8.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.9-150000.45.28.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.6-150300.3.17.1 (aarch64|ppc64le|s390x|x86_64) 0:0.8.2-150300.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:3.1.0-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.9.2-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.5.0-4.5.1 (aarch64|ppc64le|s390x|x86_64) 0:0.9.1-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:9.0.0-150500.6.11.1 (aarch64|ppc64le|s390x|x86_64) 0:12.2.0-150300.33.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.6-150000.4.5.2 (aarch64|ppc64le|s390x|x86_64) 0:1.3.0-150400.1.13 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.34-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.1.0-150000.4.6.1 (aarch64|ppc64le|s390x|x86_64) 0:0.6.3-150400.4.3.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.13-150500.2.3 (aarch64|ppc64le|s390x|x86_64) 0:4.2.3-3.15.4 (aarch64|ppc64le|s390x|x86_64) 0:1.5.0-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:17.31.20-150400.3.40.1 (aarch64|ppc64le|s390x|x86_64) 0:4.8.1-150500.1.10 (aarch64|ppc64le|s390x|x86_64) 0:3.18.1-150400.3.7.1 (aarch64|ppc64le|s390x|x86_64) 0:4.35-150000.3.29.1 (aarch64|ppc64le|s390x|x86_64) 0:2.1.1-150500.20.2 (aarch64|ppc64le|s390x|x86_64) 0:0.22.0-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.0.0-6.15.1 (aarch64|ppc64le|s390x|x86_64) 0:8.4p1-150300.3.22.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150400.1.5 (aarch64|ppc64le|s390x|x86_64) 0:1.3.0-150000.6.61.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.0-150400.2.4 (aarch64|ppc64le|s390x|x86_64) 0:5.26.1-150300.17.14.1 (aarch64|ppc64le|s390x|x86_64) 0:7.62-150400.1.5 (aarch64|ppc64le|s390x|x86_64) 0:20201225-150400.5.16.1 (aarch64|ppc64le|s390x|x86_64) 0:4.4.4-150500.1.4 (aarch64|ppc64le|s390x|x86_64) 0:3.4-150500.1.3 (aarch64|ppc64le|s390x|x86_64) 0:1.3.11-150500.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.7-150000.5.10.3 (aarch64|ppc64le|s390x|x86_64) 0:3.22-2.34 (aarch64|ppc64le|s390x|x86_64) 0:2.8.0-3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.1-3.10.2 (aarch64|ppc64le|s390x|x86_64) 0:0.38.0-150400.7.64 (aarch64|ppc64le|s390x|x86_64) 0:5.4.1-1.1 (aarch64|ppc64le|s390x|x86_64) 0:2018.1.18-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:5.0.6-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:3.3.2-150400.16.6.1 (aarch64|ppc64le|s390x|x86_64) 0:0.18.2-150300.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.1-150500.1.2 (aarch64|ppc64le|s390x|x86_64) 0:1.10.0-150100.5.12.1 (aarch64|ppc64le|s390x|x86_64) 0:2.24.0-150300.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:3.4.2-150000.3.7.1 (aarch64|ppc64le|s390x|x86_64) 0:3006.0-150500.4.12.2 (aarch64|ppc64le|s390x|x86_64) 0:44.1.1-150400.9.3.3 (aarch64|ppc64le|s390x|x86_64) 0:4.5.3-150000.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.25.10-4.3.1 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.0+-150500.49.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.16.0_0_gd239552-150500.49.6.1 (aarch64|ppc64le|s390x|x86_64) 0:8-150500.49.6.1 (aarch64|ppc64le|s390x|x86_64) 0:202208-150500.4.1 (aarch64|ppc64le|s390x|x86_64) 0:0.2.3-5.9.2 (aarch64|ppc64le|s390x|x86_64) 0:4.14.3-150300.55.1 (aarch64|ppc64le|s390x|x86_64) 0:3.2.3-150400.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.7-150000.46.1 (aarch64|ppc64le|s390x|x86_64) 0:4.17.9+git.387.ca59f91f61-150500.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:15.7-150300.4.16.1 (aarch64|ppc64le|s390x|x86_64) 0:1.12.0-150300.11.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.0-150500.1.1 (aarch64|ppc64le|s390x|x86_64) 0:1.7.3.2-4.10 (aarch64|ppc64le|s390x|x86_64) 0:4.4-1.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.12p1-150500.5.1 (aarch64|ppc64le|s390x|x86_64) 0:3.1.21-150300.7.35.18.1 (aarch64|ppc64le|s390x|x86_64) 0:0.7.3-150500.2.1 (aarch64|ppc64le|s390x|x86_64) 0:12.0.2-3.33.1 (aarch64|ppc64le|s390x|x86_64) 0:1.34-150000.3.31.1 (aarch64|ppc64le|s390x|x86_64) 0:5.2-150400.4.6 (aarch64|ppc64le|s390x|x86_64) 0:0.3.15-150400.1.10 (aarch64|ppc64le|s390x|x86_64) 0:2021.10-150400.4.11.1 (aarch64|ppc64le|s390x|x86_64) 0:20230808-150200.27.1 (aarch64|ppc64le|s390x|x86_64) 0:1.19.0.4-150000.4.4.1 (aarch64|ppc64le|s390x|x86_64) 0:9.0.1632-150500.20.3.1 (aarch64|ppc64le|s390x|x86_64) 0:4.1.0-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.6.73-150500.3.10.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10-150500.1.3 (aarch64|ppc64le|s390x|x86_64) 0:4.17.2_02-150500.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.14.63-150400.3.29.1 (aarch64|s390x|x86_64) 0:7.1.0-150500.49.6.1 (x86_64) 0:7.1.0-150500.49.6.1 (aarch64) 0:7.1.0-150500.49.6.1 (noarch) 0:1.0.0+-150500.49.6.1 (s390x) 0:7.1.0-150500.49.6.1 (noarch) 0:1.16.0_0_gd239552-150500.49.6.1 (noarch) 0:8-150500.49.6.1 (aarch64|s390x|x86_64) 0:2.10.3-150500.5.8.1 (aarch64|s390x|x86_64) 0:2.2.7-150000.3.51.2 (aarch64|s390x|x86_64) 0:1.6.21-150000.95.1 (noarch) 0:3.1.26-150300.7.35.21.1 (aarch64|s390x|x86_64) 0:3.6.15-150300.10.51.1 (aarch64|s390x|x86_64) 0:1.1.8-150000.49.1 (aarch64|s390x|x86_64) 0:0.5.2-150400.3.6.1 (aarch64|s390x|x86_64) 0:1.6.5-150000.3.33.1 (noarch) 0:1.6.5-150000.3.33.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.28.1 (aarch64|x86_64) 0:5.14.21-150500.55.28.1.150500.6.11.2 (x86_64) 0:5.14.21-150500.13.18.1 (aarch64|s390x|x86_64) 0:1.40.0-150200.9.1 (aarch64|s390x|x86_64) 0:2.1.7-150500.9.6.1 (x86_64) 0:5.14.21-150500.13.21.1 (aarch64|s390x|x86_64) 0:8.0.1-150400.5.32.1 (aarch64|s390x|x86_64) 0:4.17.9+git.421.abde31ca5c2-150500.3.11.1 (x86_64) 0:4.17.2_06-150500.3.12.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.31.1 (aarch64|x86_64) 0:5.14.21-150500.55.31.1.150500.6.13.1 (aarch64|s390x|x86_64) 0:1.1.1-150500.3.2.1 (aarch64|s390x|x86_64) 0:1.1.2-150500.3.2.1 (aarch64|s390x|x86_64) 0:0.22.0-150400.3.6.1 (noarch) 0:1.25.10-150300.4.6.1 (aarch64|s390x|x86_64) 0:2.31-150300.63.1 (aarch64|s390x|x86_64) 0:15.5.3-150500.3.6.1 (aarch64|s390x|x86_64) 0:2.06-150500.29.8.1 (noarch) 0:2.06-150500.29.8.1 (s390x) 0:2.06-150500.29.8.1 (aarch64|s390x|x86_64) 0:13.2.1+git7813-150000.1.3.3 (aarch64|s390x|x86_64) 0:1.11.0-150000.4.19.1 (aarch64|s390x|x86_64) 0:1.40.0-150200.12.1 (aarch64|s390x|x86_64) 0:1.2.13-150500.4.3.1 (aarch64|s390x|x86_64) 0:1.1.16-150400.3.7.1 (x86_64) 0:12.3.0-150300.43.1 (x86_64) 0:5.14.21-150500.13.24.1 (aarch64|s390x|x86_64) 0:4.0.9-150000.45.32.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.36.1 (aarch64|x86_64) 0:5.14.21-150500.55.36.1.150500.6.15.3 (aarch64|s390x|x86_64) 0:3006.0-150500.4.24.2 (aarch64|s390x|x86_64) 0:3.17.2-150300.3.4.1 (aarch64|x86_64) 0:535.129.03-150500.11.9.1 (aarch64|x86_64) 0:535.129.03_k5.14.21_150500.55.31-150500.3.13.1 (x86_64) 0:20231113-150200.32.1 (noarch) 0:1.25.10-150300.4.9.1 (x86_64) 0:4.17.2_08-150500.3.15.1 (x86_64) 0:20231114-150200.35.1 (aarch64|s390x|x86_64) 0:0.8-150400.7.10.1 (aarch64|s390x|x86_64) 0:2.10.3-150500.5.11.1 (noarch) 0:44.1.1-150400.9.6.1 (aarch64|s390x|x86_64) 0:1.1.1l-150500.17.22.1 (aarch64|s390x|x86_64) 0:1.0.0+git20210816.baa09b5-150500.3.3.1 (noarch) 0:9.0.2103-150500.20.6.1 (aarch64|s390x|x86_64) 0:9.0.2103-150500.20.6.1 (aarch64|s390x|x86_64) 0:4.6.1-150300.3.3.1 (aarch64|s390x|x86_64) 0:3.44.0-150000.3.23.1 (aarch64|s390x|x86_64) 0:2.0.21-150000.3.3.1 (x86_64) 0:1.1.0-150500.8.6.1 (aarch64|s390x|x86_64) 0:2.4.22+git0.f8e3218e2-150400.3.19.1 (x86_64) 0:1.58.0-150500.6.6.1 (aarch64|s390x|x86_64) 0:8.0.1-150400.5.36.1 (noarch) 0:20230724-150500.3.9.1 (aarch64|s390x|x86_64) 0:7.1.0-150500.49.9.2 (x86_64) 0:7.1.0-150500.49.9.2 (aarch64) 0:7.1.0-150500.49.9.2 (noarch) 0:1.0.0+-150500.49.9.2 (s390x) 0:7.1.0-150500.49.9.2 (noarch) 0:1.16.0_0_gd239552-150500.49.9.2 (noarch) 0:8-150500.49.9.2 (noarch) 0:12.0-150000.8.37.1 (aarch64|s390x|x86_64) 0:1.7.8-150000.103.1 (aarch64|s390x|x86_64) 0:1.1.10-150000.55.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.39.1 (aarch64|x86_64) 0:5.14.21-150500.55.39.1.150500.6.17.1 (x86_64) 0:5.14.21-150500.13.27.2 (aarch64|s390x|x86_64) 0:3.3.2-150400.23.1 (aarch64|s390x|x86_64) 0:4.0.9-150000.45.35.1 (aarch64|s390x|x86_64) 0:6.1-150000.5.20.1 (aarch64|s390x|x86_64) 0:0.8-150400.7.13.1 (aarch64|s390x|x86_64) 0:8.4p1-150300.3.27.1 (aarch64|s390x|x86_64) 0:24.0.7_ce-150000.190.4 (x86_64) 0:4.17.3_02-150500.3.18.1 (aarch64|s390x|x86_64) 0:2.4.7-150000.5.13.1 (aarch64|s390x|x86_64) 0:2.1-150000.3.5.1 (aarch64|s390x|x86_64) 0:3.7.3-150400.4.38.1 (noarch) 0:4.8.1-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:4.8.1-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.8-150400.7.16.1 (aarch64|s390x|x86_64) 0:9.0.0-150500.6.20.1 (aarch64|x86_64) 0:9.0.0-150500.6.20.1 (x86_64) 0:4.17.3_08-150500.3.27.1 (aarch64|s390x|x86_64) 0:7.1.0-150500.49.12.1 (x86_64) 0:7.1.0-150500.49.12.1 (aarch64) 0:7.1.0-150500.49.12.1 (noarch) 0:1.0.0+-150500.49.12.1 (s390x) 0:7.1.0-150500.49.12.1 (noarch) 0:1.16.0_0_gd239552-150500.49.12.1 (noarch) 0:8-150500.49.12.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.4-150400.3.17.1 (aarch64|ppc64le|s390x|x86_64) 0:6.1-150000.5.24.1 (aarch64|ppc64le|s390x|x86_64) 0:1.19.1-150000.3.26.1 (x86_64) 0:20240312-150200.38.1 (aarch64|s390x|x86_64) 0:4.8.3-150500.3.9.1 (noarch) 0:4.8.3-150500.3.9.1 (x86_64) 0:5.14.21-150500.13.30.1 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.44.1 (x86_64) 0:1.58.0-150500.6.12.1 (x86_64) 0:1.1.1-150500.8.12.1 (aarch64|ppc64le|s390x|x86_64) 0:1.40.0-150200.17.1 (aarch64|s390x|x86_64) 0:2.37.4-150500.9.6.1 (aarch64|s390x|x86_64) 0:590-150400.3.6.2 (aarch64|ppc64le|s390x|x86_64) 0:3.7.3-150400.4.44.1 (noarch) 0:9.1.0111-150500.20.9.1 (aarch64|s390x|x86_64) 0:9.1.0111-150500.20.9.1 (x86_64) 0:4.17.4_02-150500.3.30.1 (x86_64) 0:1.1.1-150500.8.15.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.0-150000.6.66.1 (aarch64|x86_64) 0:15.8-150300.4.20.2 (aarch64|s390x|x86_64) 0:2.31-150300.74.1 (aarch64|ppc64le|s390x|x86_64) 0:121-150500.3.3.1 (aarch64|s390x|x86_64) 0:0.9.8-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.22.0-150400.3.9.1 (noarch) 0:5~git8.c06c55b-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.15.1 (noarch) 0:7.1.0-150500.49.15.1 (x86_64) 0:7.1.0-150500.49.15.1 (aarch64) 0:7.1.0-150500.49.15.1 (noarch) 0:1.0.0+-150500.49.15.1 (ppc64le) 0:7.1.0-150500.49.15.1 (s390x) 0:7.1.0-150500.49.15.1 (noarch) 0:1.16.0_0_gd239552-150500.49.15.1 (noarch) 0:8-150500.49.15.1 (noarch) 0:2.6-150000.3.3.1 (s390x) 0:3.23.0-150500.3.3.13 (x86_64) 0:5.14.21-150500.13.47.1 (noarch) 0:5.14.21-150500.13.47.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.59.1 (aarch64|x86_64) 0:5.14.21-150500.55.59.1.150500.6.25.7 (aarch64|s390x|x86_64) 0:1.14.2-150300.11.8.1 (aarch64|ppc64le|s390x|x86_64) 0:4.14.3-150400.59.16.1 (aarch64|s390x|x86_64) 0:2.5.2-150500.10.17.1 (aarch64|ppc64le|s390x|x86_64) 0:590-150400.3.9.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.44.1 (aarch64|x86_64) 0:5.14.21-150500.55.44.1.150500.6.19.2 (aarch64|ppc64le|s390x|x86_64) 0:3.1.0-150400.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:5.2-150400.6.3.1 (aarch64|s390x|x86_64) 0:25.1-150400.9.6.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.62.2 (aarch64|x86_64) 0:5.14.21-150500.55.62.2.150500.6.27.2 (x86_64) 0:5.14.21-150500.13.52.1 (noarch) 0:5.14.21-150500.13.52.1 (aarch64|ppc64le|s390x|x86_64) 0:1.16.0-150400.11.3.1 (aarch64|ppc64le|s390x|x86_64) 0:5.26.1-150300.17.17.1 (x86_64) 0:20240514-150200.41.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.65.1 (aarch64|x86_64) 0:5.14.21-150500.55.65.1.150500.6.29.1 (aarch64|ppc64le|s390x|x86_64) 0:2.35.3-150300.10.39.1 (aarch64|s390x|x86_64) 0:1.1.1l-150500.17.28.2 (x86_64) 0:5.14.21-150500.13.55.1 (noarch) 0:5.14.21-150500.13.55.1 (aarch64|s390x|x86_64) 0:5.65-150500.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.11.1 (noarch) 0:2.10.1-150000.3.13.1 (x86_64) 0:12-150100.11.15.2 (noarch) 0:2.25.1-150300.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.22.0-150500.3.8.2 (aarch64|ppc64le|s390x|x86_64) 0:2.31-150300.83.1 (aarch64|ppc64le|s390x|x86_64) 0:1.14.4-150300.11.11.1 (x86_64) 0:1.58.0-150500.6.15.1 (aarch64|x86_64) 0:550.90.07-150500.11.29.1 (aarch64|x86_64) 0:550.90.07_k5.14.21_150500.55.65-150500.3.47.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.0-150100.10.13.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.7-150000.3.59.1 (x86_64) 0:5.14.21-150500.13.58.1 (noarch) 0:5.14.21-150500.13.58.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.9-150000.45.44.1 (aarch64|s390x|x86_64) 0:4.9.5-150500.3.12.1 (noarch) 0:4.9.5-150500.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.31.1 (aarch64|ppc64le|s390x|x86_64) 0:2.42.12-150400.5.9.1 (aarch64|s390x|x86_64) 0:1.7.17-150000.111.3 (aarch64|ppc64le|s390x|x86_64) 0:3.5.1-150400.3.15.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.3-150000.3.20.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.68.1 (aarch64|x86_64) 0:5.14.21-150500.55.68.1.150500.6.31.1 (x86_64) 0:1.1.1-150500.8.18.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.15.1 (noarch) 0:4.9.5-150500.3.15.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.17.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.1-150500.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:298-150500.3.6.1 (noarch) 0:298-150500.3.6.1 (ppc64le) 0:2.4.22+git0.f8e3218e2-150400.3.19.1 (ppc64le) 0:2.1-150000.3.5.1 (aarch64|s390x|x86_64) 0:2.13-150400.3.3.1 (ppc64le) 0:2.4.7-150000.5.13.1 (x86_64) 0:5.14.21-150500.13.61.1 (noarch) 0:5.14.21-150500.13.61.1 (aarch64|ppc64le|s390x|x86_64) 0:6.7.0-150000.3.6.1 (ppc64le) 0:1.1.2-150500.3.2.1 (ppc64le) 0:1.1.1-150500.3.2.1 (ppc64le) 0:0.5.2-150400.3.6.1 (ppc64le) 0:3.44.0-150000.3.23.1 (ppc64le) 0:1.2.13-150500.4.3.1 (ppc64le) 0:1.1.16-150400.3.7.1 (ppc64le) 0:1.6.5-150000.3.33.1 (ppc64le) 0:4.6.1-150300.3.3.1 (ppc64le) 0:1.0.0+git20210816.baa09b5-150500.3.3.1 (ppc64le) 0:2.0.21-150000.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.65.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.65.2 (x86_64) 0:4.17.4_04-150500.3.33.1 (noarch) 0:1.15.0-150000.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:2.35.3-150300.10.42.1 (noarch) 0:4.8.1-150500.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:4.8.1-150500.3.6.1 (x86_64) 0:4.17.3_04-150500.3.21.1 (aarch64|ppc64le|s390x|x86_64) 0:2.24.33-150400.4.3.1 (noarch) 0:3.24.34-150400.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:3.24.34-150400.3.9.1 (noarch) 0:1.25.10-150300.4.12.1 (aarch64|ppc64le|s390x|x86_64) 0:0.4.28-150000.3.6.1 (x86_64) 0:1.59.0-150500.6.18.1 (x86_64) 0:1.2.2-150500.8.21.1 (aarch64|ppc64le|s390x|x86_64) 0:3.101.2-150400.3.48.1 (noarch) 0:4.8.1-150500.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:4.8.1-150500.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:9.16.50-150500.8.21.1 (noarch) 0:9.16.50-150500.8.21.1 (noarch) 0:2.68-150200.33.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.34.1 (x86_64) 0:5.14.21-150500.13.64.1 (noarch) 0:5.14.21-150500.13.64.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.73.1 (aarch64|x86_64) 0:5.14.21-150500.55.73.1.150500.6.33.8 (aarch64|s390x|x86_64) 0:1.1.11-150000.58.1 (aarch64|ppc64le|s390x|x86_64) 0:2.13-150400.3.6.1 (noarch) 0:44.1.1-150400.9.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.0-150100.10.16.1 (x86_64) 0:4.17.5_02-150500.3.36.1 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.18.1 (noarch) 0:7.1.0-150500.49.18.1 (x86_64) 0:7.1.0-150500.49.18.1 (aarch64) 0:7.1.0-150500.49.18.1 (noarch) 0:1.0.0+-150500.49.18.1 (ppc64le) 0:7.1.0-150500.49.18.1 (s390x) 0:7.1.0-150500.49.18.1 (noarch) 0:1.16.0_0_gd239552-150500.49.18.1 (noarch) 0:8-150500.49.18.1 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.47.1 (noarch) 0:20230724-150500.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.14.1 (x86_64) 0:20240813-150200.44.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.9-150000.45.47.1 (aarch64|ppc64le|s390x|x86_64) 0:25.0.6_ce-150000.207.1 (aarch64|ppc64le|s390x|x86_64) 0:249.17-150400.8.43.1 (x86_64) 0:5.14.21-150500.13.67.3 (noarch) 0:5.14.21-150500.13.67.3 (aarch64|ppc64le|s390x|x86_64) 0:1.10.1-150400.3.3.2 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.50.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.4-150400.3.22.1 (aarch64|ppc64le|s390x|x86_64) 0:1.7.21-150000.117.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.14-150000.70.1 (noarch) 0:1.15.0-150000.3.10.2 (x86_64) 0:20240910-150200.47.1 (x86_64) 0:5.14.21-150500.13.70.2 (noarch) 0:5.14.21-150500.13.70.2 (x86_64) 0:4.17.5_04-150500.3.39.1 (aarch64|ppc64le|s390x|x86_64) 0:0.22.0-150400.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.72.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.80.2 (aarch64|x86_64) 0:5.14.21-150500.55.80.2.150500.6.35.6 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.18.1 (noarch) 0:4.9.5-150500.3.18.1 (aarch64|ppc64le|s390x|x86_64) 0:22.3.5-150500.77.5.1 (aarch64|ppc64le|x86_64) 0:22.3.5-150500.77.5.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.83.1 (aarch64|x86_64) 0:5.14.21-150500.55.83.1.150500.6.37.1 (x86_64) 0:5.14.21-150500.13.73.1 (noarch) 0:5.14.21-150500.13.73.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.2-150500.8.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.0-150100.10.19.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.25.1 (noarch) 0:4.9.5-150500.3.25.1 (aarch64|ppc64le|s390x|x86_64) 0:25.1-150500.12.5.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.28.1 (noarch) 0:4.9.5-150500.3.28.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.37.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.75.1 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.56.1 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.24.1 (noarch) 0:7.1.0-150500.49.24.1 (x86_64) 0:7.1.0-150500.49.24.1 (aarch64) 0:7.1.0-150500.49.24.1 (noarch) 0:1.0.0+-150500.49.24.1 (ppc64le) 0:7.1.0-150500.49.24.1 (s390x) 0:7.1.0-150500.49.24.1 (noarch) 0:1.16.0_0_gd239552-150500.49.24.1 (noarch) 0:8-150500.49.24.1 (x86_64) 0:4.17.5_06-150500.3.42.1 (x86_64) 0:5.14.21-150500.13.76.1 (noarch) 0:5.14.21-150500.13.76.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.4-150400.3.25.1 (x86_64) 0:20241112-150200.50.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.17.1 (noarch) 0:202208-150500.6.3.1 (aarch64) 0:1.44.2-150500.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.44.2-150500.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.3-150000.3.26.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.78.1 (aarch64|ppc64le|s390x|x86_64) 0:3.16.3-150000.1.38.1 (noarch) 0:3.16.3-150000.1.38.1 (aarch64|ppc64le|s390x|x86_64) 0:1.8.0.0-150400.14.6.1 (x86_64) 0:5.14.21-150500.13.79.1 (noarch) 0:5.14.21-150500.13.79.1 (noarch) 0:9.1.0836-150500.20.15.1 (aarch64|ppc64le|s390x|x86_64) 0:9.1.0836-150500.20.15.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.59.1 (aarch64|ppc64le|s390x|x86_64) 0:26.1.5_ce-150000.212.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.88.1 (aarch64|x86_64) 0:5.14.21-150500.55.88.1.150500.6.39.4 (aarch64|ppc64le|s390x|x86_64) 0:0.8-150400.7.20.1 (x86_64) 0:1.1.1-150500.8.9.1 (x86_64) 0:1.58.0-150500.6.9.1 (noarch) 0:12.0-150000.8.40.1 (aarch64|s390x|x86_64) 0:13.2.1+git7813-150000.1.6.1 (aarch64|s390x|x86_64) 0:1.1.12-150000.61.2 (x86_64) 0:5.14.21-150500.13.35.1 (aarch64|s390x|x86_64) 0:3006.0-150500.4.29.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.49.1 (aarch64|x86_64) 0:5.14.21-150500.55.49.1.150500.6.21.2 (aarch64|s390x|x86_64) 0:1.1.1l-150500.17.25.1 (aarch64|s390x|x86_64) 0:2.10.3-150500.5.14.1 (aarch64|s390x|x86_64) 0:1.11.0-150000.4.25.1 (aarch64|s390x|x86_64) 0:20230802.1-150400.10.4.1 (aarch64|s390x|x86_64) 0:25.1-150400.9.3.1 (aarch64|s390x|x86_64) 0:3.6.15-150300.10.54.1 (aarch64|s390x|x86_64) 0:24.0.7_ce-150000.193.1 (aarch64|s390x|x86_64) 0:4.0.9-150000.45.38.1 (aarch64|s390x|x86_64) 0:8.4p1-150300.3.30.1 (aarch64|s390x|x86_64) 0:3.90.2-150400.3.39.1 (aarch64|s390x|x86_64) 0:1.11.0-150000.4.22.1 (aarch64|s390x|x86_64) 0:3.7.3-150400.4.41.3 (aarch64|ppc64le|s390x|x86_64) 0:1.34-150000.3.34.1 (aarch64|ppc64le|s390x|x86_64) 0:3.1.0-150500.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:23.03.0-150500.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10-150500.3.3.1 (aarch64|x86_64) 0:550.54.14-150500.11.18.1 (aarch64|x86_64) 0:550.54.14_k5.14.21_150500.55.49-150500.3.36.1 (x86_64) 0:4.17.3_06-150500.3.24.1 (aarch64|s390x|x86_64) 0:5.14.21-150500.55.52.1 (aarch64|x86_64) 0:5.14.21-150500.55.52.1.150500.6.23.1 (aarch64|s390x|x86_64) 0:2.31-150300.68.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.12p1-150500.7.10.1 (aarch64|s390x|x86_64) 0:3.6.15-150300.10.57.1 (x86_64) 0:5.14.21-150500.13.38.1 (noarch) 0:5.14.21-150500.13.38.1 (aarch64|s390x|x86_64) 0:4.0.9-150000.45.41.1 (aarch64|s390x|x86_64) 0:1.20.1-150500.3.6.1 (noarch) 0:2.10.1-150000.3.21.1 (aarch64|ppc64le|s390x|x86_64) 0:20250116.00-150000.1.57.1 (aarch64|ppc64le|s390x|x86_64) 0:20250115.01-150000.1.47.1 (aarch64|ppc64le|s390x|x86_64) 0:3.17.2-150000.1.44.1 (noarch) 0:3.17.2-150000.1.44.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.40.1 (noarch) 0:4.9.5-150500.3.40.1 (aarch64|ppc64le|s390x|x86_64) 0:1.14.4-150300.11.22.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.84.1 (aarch64|ppc64le|s390x|x86_64) 0:27.5.1_ce-150000.218.1 (aarch64|ppc64le|s390x|x86_64) 0:3.0.4-150500.11.12.2 (aarch64|ppc64le|s390x|x86_64) 0:1.1.34-150400.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:20250327.01-150000.1.60.1 (x86_64) 0:5.14.21-150500.13.91.1 (noarch) 0:5.14.21-150500.13.91.1 (aarch64|ppc64le|s390x|x86_64) 0:2.7.1-150400.3.28.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.100.1 (aarch64|x86_64) 0:5.14.21-150500.55.100.1.150500.6.47.1 (noarch) 0:5.14.21-150500.55.100.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.0-150000.6.76.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.22+git0.f8e3218e2-150400.3.22.1 (aarch64|ppc64le|s390x|x86_64) 0:1.7.27-150000.123.1 (aarch64|ppc64le|s390x|x86_64) 0:6.15-150400.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:1.12.0-150400.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.26.1 (aarch64|ppc64le|s390x|x86_64) 0:2.35.3-150300.10.48.1 (aarch64|ppc64le|s390x|x86_64) 0:3.49.1-150000.3.27.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:3.0.4-150500.11.18.1 (aarch64|ppc64le|s390x|x86_64) 0:8.4p1-150300.3.49.1 (aarch64|ppc64le|s390x|x86_64) 0:3.17.3-150000.1.47.1 (noarch) 0:3.17.3-150000.1.47.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.20.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.103.1 (aarch64|x86_64) 0:5.14.21-150500.55.103.1.150500.6.49.1 (noarch) 0:5.14.21-150500.55.103.1 (x86_64) 0:5.14.21-150500.13.94.1 (noarch) 0:5.14.21-150500.13.94.1 (aarch64|ppc64le|s390x|x86_64) 0:3.2.3-150400.3.17.1 (x86_64) 0:20250512-150200.56.1 (x86_64) 0:12.5.2-150300.58.1 (aarch64|ppc64le|s390x|x86_64) 0:4.5.3-150000.3.10.1 (aarch64|ppc64le|s390x|x86_64) 0:20221126-150500.3.11.1 (aarch64|ppc64le|s390x|x86_64) 0:2.31-150300.95.1 (noarch) 0:44.1.1-150400.9.12.1 (x86_64) 0:4.17.5_08-150500.3.45.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:12.0.2-150000.3.37.1 (aarch64|ppc64le|s390x|x86_64) 0:4.3.6.P1-150000.6.22.1 (aarch64) 0:4.3.6.P1-150000.6.22.1 (x86_64) 0:5.14.21-150500.13.97.1 (noarch) 0:5.14.21-150500.13.97.1 (noarch) 0:2.25.1-150300.3.15.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.0-150400.4.5.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.91.1 (aarch64|x86_64) 0:5.14.21-150500.55.91.1.150500.6.41.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.0-150000.6.83.1 (aarch64|ppc64le|s390x|x86_64) 0:4.6.2-150000.5.8.1 (aarch64|ppc64le|s390x|x86_64) 0:5.26.1-150300.17.20.1 (aarch64|ppc64le|s390x|x86_64) 0:0.6.10-150100.3.11.1 (aarch64|ppc64le|s390x|x86_64) 0:2.26-150400.3.5.1 (aarch64|x86_64) 0:565.57.01-150500.3.70.2 (aarch64|x86_64) 0:565.57.01_k5.14.21_150500.53-150500.3.70.2 (aarch64|x86_64) 0:550.144.03_k5.14.21_150500.53-150500.3.70.2 (aarch64|ppc64le|s390x|x86_64) 0:1.1-150200.3.14.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.43.2 (noarch) 0:4.9.5-150500.3.43.2 (aarch64|ppc64le|s390x|x86_64) 0:2.17.0-150500.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:1.4.3-150200.8.14.1 (aarch64|ppc64le|s390x|x86_64) 0:3.18.3-150000.1.50.1 (noarch) 0:3.18.3-150000.1.50.1 (x86_64) 0:1.2.2-150500.8.24.1 (aarch64|ppc64le|s390x|x86_64) 0:20250416.02-150000.1.50.1 (x86_64) 0:1.59.0-150500.6.21.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.110.1 (aarch64|x86_64) 0:5.14.21-150500.55.110.1.150500.6.51.3 (noarch) 0:5.14.21-150500.55.110.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.12p1-150500.7.13.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.6-150000.73.2 (noarch) 0:9.1.1406-150500.20.27.1 (aarch64|ppc64le|s390x|x86_64) 0:9.1.1406-150500.20.27.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.113.1 (aarch64|x86_64) 0:5.14.21-150500.55.113.1.150500.6.53.1 (noarch) 0:5.14.21-150500.55.113.1 (aarch64|ppc64le|s390x|x86_64) 0:0.9.8-150400.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:28.2.2_ce-150000.227.1 (x86_64) 0:5.14.21-150500.13.82.1 (noarch) 0:5.14.21-150500.13.82.1 (aarch64|ppc64le|s390x|x86_64) 0:25.1-150500.12.11.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.29.1 (x86_64) 0:5.14.21-150500.13.100.2 (noarch) 0:5.14.21-150500.13.100.1 (x86_64) 0:4.17.5_10-150500.3.50.1 (aarch64|ppc64le|s390x|x86_64) 0:8.32-150400.9.9.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.23.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6-150000.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:20221126-150500.3.14.1 (aarch64|ppc64le|s390x|x86_64) 0:3006.0-150500.4.55.1 (aarch64|ppc64le|s390x|x86_64) 0:121-150500.3.6.1 (noarch) 0:1.66.0-150200.12.7.1 (aarch64|ppc64le|s390x|x86_64) 0:1.66.0-150200.12.7.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.116.1 (aarch64|x86_64) 0:5.14.21-150500.55.116.1.150500.6.55.1 (noarch) 0:5.14.21-150500.55.116.1 (aarch64|ppc64le|s390x|x86_64) 0:3.7.3-150400.4.50.1 (aarch64|ppc64le|s390x|x86_64) 0:3.50.2-150000.3.33.1 (aarch64|ppc64le|s390x|x86_64) 0:249.17-150400.8.49.2 (aarch64|ppc64le|s390x|x86_64) 0:1.16.0-150400.11.6.1 (aarch64|ppc64le|s390x|x86_64) 0:2.06-150500.29.53.1 (noarch) 0:2.06-150500.29.53.1 (s390x) 0:2.06-150500.29.53.1 (aarch64|ppc64le|s390x|x86_64) 0:3.5.1-150400.3.21.1 (aarch64|ppc64le|s390x|x86_64) 0:1.19.0.4-150000.4.7.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.32.1 (aarch64|ppc64le|s390x|x86_64) 0:1.9.4-150500.12.3.3 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.97.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.97.2 (aarch64|ppc64le|s390x|x86_64) 0:1.22.0-150500.3.14.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.46.1 (noarch) 0:4.9.5-150500.3.46.1 (aarch64|ppc64le|s390x|x86_64) 0:0.2.7+141-150500.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.9-150000.45.50.1 (x86_64) 0:5.14.21-150500.13.103.2 (noarch) 0:5.14.21-150500.13.103.2 (noarch) 0:2.10.1-150000.3.18.1 (aarch64|ppc64le|s390x|x86_64) 0:28.3.3_ce-150000.230.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6-150000.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:2.17.0-150500.3.6.1 (aarch64|ppc64le|s390x|x86_64) 0:0.2.8+12-150500.3.8.1 (aarch64|ppc64le|s390x|x86_64) 0:2.42.12-150400.5.14.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.0-150000.6.86.1 (noarch) 0:1.25.10-150300.4.18.1 (aarch64|ppc64le|s390x|x86_64) 0:2.9.2-150400.3.11.1 (aarch64|ppc64le|s390x|x86_64) 0:20250115.01-150000.1.41.1 (aarch64|ppc64le|s390x|x86_64) 0:2.43.7-150300.10.51.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.1-150500.3.12.1 (noarch) 0:0.18.2-150300.3.6.1 (x86_64) 0:20250812-150200.59.1 (aarch64|x86_64) 0:580.65.06-150500.3.73.7 (aarch64|x86_64) 0:580.65.06_k5.14.21_150500.55.116-150500.3.73.7 (aarch64|x86_64) 0:570.172.08_k5.14.21_150500.55.116-150500.3.73.7 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.12.1 (noarch) 0:3.0.0-150000.3.28.1 (noarch) 0:5.0.0-150000.3.38.1 (noarch) 0:5.0.0-150000.4.18.1 (aarch64|ppc64le|s390x|x86_64) 0:1.4.2-150200.8.3.1 (aarch64|ppc64le|s390x|x86_64) 0:2.0+git20170221.479bb4a-150000.5.13.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.7-150000.3.72.1 (aarch64|ppc64le|s390x|x86_64) 0:8.14.1-150400.5.69.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.7-150200.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:5.65-150500.3.14.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.1-150500.3.17.1 (aarch64|ppc64le|s390x|x86_64) 0:1.16.0-150400.11.9.1 (x86_64) 0:5.14.21-150500.13.106.1 (noarch) 0:5.14.21-150500.13.106.1 (noarch) 0:9.1.1629-150500.20.33.1 (aarch64|ppc64le|s390x|x86_64) 0:9.1.1629-150500.20.33.1 (aarch64|ppc64le|s390x|x86_64) 0:0.8-150400.7.23.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.121.2 (aarch64|x86_64) 0:5.14.21-150500.55.121.2.150500.6.57.2 (noarch) 0:5.14.21-150500.55.121.2 (aarch64|ppc64le|s390x|x86_64) 0:4.0.9-150000.45.55.1 (aarch64|ppc64le|s390x|x86_64) 0:3.2.3-150400.3.20.1 (x86_64) 0:13.0.0-150300.64.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.43.1 (aarch64|ppc64le|s390x|x86_64) 0:0.4.28-150000.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.40.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.20.1 (aarch64|ppc64le|s390x|x86_64) 0:2.4.22+git0.f8e3218e2-150400.3.25.1 (aarch64|ppc64le|s390x|x86_64) 0:9.16.50-150500.8.24.1 (noarch) 0:9.16.50-150500.8.24.1 (aarch64|ppc64le|s390x|x86_64) 0:4.17.12+git.510.0efaadf376b-150500.3.34.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.124.1 (aarch64|x86_64) 0:5.14.21-150500.55.124.1.150500.6.59.1 (noarch) 0:5.14.21-150500.55.124.1 (aarch64|ppc64le|s390x|x86_64) 0:2.7.1-150400.3.31.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.3-150000.3.29.1 (aarch64|ppc64le|s390x|x86_64) 0:8.0.1-150400.5.62.1 (aarch64|ppc64le|s390x|x86_64) 0:3.9.2-150200.4.27.1 (x86_64) 0:5.14.21-150500.13.109.1 (noarch) 0:5.14.21-150500.13.109.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.49.1 (noarch) 0:4.9.5-150500.3.49.1 (aarch64|x86_64) 0:5.9.0.git21.a73f509-150500.3.3.1 (noarch) 0:5.9.0.git21.a73f509-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.9.8-150400.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:4.1-150400.21.8.1 (noarch) 0:4.1-150400.21.8.1 (x86_64) 0:4.17.5_12-150500.3.53.1 (aarch64|ppc64le|s390x|x86_64) 0:3.112.2-150400.3.60.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.31.1 (noarch) 0:4.9.5-150500.3.31.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.34-150400.3.13.1 (aarch64|ppc64le|s390x|x86_64) 0:1.4.5-150400.4.9.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.9-150000.45.60.1 (aarch64|ppc64le|s390x|x86_64) 0:1.2.7-150000.80.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.27-150300.3.13.1 (noarch) 0:202208-150500.6.6.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.3-150000.85.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.56.2 (noarch) 0:4.9.5-150500.3.56.2 (aarch64|ppc64le|s390x|x86_64) 0:0.185-150400.5.8.3 (aarch64|ppc64le|s390x|x86_64) 0:9.16.50-150500.8.32.1 (noarch) 0:9.16.50-150500.8.32.1 (aarch64|ppc64le|s390x|x86_64) 0:8.4p1-150300.3.57.1 (x86_64) 0:5.14.21-150500.13.112.1 (noarch) 0:5.14.21-150500.13.112.1 (aarch64|ppc64le|s390x|x86_64) 0:2.06-150500.29.59.1 (noarch) 0:2.06-150500.29.59.1 (s390x) 0:2.06-150500.29.59.1 (aarch64|ppc64le|s390x|x86_64) 0:2.5.2-150500.10.39.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.59.1 (noarch) 0:4.9.5-150500.3.59.1 (aarch64|ppc64le|s390x|x86_64) 0:3.19.1-150000.1.57.1 (noarch) 0:3.19.1-150000.1.57.1 (aarch64|ppc64le|s390x|x86_64) 0:1.14.4-150300.11.16.1 (aarch64|ppc64le|s390x|x86_64) 0:1.7.29-150000.128.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.7-150000.3.77.1 (aarch64|ppc64le|s390x|x86_64) 0:8.14.1-150400.5.72.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.7-150000.3.80.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.127.1 (aarch64|x86_64) 0:5.14.21-150500.55.127.1.150500.6.61.1 (noarch) 0:5.14.21-150500.55.127.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.26.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.100.1 (aarch64|ppc64le|s390x|x86_64) 0:1.20.0-150100.10.22.1 (aarch64|ppc64le|s390x|x86_64) 0:2.52.12-150400.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.7-150000.3.83.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6.34-150000.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:3.19.1-150000.1.59.1 (noarch) 0:3.19.1-150000.1.59.1 (aarch64|ppc64le|s390x|x86_64) 0:3006.0-150500.4.65.1 (x86_64) 0:4.17.6_02-150500.3.56.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.29.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.130.3 (aarch64|x86_64) 0:5.14.21-150500.55.130.3.150500.6.63.3 (noarch) 0:5.14.21-150500.55.130.3 (aarch64|ppc64le|s390x|x86_64) 0:3.7.3-150400.4.53.1 (aarch64|x86_64) 0:22.11.10-150500.5.10.1 (aarch64|x86_64) 0:22.11.10_k5.14.21_150500.55.127-150500.5.10.1 (aarch64) 0:22.11.10-150500.5.10.1 (aarch64) 0:22.11.10_k5.14.21_150500.55.127-150500.5.10.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.34.2 (noarch) 0:4.9.5-150500.3.34.2 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.30.1 (noarch) 0:7.1.0-150500.49.30.1 (x86_64) 0:7.1.0-150500.49.30.1 (aarch64) 0:7.1.0-150500.49.30.1 (noarch) 0:1.0.0+-150500.49.30.1 (ppc64le) 0:7.1.0-150500.49.30.1 (s390x) 0:7.1.0-150500.49.30.1 (noarch) 0:1.16.0_0_gd239552-150500.49.30.1 (noarch) 0:8-150500.49.30.1 (aarch64|ppc64le|s390x|x86_64) 0:1.22.0-150500.3.5.1 (aarch64|ppc64le|s390x|x86_64) 0:1.22.0-150500.3.11.1 (aarch64|ppc64le|s390x|x86_64) 0:4.13-150000.4.11.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.81.1 (x86_64) 0:5.14.21-150500.13.85.1 (noarch) 0:5.14.21-150500.13.85.1 (aarch64|ppc64le|s390x|x86_64) 0:2.31-150300.92.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.94.1 (aarch64|x86_64) 0:5.14.21-150500.55.94.1.150500.6.43.1 (noarch) 0:5.14.21-150500.55.94.1 (aarch64|ppc64le|s390x|x86_64) 0:2.06-150500.29.43.2 (noarch) 0:2.06-150500.29.43.2 (s390x) 0:2.06-150500.29.43.2 (x86_64) 0:20250211-150200.53.1 (aarch64|ppc64le|s390x|x86_64) 0:3.17.1-150000.1.41.1 (noarch) 0:3.17.1-150000.1.41.1 (aarch64|ppc64le|s390x|x86_64) 0:8.4p1-150300.3.42.1 (noarch) 0:202208-150500.6.9.1 (aarch64|ppc64le|s390x|x86_64) 0:20250115.01-150000.1.44.1 (aarch64|ppc64le|s390x|x86_64) 0:2.90-150400.16.3.1 (aarch64|ppc64le|s390x|x86_64) 0:0.6.10-150100.3.6.1 (noarch) 0:9.1.1101-150500.20.21.1 (aarch64|ppc64le|s390x|x86_64) 0:9.1.1101-150500.20.21.1 (aarch64|ppc64le|s390x|x86_64) 0:3.3.17-150000.7.42.1 (aarch64|ppc64le|s390x|x86_64) 0:3.1.0-150500.3.22.1 (aarch64|ppc64le|s390x|x86_64) 0:23.03.0-150500.3.22.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.23.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6.5-150000.3.36.1 (noarch) 0:1.6.5-150000.3.36.1 (aarch64) 0:2021.10-150400.4.14.1 (aarch64|ppc64le|s390x|x86_64) 0:3.7.3-150400.4.47.1 (aarch64|ppc64le|s390x|x86_64) 0:1.14.4-150300.11.19.1 (aarch64|ppc64le|s390x|x86_64) 0:27.5.1_ce-150000.215.3 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.37.1 (noarch) 0:4.9.5-150500.3.37.1 (aarch64|ppc64le|s390x|x86_64) 0:0.44.0-150400.13.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.97.1 (aarch64|x86_64) 0:5.14.21-150500.55.97.1.150500.6.45.1 (noarch) 0:5.14.21-150500.55.97.1 (x86_64) 0:5.14.21-150500.13.88.1 (noarch) 0:5.14.21-150500.13.88.1 (aarch64|ppc64le|s390x|x86_64) 0:3.5.1-150400.3.18.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.4-150000.4.18.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.141.1 (aarch64|x86_64) 0:5.14.21-150500.55.141.1.150500.6.69.2 (noarch) 0:5.14.21-150500.55.141.1 (aarch64|ppc64le|s390x|x86_64) 0:3006.0-150500.4.68.2 (aarch64|ppc64le|s390x|x86_64) 0:249.17-150400.8.55.1 (aarch64|ppc64le|s390x|x86_64) 0:3.51.3-150000.3.39.1 (noarch) 0:1.25.10-150300.4.24.1 (x86_64) 0:5.14.21-150500.13.124.1 (noarch) 0:5.14.21-150500.13.124.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.109.1 (x86_64) 0:4.17.6_06-150500.3.62.2 (aarch64|ppc64le|s390x|x86_64) 0:1.7.29-150000.130.1 (noarch) 0:0.4.2-150000.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:2.7.1-150400.3.37.1 (aarch64|ppc64le|s390x|x86_64) 0:2.37.4-150500.9.20.1 (s390x) 0:2.37.4-150500.9.20.1 (aarch64|ppc64le|s390x|x86_64) 0:4.5.3-150000.3.19.1 (aarch64|ppc64le|s390x|x86_64) 0:1.34-150000.3.37.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.34.1 (aarch64|ppc64le|s390x|x86_64) 0:2.17.0-150500.3.15.1 (aarch64|ppc64le|s390x|x86_64) 0:9.16.50-150500.8.35.1 (noarch) 0:9.16.50-150500.8.35.1 (aarch64|ppc64le|s390x|x86_64) 0:1.40.0-150200.22.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.51.1 (noarch) 0:202208-150500.6.12.1 (aarch64|ppc64le|s390x|x86_64) 0:2.2.27-150300.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:4.5.3-150000.3.13.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.18-150000.4.11.1 (aarch64|ppc64le|s390x|x86_64) 0:4.13-150000.4.14.1 (aarch64|ppc64le|s390x|x86_64) 0:5.9.4-150300.15.21.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.19.1 (x86_64) 0:5.14.21-150500.13.118.1 (noarch) 0:5.14.21-150500.13.118.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.103.1 (aarch64|ppc64le|s390x|x86_64) 0:3.1.7-150500.3.25.1 (aarch64|ppc64le|s390x|x86_64) 0:23.03.3-150500.3.25.1 (x86_64) 0:4.17.6_04-150500.3.59.1 (noarch) 0:20230724-150500.3.15.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.133.1 (aarch64|x86_64) 0:5.14.21-150500.55.133.1.150500.6.65.1 (noarch) 0:5.14.21-150500.55.133.1 (aarch64|ppc64le|s390x|x86_64) 0:3.19.1-150000.1.62.1 (noarch) 0:3.19.1-150000.1.62.1 (x86_64) 0:5.14.21-150500.13.115.2 (noarch) 0:5.14.21-150500.13.115.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.1l-150500.17.46.1 (aarch64|ppc64le|s390x|x86_64) 0:1.0.18-150000.4.14.1 (aarch64|ppc64le|s390x|x86_64) 0:20240116.3-150500.13.10.1 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.36.2 (noarch) 0:7.1.0-150500.49.36.2 (x86_64) 0:7.1.0-150500.49.36.2 (aarch64) 0:7.1.0-150500.49.36.2 (noarch) 0:1.0.0+-150500.49.36.2 (ppc64le) 0:7.1.0-150500.49.36.2 (s390x) 0:7.1.0-150500.49.36.2 (noarch) 0:1.16.0_0_gd239552-150500.49.36.2 (noarch) 0:8-150500.49.36.2 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.35.1 (aarch64|ppc64le|s390x|x86_64) 0:3.2.3-150400.3.26.1 (noarch) 0:0.4.2-150000.3.13.1 (aarch64|ppc64le|s390x|x86_64) 0:3.51.2-150000.3.36.1 (noarch) 0:1.25.10-150300.4.21.1 (aarch64|x86_64) 0:580.126.09-150500.3.85.1 (aarch64|x86_64) 0:580.126.09_k5.14.21_150500.55.133-150500.3.85.1 (aarch64|ppc64le|s390x|x86_64) 0:2.70.5-150400.3.34.1 (aarch64|ppc64le|s390x|x86_64) 0:0.2.8+116-150500.3.11.1 (aarch64|ppc64le|s390x|x86_64) 0:5.14.21-150500.55.136.1 (aarch64|x86_64) 0:5.14.21-150500.55.136.1.150500.6.67.1 (noarch) 0:5.14.21-150500.55.136.1 (aarch64|ppc64le|s390x|x86_64) 0:3.19.1-150000.1.64.1 (noarch) 0:3.19.1-150000.1.64.1 (x86_64) 0:5.14.21-150500.13.121.1 (noarch) 0:5.14.21-150500.13.121.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.26.1 (aarch64|ppc64le|s390x|x86_64) 0:8.14.1-150400.5.77.1 (aarch64|ppc64le|s390x|x86_64) 0:25.1-150500.12.14.1 (s390x) 0:3.23.0-150500.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:2.10.3-150500.5.38.1 (aarch64|ppc64le|s390x|x86_64) 0:1.10.1-150400.3.9.1 (aarch64|ppc64le|s390x|x86_64) 0:0.8-150400.7.26.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6.34-150000.3.19.1 (aarch64|ppc64le|s390x|x86_64) 0:4.0.2-150500.3.3.1 (aarch64|ppc64le|s390x|x86_64) 0:3.9.2-150200.4.30.1 (aarch64|ppc64le|s390x|x86_64) 0:3.6.15-150300.10.106.1 (aarch64|ppc64le|s390x|x86_64) 0:28.5.1_ce-150000.241.2 (aarch64|ppc64le|s390x|x86_64) 0:0.29.0-150000.241.2 (x86_64) 0:20260210-150200.62.1 (aarch64|ppc64le|s390x|x86_64) 0:4.9.5-150500.3.62.2 (noarch) 0:4.9.5-150500.3.62.2 (aarch64|ppc64le|s390x|x86_64) 0:2.2.27-150300.3.19.1 (aarch64|x86_64) 0:16.1-150300.4.31.3 (aarch64|ppc64le|s390x|x86_64) 0:1.2.13-150500.4.6.1 (aarch64|ppc64le|s390x|x86_64) 0:9.0.0-150500.6.26.1 (aarch64|x86_64) 0:9.0.0-150500.6.26.1 (aarch64|ppc64le|s390x|x86_64) 0:1.1.34-150400.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:3.112.3-150400.3.63.1 (aarch64|ppc64le|s390x|x86_64) 0:2.7.1-150400.3.34.1 (aarch64|ppc64le|s390x|x86_64) 0:2.74.2-150400.3.31.1 (aarch64|ppc64le|s390x|x86_64) 0:4.5.3-150000.3.16.1 (aarch64|ppc64le|s390x|x86_64) 0:2.37.4-150500.9.23.1 (s390x) 0:2.37.4-150500.9.23.1 (aarch64|ppc64le|s390x|x86_64) 0:3.7.3-150400.4.56.1 (aarch64|ppc64le|s390x|x86_64) 0:7.1.0-150500.49.39.2 (noarch) 0:7.1.0-150500.49.39.2 (x86_64) 0:7.1.0-150500.49.39.2 (aarch64) 0:7.1.0-150500.49.39.2 (noarch) 0:1.0.0+-150500.49.39.2 (ppc64le) 0:7.1.0-150500.49.39.2 (s390x) 0:7.1.0-150500.49.39.2 (noarch) 0:1.16.0_0_gd239552-150500.49.39.2 (noarch) 0:8-150500.49.39.2 (aarch64|ppc64le|s390x|x86_64) 0:2.31-150300.98.1 (noarch) 0:9.2.0110-150500.20.43.1 (aarch64|ppc64le|s390x|x86_64) 0:9.2.0110-150500.20.43.1 (aarch64|ppc64le|s390x|x86_64) 0:8.14.1-150400.5.80.1 (aarch64|ppc64le|s390x|x86_64) 0:1.6-150000.3.12.1 (aarch64|ppc64le|s390x|x86_64) 0:3.19.1-150000.1.66.1 (noarch) 0:3.19.1-150000.1.66.1 (aarch64|ppc64le|s390x|x86_64) 0:1.3.4-150000.90.1 (aarch64|ppc64le|s390x|x86_64) 0:28.5.1_ce-150000.243.1 (aarch64|ppc64le|s390x|x86_64) 0:0.29.0-150000.243.1